ReversingLabs Blog

November 8, 2019

3 Ways High-Priority Malware Detection Can Fill SOC Gaps

Given today’s threat landscape, operating an enterprise Security Operations Center (SOC) presents a high-stakes challenges. With modern IT infrastructures comprised of a labyrinth of assets, endpoints, and third-party dependencies, threat actors continue to succeed in infiltrating vulnerable systems with inherently sophisticated, difficult-to-detect malware.
October 30, 2019

Breaking the Microsoft Authenticode security model

Authenticode is a Microsoft code signing technology software publishers use to guarantee the origin and integrity of their applications. The vast majority of modern software applications are actively using it and depend on its integrity validation system.
October 30, 2019

Breaking the Linux Authenticode security model

Portable executable is probably the most prolific application format used for code distribution. It can be found on a wide variety of hardware and software platforms. That’s why it is no wonder that many systems, other than its native Windows, end up supporting it in one way or another.
October 30, 2019

Breaking the UEFI firmware Authenticode security model

Unified Extensible Firmware Interface (UEFI) is a specification that defines the interfaces between the operating system and the platform firmware. Originally developed by Intel, and now supported by an alliance of software and hardware vendors, UEFI quickly became a standard that displaced the legacy basic input/output system (BIOS).
October 30, 2019

Breaking the Windows Authenticode security model

Authenticode is a Microsoft code signing technology designed to guarantee the origin and integrity of an application. The core principle of its integrity verification system is code immutability
October 25, 2019

Why You Need to Prioritize Software Development and Supply Chain Security

Enterprise software development graduated from the “waterfall” framework of development and operations - and became less linear, more complex and, in several ways, more difficult to secure.