Blog | ReversingLabs | Carolynn van Arsdale (8)

September 16, 2022

Iran-backed APT actors utilize CVEs to carry out cyber attacks on critical infrastructure

An advisory co-authored by the U.S., U.K., Canada and Australia warns of an Iran-backed APT group utilizing known vulnerabilities to carry out attacks.

September 15, 2022

The Week in Cybersecurity: U.S. mandates federal agencies use secure third-party software tools

This week: A new OMB memo mandates federal use of secure third-party software tools. Plus: Twitter whistleblower Zatko details lacking security practices.

September 8, 2022

The Week in Cybersecurity: Vice Society ransomware group targets back-to-school

This week: Vice Society ransomware group targets America’s education sector, the U.S. government’s new position on software supply chain security, and more.

September 1, 2022

The Week in Cybersecurity: Cyber espionage operation fueled for months by targeted phishing attacks

This week: a China-linked cyber espionage campaign targets critical entities in Australia and the South China Sea, password manager LastPass gets hacked (again), and more.

August 25, 2022

The Week in Cybersecurity: French hospital hit with ransomware attack

This week: cybercriminals are continuing to target medical facilities, Twitter’s alleged lack of cybersecurity measures, and more.

August 24, 2022

How abuse.ch evolved into an essential threat hunting platform

When Roman Hüssy started abuse.ch, it began as a simple threat research blog. Now, the project offers an open source threat hunting platform to users worldwide.

August 18, 2022

The Week in Cybersecurity: Cybercrime growth outpaces the security industry

This week: Evidence has surfaced of cybercrime’s fast-paced growth in 2022, a new Google Chrome zero-day vulnerability is being exploited, and more.

August 15, 2022

Black Hat: We should have seen the Colonial ransomware attack coming, says Kim Zetter

The ransomware attack on Colonial Pipeline was a wakeup call. But cybersecurity journalist Kim Zetter believes we should have seen it coming.

August 15, 2022

The Week in Cybersecurity: MFA shortcomings paved the way for Cisco breach

A breach of Cisco hinged on a compromise of an employee’s Google account using "exhaustion" to trick the user into passing an MFA token to attackers.

August 11, 2022

The state of cybersecurity: 'Things are going to get worse before they get better,' Krebs tells Black Hat 2022

Chris Krebs challenged Black Hat attendees to consider four factors that will determine cybersecurity's future: tech, bad actors, government, and people.