ReversingLabs Blog

Tomislav Peričin

Tomislav Peričin
Chief Software Architect & Co-Founder at ReversingLabs. Tomislav founded ReversingLabs in 2009 and serves as Chief Architect leading all aspects of the company's product and services strategy as well as implementation. He has been analyzing and developing software packing and protection methods for the last 8 years. As chief software architect, he has conceived and driven the development of such projects as TiCore, TitanEngine, NyxEngine and RLPack. Recently, he spoke at BlackHat, ReCon, CARO Workshop, SAS and TechnoSecurity conferences.

Recent Posts from Tomislav Peričin

February 18, 2020

Introducing Explainable Machine Learning

Observing the direction other security companies have taken, we at ReversingLabs felt that something big was missing: No one was focusing on the human element. We found that there wasn't a solution in the market that tried to bridge the gap between detecting malware and helping analysts understand why such detections happened in the first place.
October 30, 2019

Breaking the Linux Authenticode security model

Portable executable is probably the most prolific application format used for code distribution. It can be found on a wide variety of hardware and software platforms. That’s why it is no wonder that many systems, other than its native Windows, end up supporting it in one way or another.
October 30, 2019

Breaking the UEFI firmware Authenticode security model

Unified Extensible Firmware Interface (UEFI) is a specification that defines the interfaces between the operating system and the platform firmware. Originally developed by Intel, and now supported by an alliance of software and hardware vendors, UEFI quickly became a standard that displaced the legacy basic input/output system (BIOS).
October 30, 2019

Breaking the Windows Authenticode security model

Authenticode is a Microsoft code signing technology designed to guarantee the origin and integrity of an application. The core principle of its integrity verification system is code immutability
September 16, 2019

Digital Certificates - Models for Trust and Targets for Misuse

Blog 6: A New Kind of Certificate Fraud: Executive Impersonation
August 22, 2019

The NPM package that walked away with all your passwords

Software developers are increasingly being targeted by supply chain attacks. Popularization of package managers and their integration into the development pipelines has made this ecosystem an interesting target for various threat actors.