ReversingLabs Blog

December 13, 2019

Going Behind the Scenes of Cybercrime Group FIN6’s Attack On Retail and Hospitality

A step that an adversary takes during the post exploitation phase of an attack is to establish a command line interface with a computer inside the victim’s network. One recent incident demonstrates the entire intrusion set operated by FIN6, a financially motivated threat actor group.
December 5, 2019

ReversingLabs Releases Update to its Malware Analysis and Hunting Solution: A1000

ReversingLabs has released its Titanium Platform’s latest Malware Analysis & Hunting Solution, A1000 v5.10.
November 27, 2019

10 Billion Files Classified

ReversingLabs passes new milestone in bringing authoratative file intelligence to Security Operations teams
November 8, 2019

3 Ways High-Priority Malware Detection Can Fill SOC Gaps

Given today’s threat landscape, operating an enterprise Security Operations Center (SOC) presents a high-stakes challenges. With modern IT infrastructures comprised of a labyrinth of assets, endpoints, and third-party dependencies, threat actors continue to succeed in infiltrating vulnerable systems with inherently sophisticated, difficult-to-detect malware.
October 30, 2019

Breaking the Microsoft Authenticode security model

Authenticode is a Microsoft code signing technology software publishers use to guarantee the origin and integrity of their applications. The vast majority of modern software applications are actively using it and depend on its integrity validation system.
October 30, 2019

Breaking the Linux Authenticode security model

Portable executable is probably the most prolific application format used for code distribution. It can be found on a wide variety of hardware and software platforms. That’s why it is no wonder that many systems, other than its native Windows, end up supporting it in one way or another.