Blog | ReversingLabs | Carolynn van Arsdale (4)

June 22, 2023

The Week in Security: BlackCat threatens to leak Reddit data, attackers target npm packages (again)

This week: BlackCat hackers threaten to leak Reddit’s data. Also: Hijacked S3 buckets are being used in attacks on npm packages.

June 21, 2023

MITRE’s System of Trust: A discussion about standardizing software supply chain risk

Robert Martin of MITRE and Cassie Crossley of Schneider Electric discuss how MITRE’s System of Trust helps operationalize software supply chain security.

June 15, 2023

The Week in Security: Ukraine APT attacks tied to Russia, critical eye placed on AI-generated software

This week: Microsoft finds APT group attacking Ukraine is in cahoots with the Russian government. Also: A critical look at AI-generated software.

June 8, 2023

The Week in Security: AI hallucinations linked to software supply chain risk, CI fix deemed critical

Researchers link ChatGPT hallucinations and software supply chain threat. Also, a watch group says better critical infrastructure security is needed.

June 1, 2023

The state of app sec with Chris Romeo: The year of the application is near

ConversingLabs caught up with Chris Romeo of Kerr Ventures at RSA Conference 2023 to talk about the state of application security. Watch (or listen) — and learn.

June 1, 2023

The Week in Security: Barracuda email flaw left open for months, calls for AI governance turn existential

This week: Barracuda’s appliances had an undetected flaw, which was abused by hackers for months. Also: Could AI bring on an ‘extinction event?’

May 25, 2023

The Week in Security: Lazarus targets Microsoft servers in espionage campaign, the future of PyPI

This week: North Korean APT Lazarus uses Microsoft IIS servers to carry out espionage. Also: What’s the future of PyPI amidst continuing attacks?

May 24, 2023

Practitioners reveal growing concerns about software security

In a recent survey, 300 practitioners were asked about the state of supply chain security. Here are takeaways from a webinar discussion about the survey.

May 18, 2023

The Week in Security: Capita AWS bucket exposes benefits data, Toyota leaks customer data on 2M

This week: An unsecured AWS bucket exposed English citizen’s data. Also: A data breach on Toyota leaked the data of more than 2 million customers.

May 11, 2023

The Week in Security: Coalition takes down Russia's Snake espionage tool, GitHub plugs API leaks

U.S. and other countries take down Russia’s Snake malware, used to conduct global espionage. Also: GitHub auto-blocks API key and token leaks for all repos.

May 4, 2023

The Week in Security: Sunburst attack set off alarms for months before discovery

The DOJ detected the SolarWinds Orion breach six months prior to public disclosure. Also: anxiety, fear, depression - the life of a ransomware criminal.

April 27, 2023

The Week in Security: A possible Colonial Pipeline 2.0, ransomware takes bite out of American eateries

This week: Canadian gas pipeline explosion could have been caused by a cyber attack. Also: Financial services firm NCR hit with a ransomware attack.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

The Week in Security: BlackCat threatens to leak Reddit data, attackers target npm packages (again)

MITRE’s System of Trust: A discussion about standardizing software supply chain risk

The Week in Security: Ukraine APT attacks tied to Russia, critical eye placed on AI-generated software

The Week in Security: AI hallucinations linked to software supply chain risk, CI fix deemed critical

The state of app sec with Chris Romeo: The year of the application is near

The Week in Security: Barracuda email flaw left open for months, calls for AI governance turn existential

The Week in Security: Lazarus targets Microsoft servers in espionage campaign, the future of PyPI

Practitioners reveal growing concerns about software security

The Week in Security: Capita AWS bucket exposes benefits data, Toyota leaks customer data on 2M

The Week in Security: Coalition takes down Russia's Snake espionage tool, GitHub plugs API leaks

The Week in Security: Sunburst attack set off alarms for months before discovery

The Week in Security: A possible Colonial Pipeline 2.0, ransomware takes bite out of American eateries

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

Topics

Follow us

Subscribe

Special Reports