Blog | ReversingLabs | AppSec & Supply Chain Security (21)

December 19, 2022

Expert panel: No ‘silver bullet’ for supply chain security

Experts and a top analyst discussed the state of software supply chain security in a recent Webinar. Here are key takeaways from their discussion.

December 8, 2022

The Week in Security: Software supply chain attack mines diamond industry, npm security boosted

This week: An APT group carried out a data wiping supply chain attack globally. Also: GitHub has introduced new security features for its npm repository.

December 7, 2022

New supply chain mandates: Uncle Sam wants you (to secure your software)!

Here are the key elements of Executive Order 14028, and software supply chain security guidance from the Enduring Security Framework working group.

December 1, 2022

W4SP continues to nest in PyPI: Same supply chain attack, different distribution method

Here's ReversingLabs' discoveries and indicators of compromise (IOCs) for W4SP, as well as links to our YARA rule that can be used to detect the malicious Python packages in your environment.

December 1, 2022

The Week in Security: Docker Hub leaks secrets, Black Basta ransomware gangs up on retailer

This week: Another open-source platform is being used by cybercriminals. Also: the Black Basta ransomware gang takes credit for the attack on Maple Leaf Foods.

December 1, 2022

Log4j one year in: Vulnerability fuels attacks — and a new urgency for software supply chain security

One year ago, a vulnerability in Apache’s Log4j turned the security world on its ear. What has changed since then? Here are the key takeaways from Log4Shell's legacy.

November 23, 2022

GitHub repojacking attack: 10 lessons for software teams

Software supply chain attacks are on the rise because of their reach. Here are 10 valuable lessons from the recent GitHub namespace attack.

November 17, 2022

The Week in Security: Disguised Russian software used in U.S. Army, CDC applications

This week: software security and international relations collide as one tech company falsely brands itself as a U.S. software supplier. Also: a Canadian supermarket chain has been hit with a ransomware attack.

November 10, 2022

The Week in Security: Former Uber CSO convicted over hack cover-up, supply chain attack targets media

This week: Former Uber CSO is convicted for his attempted cover-up of a 2016 hack of the company. Also: A software supply chain attack has pushed out malware to at least 250 media sites.

November 8, 2022

Forrester Security & Risk talk: Go beyond the SBOM for software supply chain security

At the Forrester Security & Risk Forum, ReversingLabs Field CISO Matt Rose presents about what information an SBOM provides — and how it can be put to good use.

November 7, 2022

SBOMs in the SaaS era: 5 reasons why you should consider a SaaSBOM

Here's why your organization should consider a SaaSBOM, as well as the essential challenges facing their implementation.

November 2, 2022

Special report: End-to-end supply chain security demands dev and SOC teams shift left together

Security operations centers (SOCs) and developers need to share the responsibility for securing the software supply chain. Find out why in ReversingLabs' latest report.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

AppSec & Supply Chain Security (21)

Expert panel: No ‘silver bullet’ for supply chain security

The Week in Security: Software supply chain attack mines diamond industry, npm security boosted

New supply chain mandates: Uncle Sam wants you (to secure your software)!

W4SP continues to nest in PyPI: Same supply chain attack, different distribution method

The Week in Security: Docker Hub leaks secrets, Black Basta ransomware gangs up on retailer

Log4j one year in: Vulnerability fuels attacks — and a new urgency for software supply chain security

GitHub repojacking attack: 10 lessons for software teams

The Week in Security: Disguised Russian software used in U.S. Army, CDC applications

The Week in Security: Former Uber CSO convicted over hack cover-up, supply chain attack targets media

Forrester Security & Risk talk: Go beyond the SBOM for software supply chain security

SBOMs in the SaaS era: 5 reasons why you should consider a SaaSBOM

Special report: End-to-end supply chain security demands dev and SOC teams shift left together

Topics

Special Reports

The State of Software Supply Chain Security 2024

Upcoming Webinars

ConversingLabs

AppSec & Supply Chain Security (21)

Topics

Follow us

Subscribe

Special Reports