Blog | ReversingLabs | Threat Research (7)

August 9, 2022

GwisinLocker ransomware targets South Korean industrial and pharma firms

GwisinLocker is a new ransomware family that targets Linux in industrial and pharma companies with sophisticated "double extortion" ransomware campaigns.

July 27, 2022

Threat analysis: Follina exploit fuels 'live-off-the-land' attacks

An analysis of three in-the-wild payloads delivered using the Follina exploit shows how attackers can boost efforts to avoid detection by security tools.

July 19, 2022

CISA: Log4j threat will linger for years—so be prepared

A survey of the post-Log4j landscape found few successful hacks linked to it. The bad news? Log4Shell will linger for years — so you need to prepare.

July 15, 2022

The Week in Cybersecurity: Chips hit by 'Retbleed', journalists the chosen target of APTs

This week: a new attack known as ‘Retbleed’ impacts microprocessors, journalists are becoming desirable targets for cybercriminals, and more.

July 5, 2022

Update: IconBurst npm software supply chain attack grabs data from apps and websites

ReversingLabs researchers uncovered a widespread campaign to install malicious NPM modules that are harvesting sensitive data from forms embedded in mobile applications and websites.

June 28, 2022

Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs

ReversingLabs recently discovered instances of the AstraLocker 2.0 malware distributed directly from Microsoft Word files used in phishing attacks.

June 2, 2022

Go below the surface on tampering: The trouble with software integrity validation

The growing number of software supply chain attacks is putting pressure on validation of software integrity

June 1, 2022

It’s not a secret if you publish it on PyPI

Python packages can contain sensitive information. Here's how software development teams can keep secrets secret.

June 1, 2022

Coinminer and npm: What you see is not always what you get

Source code analysis is always useful. It helps you detect threats early in the dev process. But it shouldn’t be the only tool in your security arsenal.

May 13, 2022

From the Labs: YARA Rule for Detecting Conti

ReversingLabs provides tools to detect the CONTI ransomware family - a leading ransomware as a service outfit

May 13, 2022

From the Labs: YARA Rule for Detecting Malware Wipers

ReversingLabs has released three new YARA rules to detect HermeticWiper, IsaacWiper, and CaddyWiper

May 10, 2022

Update: NPM dependency confusion hacks target German firms

Research by ReversingLabs suggests that dependency confusion attacks on npm repositories have been used to compromise leading German firms in recent weeks.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

Threat Research (7)

GwisinLocker ransomware targets South Korean industrial and pharma firms

Threat analysis: Follina exploit fuels 'live-off-the-land' attacks

CISA: Log4j threat will linger for years—so be prepared

The Week in Cybersecurity: Chips hit by 'Retbleed', journalists the chosen target of APTs

Update: IconBurst npm software supply chain attack grabs data from apps and websites

Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs

Go below the surface on tampering: The trouble with software integrity validation

It’s not a secret if you publish it on PyPI

Coinminer and npm: What you see is not always what you get

From the Labs: YARA Rule for Detecting Conti

From the Labs: YARA Rule for Detecting Malware Wipers

Update: NPM dependency confusion hacks target German firms

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

Threat Research (7)

Topics

Follow us

Subscribe

Special Reports