Gaps in the NVD increase U.S. cyber threat
Discrepancies in reports to the national vulnerability databases (NVD) show the U.S. lags behind China, exposing U.S. firms to cyber attacks.
Threat Research
Gaps in the NVD increase U.S. cyber threat
From the Labs: YARA Rule for Detecting Nokoyawa
ReversingLabs’ YARA detection rule for Nokoyawa can help you find this ransomware in your environment.
Threat analysis: Malicious npm package mimics Material Tailwind CSS tool
ReversingLabs has discovered a malicious npm package disguised as the software tool Material Tailwind. Here's an in-depth look at our discovery — and threat analysis.
From the Labs: YARA Rule for Detecting GoodWill
ReversingLabs’ YARA detection rule for GoodWill can help you find this ransomware in your environment.
ConversingLabs: Unpacking the Follina exploit
In our latest episode of the ConversingLabs podcast, host Paul Roberts interviews ReversingLabs researcher Joseph Edwards about his analysis of Follina, a newly discovered exploit with a pretty name, but nasty intentions.
From the Labs: YARA Rule for Detecting Blue Locker
ReversingLabs’ open source YARA detection rule for Blue Locker can help you find this ransomware in your environment.
From the Labs: YARA Rule for Detecting Acepy
ReversingLabs’ YARA detection rule for Acepy can help you find this ransomware in your environment.
New malicious packages in PyPI: What it means for securing open source repositories
After a recent discovery of malicious PyPI packages, questions remain about the security community’s ability to mitigate threats posed to open source repositories.
How abuse.ch evolved into an essential threat hunting platform
GwisinLocker ransomware targets South Korean industrial and pharma firms
...
Threat analysis: Follina exploit fuels 'live-off-the-land' attacks
An analysis of three in-the-wild payloads delivered using the recently discovered Follina exploit shows how attackers can use it to achieve persistent access in victim environments and turbo-charge efforts to ‘live off the land’ and avoid detection by security monitoring tools.
CISA: Log4j threat will linger for years—so be prepared
A survey of the post-Log4j landscape found few successful hacks linked to it. The bad news? Log4Shell will linger for years — so you need to prepare.
The Week in Cybersecurity: Chips hit by 'Retbleed', journalists the chosen target of APTs
A new attack known as ‘Retbleed’ impacts microprocessors, journalists are becoming desirable targets for cybercriminals, and more.
Update: IconBurst npm software supply chain attack grabs data from apps and websites
ReversingLabs researchers have uncovered a widespread campaign to install malicious npm modules that are harvesting sensitive data from forms embedded in mobile apps and websites.
Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs
ReversingLabs recently discovered instances of the AstraLocker 2.0 malware distributed directly from Microsoft Word files used in phishing attacks.