ReversingLabs Accelerates Strategy to Secure Software Supply Chain, Appoints Peter Doggart as Chief Operating Officer
Read More
Secrets Exposed: An Essential Guide to Securing Secrets in Software
Read eBook
New App Sec Series | Software Package Deconstruction
Learn More
ReversingLabs and Synopsys Join Forces to Combat Software Supply Chain Threats
Learn More

Security Operations (2)

The Week in Security: Twitter gets subpoena for source code leak, 3CX supply chain attack surfaces
March 30, 2023

The Week in Security: Twitter gets subpoena for source code leak, 3CX supply chain attack surfaces

This week: GitHub is issued a subpoena by Twitter over leaked source code. Also: 3CX software supply chain attack leaves millions at risk.
Read More
The Week in Security: YoroTrooper steals credentials in Europe, AI-created videos spread malware
March 16, 2023

The Week in Security: YoroTrooper steals credentials in Europe, AI-created videos spread malware

A Russian-speaking threat actor has breached several European organizations. Also: AI-created videos on YouTube are spreading infostealer malware.
Read More
The Week in Security: Lazarus attacks same South Korean entity twice, use of hard-coded secrets is up
March 9, 2023

The Week in Security: Lazarus attacks same South Korean entity twice, use of hard-coded secrets is up

North Korean-linked hacking group Lazarus attacked the same South Korean financial entity twice in 2022. Also: The number of hard-coded secrets is way up.
Read More
The Week in Security: LastPass shares disturbing breach details, CISA calls for software maker liability
March 2, 2023

The Week in Security: LastPass shares disturbing breach details, CISA calls for software maker liability

New details expose that the recent hack on LastPass was worse than previously thought. Also: CISA has called for for software makers who develop insecure software to be held liable.
Read More
The Week in Security: U.S. Special Ops Command server exposed emails, phishing campaign hits npm
February 23, 2023

The Week in Security: U.S. Special Ops Command server exposed emails, phishing campaign hits npm

A misconfiguration likely caused a U.S. government server to leak sensitive military emails, and a massive phishing spam campaign has taken over npm.
Read More
The Week in Security: Russian hackers targeted U.S. gas and electric, malicious PyPI packages show prowess
February 16, 2023

The Week in Security: Russian hackers targeted U.S. gas and electric, malicious PyPI packages show prowess

This week: Russian-linked PIPEDREAM malware targeted critical infrastructure. Also: 400 malicious packages found on PyPI demonstrates attacker prowess.
Read More
The Week in Security: After breach, 'unusual activity' detected in GoTo and LastPass dev environments
January 26, 2023

The Week in Security: After breach, 'unusual activity' detected in GoTo and LastPass dev environments

This week: GoTo says its 2022 breach was worse than reported, also affecting LastPass. Also: A hacktivist finds FBI No Fly list on an unsecured server.
Read More
Shift the SOC left: Why your organization should integrate DevOps with Security Operations
January 9, 2023

Shift the SOC left: Why your organization should integrate DevOps with Security Operations

The collaboration between SOCs and software development teams is essential for ensuring your organization's software security. Here's why. 
Read More
The Week in Security: Ransomware attacks close out 2022 with a bang, PyTorch compromise explored
January 5, 2023

The Week in Security: Ransomware attacks close out 2022 with a bang, PyTorch compromise explored

The tail-end of 2022 was plagued by ransomware attacks on critical infrastructure. Also, we break down the PyTorch software supply chain attack.
Read More
The Week in Security: Wiper malware rains down on 2022, Microsoft certificates abused
December 15, 2022

The Week in Security: Wiper malware rains down on 2022, Microsoft certificates abused

This week: Twelve malware wipers have been discovered in 2022. Also: The Cuba ransomware gang abused Microsoft certificates to sign malware.
Read More
How deep scanning protects your data in the cloud
December 13, 2022

How deep scanning protects your data in the cloud

Organizations need to look beyond traditional approaches for protecting their data in the cloud. Here's how deep scanning's modern approach reduces risk. 
Read More
The Week in Security: Disguised Russian software used in U.S. Army, CDC applications
November 17, 2022

The Week in Security: Disguised Russian software used in U.S. Army, CDC applications

This week: software security and international relations collide as one tech company falsely brands itself as a U.S. software supplier. Also: a Canadian supermarket chain has been hit with a ransomware attack. 
Read More

SUBSCRIBE

Get the Best of the ReversingLabs newsletter delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

ConversingLabs Cafe: Chris Romeo on the state of application security ConversingLabs Cafe: Chris Romeo on the state of application security
Conversations About Threat Hunting and Software Supply Chain Security
Behaviors & Diffs: Better Together for Software Supply Chain Security Behaviors & Diffs: Better Together for Software Supply Chain Security
Glassboard conversations with ReversingLabs Field CISO Matt Rose
Software Package Deconstruction: Deconstructing UPS Ship Manager Software Package Deconstruction: Deconstructing UPS Ship Manager
Analyzing Risks To Your Software Supply Chain