<img src="https://ws.zoominfo.com/pixel/JrRu3vUM8j33QSR7Bwxw" width="1" height="1" style="display: none;">

ReversingLabs Blog

Robert Simmons

Robert Simmons
Independent malware researcher and threat researcher at ReversingLabs. With an expertise in building automated malware analysis systems based on open source tools, he has been tracking malware and phishing attacks and picking them apart for years. Robert has spoken on malware analysis at many of the top security conferences including DEFCON, HOPE, botconf, and DerbyCon among others. Robert also is a maintainer of plyara, a YARA rule parser written in pure Python.

Recent Posts from Robert Simmons

June 26, 2020

Five Uses of YARA

Setting the Stage for REVERSING 2020
June 5, 2020

Retread Ransomware

In March of 2020, MalwareHunterTeam discovered a downloader which installed both a KPot infostealer as well as a second payload which was a ransomware variant that used the string "CoronaVirus".
March 23, 2020

Exposing Ryuk Variants Using YARA

Getting Ahead of Ryuk attacks using YARA Rules - Continued
January 31, 2020

RATs in the Library

Public hosting sites present a challenge for defenders when exploited by adversaries to conceal payloads using various encoding techniques
January 24, 2020

Hunting for Ransomware

Many ransomware families have changed their tactics and victim-targeting in recent years. Rather than indiscriminate attacks against anyone they’re able to infect, they have moved to a process called “big game hunting”.
December 13, 2019

Going Behind the Scenes of Cybercrime Group FIN6’s Attack On Retail and Hospitality

A step that an adversary takes during the post exploitation phase of an attack is to establish a command line interface with a computer inside the victim’s network. One recent incident demonstrates the entire intrusion set operated by FIN6, a financially motivated threat actor group.