2025 Gartner® Market Guide for Software Supply Chain Security
Read Now
Modernize Your Malware Analysis
Download White Paper
Looking for an alternative to VirusTotal? We've got you covered.
Learn More
RL Blog

Threat Research (11)

Breaking the Microsoft Authenticode security model

Breaking the Microsoft Authenticode security model

Authenticode is a Microsoft code signing technology software publishers use to guarantee the origin and integrity of their applications. The vast majority of modern software applications are actively using it and depend on its integrity validation system.
Read More
Breaking the Linux Authenticode security model

Breaking the Linux Authenticode security model

Portable executable is probably the most prolific application format used for code distribution. It can be found on a wide variety of hardware and software platforms. That’s why it is no wonder that many systems, other than its native Windows, end up supporting it in one way or another.
Read More
Breaking the UEFI firmware Authenticode security model

Breaking the UEFI firmware Authenticode security model

Unified Extensible Firmware Interface (UEFI) is a specification that defines the interfaces between the operating system and the platform firmware. Originally developed by Intel, and now supported by an alliance of software and hardware vendors, UEFI quickly became a standard that displaced the legacy basic input/output system (BIOS).
Read More
Mirai Botnet Continues to Plague IoT Space

Mirai Botnet Continues to Plague IoT Space

With growing interest in the potential of IoT and connected things, attackers have found opportunities to exploit these devices. New malware and botnets are being specifically built to target IoT devices.
Read More
The PDF invoice that phished you

The PDF invoice that phished you

Phishing attacks are deception attempts that try to trick a person into clicking a link that leads to a credential-stealing page or a malicious application download. Relying on social engineering tactics, they have the potential to grant attackers unauthorized access to infrastructure, services, or information.
Read More
Ransomware in exotic email attachments

Ransomware in exotic email attachments

In the software arena, winning the mind share means becoming widespread to the point of being considered a de facto standard. And when it comes to the ways in which information is shared, this means being the object format everyone gravitates to. While aspirational for many software vendors, such success is impossible to predict, difficult to achieve, and challenging to maintain.
Read More
Catching deceptive links before the phish

Catching deceptive links before the phish

A person may not necessarily have to be a security expert to know when the URL is a bit off. One might feel that the domain is unusually long, or that there are not that many popular websites ending with the top-level domain .services. But what if an average user saw one of these URLs next to a green lock and letters saying Secure? Would they stop to think twice?
Read More
‹ previous next ›

    Special Reports

    The 2025 Software Supply Chain Security Report

    The 2025 Software Supply Chain Security Report

    Software supply chain attacks are an increasingly popular tool for malicious actors. And the rapid embrace of AI and machine learning (ML) tools is introducing new supply chain risks. Here's what your organization needs to know.

    March 12, 2025