Blog | ReversingLabs | Threat Research (4)

December 1, 2022

ZetaNile: Open source software trojans from North Korea

ReversingLabs Malware Researcher Joseph Edwards takes a deep dive into ZetaNile, a set of open-source software trojans being used by Lazarus/ZINC.

November 14, 2022

How to write detailed YARA rules for malware detection

New malware appears or evolves daily, so updating tools like YARA rules for detection is critical. Here's how my research team develops YARA rules.

September 26, 2022

Gaps in the NVD increase U.S. cyber threat

Discrepancies in national vulnerability database reports show the U.S. lags behind China, possibly exposing U.S. firms to cyber attacks, Sophos finds.

September 23, 2022

Threat analysis: Malicious npm package mimics Material Tailwind CSS tool

ReversingLabs has discovered a malicious npm package disguised as the software tool Material Tailwind. Here's an in-depth look at our discovery — and threat analysis. (Updated with MachO executable information.)

September 8, 2022

ConversingLabs: Unpacking the Follina exploit

In this ConversingLabs podcast, Paul Roberts interviews ReversingLabs researcher Joseph Edwards about his analysis of Follina, a newly discovered exploit.

August 29, 2022

New malicious packages in PyPI: What it means for securing open source repositories

After a recent discovery of malicious PyPI packages, questions remain about the security community’s ability to mitigate threats posed to open source repositories.

August 24, 2022

How abuse.ch evolved into an essential threat hunting platform

When Roman Hüssy started abuse.ch, it began as a simple threat research blog. Now, the project offers an open source threat hunting platform to users worldwide.

August 9, 2022

GwisinLocker ransomware targets South Korean industrial and pharma firms

GwisinLocker is a new ransomware family that targets Linux in industrial and pharma companies with sophisticated "double extortion" ransomware campaigns.

July 27, 2022

Threat analysis: Follina exploit fuels 'live-off-the-land' attacks

An analysis of three in-the-wild payloads delivered using the Follina exploit shows how attackers can boost efforts to avoid detection by security tools.

July 19, 2022

CISA: Log4j threat will linger for years—so be prepared

A survey of the post-Log4j landscape found few successful hacks linked to it. The bad news? Log4Shell will linger for years — so you need to prepare.

July 15, 2022

The Week in Cybersecurity: Chips hit by 'Retbleed', journalists the chosen target of APTs

This week: a new attack known as ‘Retbleed’ impacts microprocessors, journalists are becoming desirable targets for cybercriminals, and more.

July 5, 2022

Update: IconBurst npm software supply chain attack grabs data from apps and websites

ReversingLabs researchers uncovered a widespread campaign to install malicious NPM modules that are harvesting sensitive data from forms embedded in mobile applications and websites.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

Threat Research (4)

ZetaNile: Open source software trojans from North Korea

How to write detailed YARA rules for malware detection

Gaps in the NVD increase U.S. cyber threat

Threat analysis: Malicious npm package mimics Material Tailwind CSS tool

ConversingLabs: Unpacking the Follina exploit

New malicious packages in PyPI: What it means for securing open source repositories

How abuse.ch evolved into an essential threat hunting platform

GwisinLocker ransomware targets South Korean industrial and pharma firms

Threat analysis: Follina exploit fuels 'live-off-the-land' attacks

CISA: Log4j threat will linger for years—so be prepared

The Week in Cybersecurity: Chips hit by 'Retbleed', journalists the chosen target of APTs

Update: IconBurst npm software supply chain attack grabs data from apps and websites

Topics

Special Reports

The State of Software Supply Chain Security 2024

Upcoming Webinars

ConversingLabs

Threat Research (4)

Topics

Follow us

Subscribe

Special Reports