In our latest episode of the ConversingLabs podcast, host Paul Roberts interviews ReversingLabs researcher Joseph Edwards about his analysis of Follina, a newly discovered exploit with a pretty name, but nasty intentions.
Read More about ConversingLabs: Unpacking the Follina exploit
ReversingLabs’ open source YARA detection rule for Blue Locker can help you find this ransomware in your environment.
Read More about From the Labs: YARA Rule for Detecting Blue Locker
ReversingLabs’ YARA detection rule for Acepy can help you find this ransomware in your environment.
Read More about From the Labs: YARA Rule for Detecting Acepy
After a recent discovery of malicious PyPI packages, questions remain about the security community’s ability to mitigate threats posed to open source repositories.
Read More about New malicious packages in PyPI: What it means for securing open source repositories
Read More about How abuse.ch evolved into an essential threat hunting platform
...
Read More about GwisinLocker ransomware targets South Korean industrial and pharma firms
An analysis of three in-the-wild payloads delivered using the recently discovered Follina exploit shows how attackers can use it to achieve persistent access in victim environments and turbo-charge efforts to ‘live off the land’ and avoid detection by security monitoring tools.
Read More about Threat analysis: Follina exploit fuels 'live-off-the-land' attacks
A survey of the post-Log4j landscape found few successful hacks linked to it. The bad news? Log4Shell will linger for years — so you need to prepare.
Read More about CISA: Log4j threat will linger for years—so be prepared
A new attack known as ‘Retbleed’ impacts microprocessors, journalists are becoming desirable targets for cybercriminals, and more.
Read More about The Week in Cybersecurity: Chips hit by 'Retbleed', journalists the chosen target of APTs
ReversingLabs researchers have uncovered a widespread campaign to install malicious npm modules that are harvesting sensitive data from forms embedded in mobile apps and websites.
Read More about Update: IconBurst npm software supply chain attack grabs data from apps and websites
ReversingLabs recently discovered instances of the AstraLocker 2.0 malware distributed directly from Microsoft Word files used in phishing attacks.
Read More about Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs
The growing number of software supply chain attacks is putting pressure on validation of software integrity and authenticity.
Read More about Go below the surface on tampering: The trouble with software integrity validation
Python packages can contain sensitive information. Here's how software development teams can keep secrets secret
Read More about It’s not a secret if you publish it on PyPI
Package repository content can be different from source code repository content. Here's what your software team needs to know.
Read More about Coinminer and npm: What you see is not always what you get
ReversingLabs’ team of threat analysts have released new YARA detection rules for malware wipers discovered targeting Ukraine. We break them down for you here.
Read More about From the Labs: YARA Rule for Detecting Malware Wipers