From the Labs: YARA Rule for Detecting Black Basta
ReversingLabs’ YARA detection rule for Black Basta can help you find this ransomware in your environment.
Read More about From the Labs: YARA Rule for Detecting Black BastaThreat Research
From the Labs: YARA Rule for Detecting Black Basta
The Week in Security: When AI attacks, ChatGPT lowers the bar for developing malware
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
Read More about The Week in Security: When AI attacks, ChatGPT lowers the bar for developing malware
How to harden machine learning models against adversarial attacks
As attacks become more sophisticated, it is imperative to harden machine learning (ML) models and reduce the adversary’s ability to evade detection.
Read More about How to harden machine learning models against adversarial attacks
SentinelSneak: Malicious PyPI module poses as security software development kit
A malicious Python file found on the PyPI repository adds backdoor and data exfiltration features to what appears to be a legitimate SDK client from SentinelOne.
Read More about SentinelSneak: Malicious PyPI module poses as security software development kit
W4SP continues to nest in PyPI: Same supply chain attack, different distribution method
Days after researchers for Phylum and Checkmarx revealed an ongoing software supply chain attack spreading the W4SP Stealer malware through malicious packages on the Python Package Index (PyPI), ReversingLabs researchers discovered 10 additional PyPI packages pushing modified versions of W4SP that were overlooked.
Read More about W4SP continues to nest in PyPI: Same supply chain attack, different distribution method
ZetaNile: Open source software trojans from North Korea
ReversingLabs Malware Researcher Joseph Edwards takes a deep dive into ZetaNile, a set of open-source software trojans being used by Lazarus/ZINC.
Read More about ZetaNile: Open source software trojans from North Korea
How to write detailed YARA rules for malware detection
New malware appears or evolves daily, so updating tools like YARA rules for detection is critical. Here's how my research team develops YARA rules.
Read More about How to write detailed YARA rules for malware detection
From the Labs: YARA Rule for Detecting GwisinLocker
ReversingLabs’ YARA detection rule for GwisinLocker can help you find this ransomware in your environment.
Read More about From the Labs: YARA Rule for Detecting GwisinLocker
From the Labs: YARA Rule for Detecting LockBit
ReversingLabs’ YARA detection rule for LockBit can help you detect this malicious ransomware in your environment. We break it down for you here.
Read More about From the Labs: YARA Rule for Detecting LockBit
Gaps in the NVD increase U.S. cyber threat
Discrepancies in reports to the national vulnerability databases (NVD) show the U.S. lags behind China, exposing U.S. firms to cyber attacks.
Read More about Gaps in the NVD increase U.S. cyber threat
From the Labs: YARA Rule for Detecting Nokoyawa
ReversingLabs’ YARA detection rule for Nokoyawa can help you find this ransomware in your environment.
Read More about From the Labs: YARA Rule for Detecting Nokoyawa
Threat analysis: Malicious npm package mimics Material Tailwind CSS tool
ReversingLabs has discovered a malicious npm package disguised as the software tool Material Tailwind. Here's an in-depth look at our discovery — and threat analysis.
Read More about Threat analysis: Malicious npm package mimics Material Tailwind CSS tool
From the Labs: YARA Rule for Detecting GoodWill
ReversingLabs’ YARA detection rule for GoodWill can help you find this ransomware in your environment.
Read More about From the Labs: YARA Rule for Detecting GoodWill
ConversingLabs: Unpacking the Follina exploit
In our latest episode of the ConversingLabs podcast, host Paul Roberts interviews ReversingLabs researcher Joseph Edwards about his analysis of Follina, a newly discovered exploit with a pretty name, but nasty intentions.
Read More about ConversingLabs: Unpacking the Follina exploit
From the Labs: YARA Rule for Detecting Blue Locker
ReversingLabs’ open source YARA detection rule for Blue Locker can help you find this ransomware in your environment.
Read More about From the Labs: YARA Rule for Detecting Blue Locker