Blog | ReversingLabs | Carolynn van Arsdale (8)

November 3, 2022

The Week in Security: OpenSSL danger downgraded but still real, GitHub exposed

This week: an expected OpenSSL vulnerability may not be as disastrous as was predicted, but is still very real. Also: Unauthorized hackers accessed 130 GitHub repositories as a result of a Dropbox breach.

November 2, 2022

Special report: End-to-end supply chain security demands dev and SOC teams shift left together

Security operations centers (SOCs) and developers need to share the responsibility for securing the software supply chain. Find out why in ReversingLabs' latest report.

October 27, 2022

The Week in Security: Pro-China cyber operation Dragonbridge targets U.S. elections

This week: Pro-China operation Dragonbridge targets the U.S. political system. Also: Two flaws in Cisco AnyConnect are being actively exploited.

October 20, 2022

The Week in Security: Attacks on critical infrastructure and the software supply chain take off

This week: Critical infrastructure sectors such as education and aviation are being targeted by cybercriminals. Also: software supply chain attacks have increased by 742% in the past 3 years.

October 18, 2022

What an SBOM is — and why it matters

Software bills of materials have become key to mitigating software threats. Here's what you need to know — and how to put them to work.

October 17, 2022

4 takeaways from the MITRE software security panel

With software supply chain attacks ramping up, software bills of materials are getting the nod from both government and industry experts as a "no brainer."

October 13, 2022

The Week in Security: Google takes next step on supply chain risk, UK issues software security guidance

This week: Google Cloud announces new solution to tackle software supply chain risk, multiple vulnerabilities in Adobe products could lead to arbitrary code execution, and more.

October 6, 2022

Week in Security: Open source tool used to steal data from defense firm

This week: APT groups targeted a defense industrial base sector organization, why SBOMs are a great “first step,” and more.

September 29, 2022

The Week in Security: Bill tasks CISA Director with responsibility for open source software security

This week: A new bill tasks the CISA Director with tackling open source software security, a leaked LockBit builder is being used by a new ransomware gang, and more.

September 26, 2022

From the Labs: YARA Rule for Detecting Nokoyawa

ReversingLabs’ YARA detection rule for Nokoyawa can help you find this ransomware in your environment.

September 22, 2022

The Week in Security: Is Lapsus$ back in action?

This week: The famous hacking group Lapsus$ appears to be back in action. Also: Russian cyber spies are targeting Ukraine by posing as internet providers.

September 16, 2022

Iran-backed APT actors utilize CVEs to carry out cyber attacks on critical infrastructure

An advisory co-authored by the U.S., U.K., Canada and Australia warns of an Iran-backed APT group utilizing known vulnerabilities to carry out attacks.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

The Week in Security: OpenSSL danger downgraded but still real, GitHub exposed

Special report: End-to-end supply chain security demands dev and SOC teams shift left together

The Week in Security: Pro-China cyber operation Dragonbridge targets U.S. elections

The Week in Security: Attacks on critical infrastructure and the software supply chain take off

What an SBOM is — and why it matters

4 takeaways from the MITRE software security panel

The Week in Security: Google takes next step on supply chain risk, UK issues software security guidance

Week in Security: Open source tool used to steal data from defense firm

The Week in Security: Bill tasks CISA Director with responsibility for open source software security

From the Labs: YARA Rule for Detecting Nokoyawa

The Week in Security: Is Lapsus$ back in action?

Iran-backed APT actors utilize CVEs to carry out cyber attacks on critical infrastructure

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

Topics

Follow us

Subscribe

Special Reports