A Final Exam for Software Supply Chain Protection
ReversingLabs’ Director of Product Management Charlie Jones explains how the attack surface within today’s software supply chains has grown exponentially.
A Final Exam for Software Supply Chain Protection
SecurityWeek: VulnerabilitiesCVE and NVD – A Weak and Fractured Source of Vulnerability Truth
The Common Vulnerabilities and Exposures (CVE) List and the consequent National Vulnerability Database (NVD) can no longer be considered a single central source of vulnerability truth.
The Hacker News: Sketchy NuGet Package Likely Linked to Industrial Espionage Targets Developers
Threat hunters have identified a suspicious package in the NuGet package manager that's likely designed to target developers working with tools made by a Chinese firm that specializes in industrial- and digital equipment manufacturing.
-1400x732.webp&w=3840&q=75)
SecurityWeek: Suspicious NuGet Package Harvesting Information From Industrial Systems
A suspicious NuGet package likely targets developers working with technology from Chinese firm Bozhon.
The Hacker News - Watch Out: These PyPI Python Packages Can Drain Your Crypto Wallets
The software supply chain attack campaign has been codenamed BIPClip by ReversingLabs. The packages were collectively downloaded 7,451 times prior to them being removed from PyPI.
The New Stack: Python Users: BIPClip Is After Your Bitcoin Wallet, Via PyPI
ReversingLabs has uncovered a nefarious hacking campaign aimed at pilfering cryptocurrency wallet recovery phrases
TechRadar: Watch out — these malicious PyPl packages could drain your wallet, and they've already been downloaded thousands of times
Researchers discover seven crypto-draining package
Help Net Security: NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure
The National Institute of Standards and Technology (NIST) has updated its widely utilized Cybersecurity Framework (CSF), a key document for mitigating cybersecurity risks
DevOps.com: ReversingLabs Applies AI to Better Secure Application Binaries
ReversingLabs this week launched a binary analysis tool that uses machine learning algorithms to identify risks before and after applications are deployed.
Help Net Security: Software supply chain attacks are getting easier
ReversingLabs identified close to 11,200 unique malicious packages across three major open-source software platforms in 2023: npm, PyPI, and RubyGems.
Axios - Exclusive: Open-source tools fire up supply chain attacks
Open-source code and legitimate hacking tools have contributed to the rising popularity of a once-rare and complicated type of cyberattack, according to new research shared exclusively with Axios.
Supply Chain Brain: DigiCert and ReversingLabs Agree to Partnership
DigiCert announced that it had partnered with ReversingLabs June 6 to enhance supply chain software security by combining ReversingLabs’ binary analysis and threat detection services with DigiCert’s secure code signing solution.
CSO: 14 lessons CISOs learned in 2022
The coming new year is a good moment for chief information security officers to reflect upon what they've learned this year and how to apply this knowledge going forward.
The New Yorker: After the SolarWinds Hack, We Have No Idea What Cyber Dangers We Face
A hacking team planted malware in a routine software upgrade from a Texas-based company SolarWinds.
CRN: 25 Hot Risk, Operations And Threat Intelligence Platforms At RSA 2020
New and enhanced capabilities for the ReversingLabs Titanium Platform deliver transparent and trusted malware insights that address the security skills gap