Security Operations (2)

June 22, 2023

The Week in Security: BlackCat threatens to leak Reddit data, attackers target npm packages (again)

This week: BlackCat hackers threaten to leak Reddit’s data. Also: Hijacked S3 buckets are being used in attacks on npm packages.
June 15, 2023

The Week in Security: Ukraine APT attacks tied to Russia, critical eye placed on AI-generated software

This week: Microsoft finds APT group attacking Ukraine is in cahoots with the Russian government. Also: A critical look at AI-generated software.
June 5, 2023

5 AI threats keeping SOC teams up at night

Here are five AI threats that your security operations team should be planning and budgeting for if you want to stay ahead of the emerging threat with AI.
June 1, 2023

The Week in Security: Barracuda email flaw left open for months, calls for AI governance turn existential

This week: Barracuda’s appliances had an undetected flaw, which was abused by hackers for months. Also: Could AI bring on an ‘extinction event?’
May 25, 2023

The Week in Security: Lazarus targets Microsoft servers in espionage campaign, the future of PyPI

This week: North Korean APT Lazarus uses Microsoft IIS servers to carry out espionage. Also: What’s the future of PyPI amidst continuing attacks?
May 11, 2023

The Week in Security: Coalition takes down Russia's Snake espionage tool, GitHub plugs API leaks

U.S. and other countries take down Russia’s Snake malware, used to conduct global espionage. Also: GitHub auto-blocks API key and token leaks for all repos.
May 8, 2023

Modernize your SOC with advanced malware analysis, real supply chain security — and best practices

Today's SOCs need the right tools for malware and supply chain security. Here's why — and best practices for a modern SOC.
May 2, 2023

How to operationalize SBOMs for incident response

Learn why Software Bills of Materials are essential for cybersecurity incident response — and how to put them to work.
May 1, 2023

RSAC in review: Supply chain security, cyber war and AI

The stakes were raised at RSAC 2023: A “hot” cyber war in Ukraine, supply chain attacks on the rise — and let's not forget about artificial intelligence.
April 27, 2023

The Week in Security: A possible Colonial Pipeline 2.0, ransomware takes bite out of American eateries

This week: Canadian gas pipeline explosion could have been caused by a cyber attack. Also: Financial services firm NCR hit with a ransomware attack.
April 19, 2023

Secrets Exposed: The why, the how – and what to do about – secrets security in software

Secrets are increasingly exposed in code, creating a field-day for malicious actors. Here are key takeaways from our Secrets Exposed special report.
April 18, 2023

What’s hot at RSA Conference 2023: 6 must-see malware analysis and threat hunting talks

There is so much to take in at RSAC. Cut through the noise with our list of threat-focused talks you don't want to miss.

SUBSCRIBE

Get our blog delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

ConversingLabs: The State of Open Source Software Security ConversingLabs: The State of Open Source Software Security
Conversations About Threat Hunting and Software Supply Chain Security
ReversingGlass: SBOMS and threat modeling ReversingGlass: SBOMS and threat modeling
Glassboard conversations with ReversingLabs Field CISO Matt Rose
Software Package Deconstruction: Video Conferencing Software Software Package Deconstruction: Video Conferencing Software
Analyzing Risks To Your Software Supply Chain