Blog | ReversingLabs | Carolynn van Arsdale (6)

February 9, 2023

The Week in Security: CISA operationalizes software supply chain security, GuLoader targets e-commerce

CISA is working to operationalize cyber supply chain risk management. Also: a GuLoader malware campaign is targeting the global e-commerce industry.

February 2, 2023

The Week in Security: Russia takes aim at Ukraine with Sandworm, the truth about Russia's top search engine

Russia-affiliated Sandworm is using malware strains to attack entities in Ukraine. Also: A massive Yandex code leak reveals the ranking factors of Russia’s search engines.

January 19, 2023

The Week in Security: PyPI hit by ‘Lolip0p’ info-stealing attack, ransomware targets ship fleet

This week: A new software supply chain attack has been discovered on PyPI. Also: A ransomware attack on ship management software impacts 1000 vessels.

January 12, 2023

The Week in Security: When AI attacks, ChatGPT lowers the bar for developing malware

This week: Trojan Puzzle attack shows how AI can be trained for malicious purposes. Also: ChatGPT is enabling script kiddies to write functional malware.

January 12, 2023

App sec and the supply chain: Work in tandem with engineers to achieve true software security

Application security is foundational to the software supply chain security ecosystem. But it takes a village. Derek Fisher explains in this fireside chat.

January 5, 2023

The Week in Security: Ransomware attacks close out 2022 with a bang, PyTorch compromise explored

The tail-end of 2022 was plagued by ransomware attacks on critical infrastructure. Also, we break down the PyTorch software supply chain attack.

December 22, 2022

The Week in Security: Okta says source code stolen. Also: SentinelSneak: PyPi moduel poses as security SDK

Okta is hit with another supply chain attack. Also, ReversingLabs discovered a malicious PyPI package posing as a SentinelOne SDK client.

December 19, 2022

Expert panel: No ‘silver bullet’ for supply chain security

Experts and a top analyst discussed the state of software supply chain security in a recent Webinar. Here are key takeaways from their discussion.

December 15, 2022

The Week in Security: Wiper malware rains down on 2022, Microsoft certificates abused

This week: Twelve malware wipers have been discovered in 2022. Also: The Cuba ransomware gang abused Microsoft certificates to sign malware.

December 8, 2022

The Week in Security: Software supply chain attack mines diamond industry, npm security boosted

This week: An APT group carried out a data wiping supply chain attack globally. Also: GitHub has introduced new security features for its npm repository.

December 1, 2022

The Week in Security: Docker Hub leaks secrets, Black Basta ransomware gangs up on retailer

This week: Another open-source platform is being used by cybercriminals. Also: the Black Basta ransomware gang takes credit for the attack on Maple Leaf Foods.

December 1, 2022

Log4j one year in: Vulnerability fuels attacks — and a new urgency for software supply chain security

One year ago, a vulnerability in Apache’s Log4j turned the security world on its ear. What has changed since then? Here are the key takeaways from Log4Shell's legacy.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

The Week in Security: CISA operationalizes software supply chain security, GuLoader targets e-commerce

The Week in Security: Russia takes aim at Ukraine with Sandworm, the truth about Russia's top search engine

The Week in Security: PyPI hit by ‘Lolip0p’ info-stealing attack, ransomware targets ship fleet

The Week in Security: When AI attacks, ChatGPT lowers the bar for developing malware

App sec and the supply chain: Work in tandem with engineers to achieve true software security

The Week in Security: Ransomware attacks close out 2022 with a bang, PyTorch compromise explored

The Week in Security: Okta says source code stolen. Also: SentinelSneak: PyPi moduel poses as security SDK

Expert panel: No ‘silver bullet’ for supply chain security

The Week in Security: Wiper malware rains down on 2022, Microsoft certificates abused

The Week in Security: Software supply chain attack mines diamond industry, npm security boosted

The Week in Security: Docker Hub leaks secrets, Black Basta ransomware gangs up on retailer

Log4j one year in: Vulnerability fuels attacks — and a new urgency for software supply chain security

Topics

Special Reports

The State of Software Supply Chain Security 2024

Upcoming Webinars

ConversingLabs

Topics

Follow us

Subscribe

Special Reports