Threat Research

May 10, 2022

Update: NPM dependency confusion hacks target German firms

Research by ReversingLabs suggests that dependency confusion attacks on npm repositories have been used to compromise leading German firms in recent weeks.
April 22, 2022

Emotet's back. Here's how to keep from getting hacked

Emotet is back after last year's takedown. It's a favorite of groups like Conti. Dragan Damjanovic of KPMG & Dado Horvat of ReversingLabs give us the latest.
April 8, 2022

Conti pivots as ransomware as a service struggles

The resurgence of the Conti ransomware group is a sign of changes afoot in the global ransomware underground—and more trouble ahead for enterprises.
March 9, 2022

Wiper malware targeting Ukraine: Evidence of planning, and haste

ReversingLabs takes a closer look at two new wipers identified in attacks on Ukraine: HermeticWiper and IsaacWiper.
February 8, 2022

Microsoft disables Excel, Office macros by default. Will it matter?

Microsoft disabled two decades-old scripting languages in its Office products, long a favorite tool of cybercriminals. The security impact may be less than you think, however.
January 26, 2022

After Russian arrests, REvil implants persist

Almost two weeks after Russian authorities claimed to have dismantled the REvil ransomware group with a string of arrests, evidence for a reduction in the availability of REvil implants has yet to appear.