ReversingLabs Blog

July 5, 2022

Update: IconBurst NPM software supply chain attack grabs data from apps and websites

ReversingLabs researchers uncovered a widespread campaign to install malicious NPM modules that are harvesting sensitive data from forms embedded in mobile applications and websites.
June 30, 2022

The Week in Cybersecurity: NATO creates cyber rapid response

Welcome to the The Week in Cybersecurity. This week: International relations intersects with cybersecurity, leverage YARA rules, plus AstraLocker 2.0.
June 28, 2022

Smash-and-grab: AstraLocker 2.0 pushes ransomware direct from Office docs

ReversingLabs recently discovered instances of the AstraLocker 2.0 malware distributed directly from Microsoft Word files used in phishing attacks.
June 23, 2022

ConversingLabs highlights: RSA Conference spotlights software supply chain, critical infrastructure risk

ConversingLabs invited Robert Martin of MITRE and Steve Lipner of Safecode, who spoke at RSAC, to discuss supply chain risk, software assurance and more.
June 14, 2022

How to build trust in a zero-trust environment: Security leaders share insights

In an expert roundtable at RSA Conference, three industry leaders share insights on taking a zero-trust approach with today's 'hyperconnected ecosystems'.
June 14, 2022

5 CI/CD breaches analyzed: Why you need to update your software security approach

Omer Gil and Daniel Krivelevich outlined the top 10 CI/CD security risks at RSA Conference, analyzing five recent breaches. Here's what you need to know.