Blog | ReversingLabs | Threat Research (5)

September 8, 2022

ConversingLabs: Unpacking the Follina exploit

In this ConversingLabs podcast, Paul Roberts interviews ReversingLabs researcher Joseph Edwards about his analysis of Follina, a newly discovered exploit.

August 29, 2022

New malicious packages in PyPI: What it means for securing open source repositories

After a recent discovery of malicious PyPI packages, questions remain about the security community’s ability to mitigate threats posed to open source repositories.

August 24, 2022

How abuse.ch evolved into an essential threat hunting platform

When Roman Hüssy started abuse.ch, it began as a simple threat research blog. Now, the project offers an open source threat hunting platform to users worldwide.

August 9, 2022

GwisinLocker ransomware targets South Korean industrial and pharma firms

GwisinLocker is a new ransomware family that targets Linux in industrial and pharma companies with sophisticated "double extortion" ransomware campaigns.

July 27, 2022

Threat analysis: Follina exploit fuels 'live-off-the-land' attacks

An analysis of three in-the-wild payloads delivered using the Follina exploit shows how attackers can boost efforts to avoid detection by security tools.

July 19, 2022

CISA: Log4j threat will linger for years—so be prepared

A survey of the post-Log4j landscape found few successful hacks linked to it. The bad news? Log4Shell will linger for years — so you need to prepare.

July 15, 2022

The Week in Cybersecurity: Chips hit by 'Retbleed', journalists the chosen target of APTs

This week: a new attack known as ‘Retbleed’ impacts microprocessors, journalists are becoming desirable targets for cybercriminals, and more.

July 5, 2022

Update: IconBurst npm software supply chain attack grabs data from apps and websites

ReversingLabs researchers uncovered a widespread campaign to install malicious NPM modules that are harvesting sensitive data from forms embedded in mobile applications and websites.

June 28, 2022

Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs

ReversingLabs recently discovered instances of the AstraLocker 2.0 malware distributed directly from Microsoft Word files used in phishing attacks.

June 2, 2022

Go below the surface on tampering: The trouble with software integrity validation

The growing number of software supply chain attacks is putting pressure on validation of software integrity

June 1, 2022

It’s not a secret if you publish it on PyPI

Python packages can contain sensitive information. Here's how software development teams can keep secrets secret.

June 1, 2022

Coinminer and npm: What you see is not always what you get

Source code analysis is always useful. It helps you detect threats early in the dev process. But it shouldn’t be the only tool in your security arsenal.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

Threat Research (5)

ConversingLabs: Unpacking the Follina exploit

New malicious packages in PyPI: What it means for securing open source repositories

How abuse.ch evolved into an essential threat hunting platform

GwisinLocker ransomware targets South Korean industrial and pharma firms

Threat analysis: Follina exploit fuels 'live-off-the-land' attacks

CISA: Log4j threat will linger for years—so be prepared

The Week in Cybersecurity: Chips hit by 'Retbleed', journalists the chosen target of APTs

Update: IconBurst npm software supply chain attack grabs data from apps and websites

Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs

Go below the surface on tampering: The trouble with software integrity validation

It’s not a secret if you publish it on PyPI

Coinminer and npm: What you see is not always what you get

Topics

Special Reports

The State of Software Supply Chain Security 2024

Upcoming Webinars

ConversingLabs

Threat Research (5)

Topics

Follow us

Subscribe

Special Reports