Blog | ReversingLabs | AppSec & Supply Chain Security (16)

May 4, 2023

The Week in Security: Sunburst attack set off alarms for months before discovery

The DOJ detected the SolarWinds Orion breach six months prior to public disclosure. Also: anxiety, fear, depression - the life of a ransomware criminal.

May 3, 2023

SolarWinds hack: Did DOJ know 6 months earlier?

The Department of Justice is reported to have stayed on the down-low on SolarWinds. Poster child for software supply chain security? The plot thickens...

May 2, 2023

How to operationalize software bills of materials for incident response

Learn why SBOMs are essential for cybersecurity incident response — and how to put them to work.

May 1, 2023

RSAC in review: Supply chain security, cyber war and AI

The stakes were raised at RSAC 2023: A “hot” cyber war in Ukraine, supply chain attacks on the rise — and let's not forget about artificial intelligence.

April 27, 2023

The rise of malware in the software supply chain – and what to do about it

Charlie Jones of ReversingLabs explains risk with supply chain attacks — and what development teams can do to spot malware lurking in signed code.

April 27, 2023

CISA Secure by Design: 'It's a starting point, not an endpoint'

Here's what experts say about the CISA Secure by Design initiative's potential impact on software supply chain security — and security operations.

April 26, 2023

#RSAC is big again — and AI + security is huge: #StrongerTogether?

RSA Conference is back big in 2023, with large language models buzzing: Al to fight AI, and generative AI and supply chain security.

April 24, 2023

Package names repurposed to push malware on PyPI

What’s in a name? Here's how bad actors are pushing malware on the Python Package Index under the guise of legitimate yet abandoned open source modules.

April 24, 2023

What traditional app sec tools miss: The monsters in your software supply chain

Matt Rose will present at RSAC 2023 on the mismatch between traditional app sec tools like SCA and modern supply chain threats. Here are key highlights.

April 21, 2023

The 3CX supply chain attack gets wilder, marks first 'cascading software supply chain compromise'

The surprising story of the supply chain hack of VoIP provider 3CX got even crazier this week. Here's what your application security need to know.

April 20, 2023

Companies scramble to cover software supply chain security gaps: 3 key survey takeaways

The new ReversingLabs Software Supply Chain Risk Survey found that supply chain security poses serious risk that traditional app sec tools can't address.

April 20, 2023

The Week in Security: 3CX attack caused by earlier supply chain hack, malware in Google Play

This week: One software supply chain attack caused another, making it a first for the industry. Also: Malware spreads via apps in the Google Play Store.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

AppSec & Supply Chain Security (16)

The Week in Security: Sunburst attack set off alarms for months before discovery

SolarWinds hack: Did DOJ know 6 months earlier?

How to operationalize software bills of materials for incident response

RSAC in review: Supply chain security, cyber war and AI

The rise of malware in the software supply chain – and what to do about it

CISA Secure by Design: 'It's a starting point, not an endpoint'

#RSAC is big again — and AI + security is huge: #StrongerTogether?

Package names repurposed to push malware on PyPI

What traditional app sec tools miss: The monsters in your software supply chain

The 3CX supply chain attack gets wilder, marks first 'cascading software supply chain compromise'

Companies scramble to cover software supply chain security gaps: 3 key survey takeaways

The Week in Security: 3CX attack caused by earlier supply chain hack, malware in Google Play

Topics

Special Reports

The State of Software Supply Chain Security

Upcoming Webinars

ConversingLabs

AppSec & Supply Chain Security (16)

Topics

Follow us

Subscribe

Special Reports