Author | Lightnews

ReversingLabs

ReversingLabs

@reversinglabs.com

87 followers 81 following 210 posts

ReversingLabs is the trusted name in file and software security. RL - Trust Delivered.

Posts Media Videos Starter Packs

ReversingLabs @reversinglabs.com · 23h

RL's research team analyzed 4 #STDGroup-operated RATs, which yielded file indicators to better detect the #malware, plus 2 #YARArules: https://bit.ly/4npaWov

Tracking an evolving Discord-based RAT family | ReversingLabs

RL's research team analyzed four RATs operated by STD Group, which yielded file indicators to better detect the malware families, plus two YARA rules.

ReversingLabs @reversinglabs.com · 1d

While new efforts on #npm such as 2FA & trusted publishing help, you need visibility into how #OpenSource packages behave — not just who is publishing: https://bit.ly/42YCNoq #DevSecOps

Will new npm security measures stop the next Shai-hulud? | ReversingLabs

While 2FA and trusted publishing will help, you need tools that give visibility into how packages behave -- not just who is publishing.

ReversingLabs @reversinglabs.com · 2d

📆 This Thursday, dive into the anatomy of real-world software supply chain attacks like Shai-hulud, Qix & the Salesloft/Drift compromise: https://bit.ly/47r2Wxc

#SoftwareSupplyChainSecurity #DevSecOps #AppSec

Promotional image for a ReversingLabs webinar titled 'Anatomy of a Software Supply Chain Attack: Lessons from Real-World Compromises Across the SDLC' featuring speakers Dave Ferguson, Director of Product Management, and Jasmine Noel, Sr. Product Marketing Manager. Scheduled for October 30, 12-1 PM ET.

ReversingLabs @reversinglabs.com · 6d

🪝 MalDocs are a common #phishing lure. Here's how RL Spectra Analyze can be used to triage this #malware & identify related samples locally: https://bit.ly/47qqkLD #Cybersecurity

How to Triage Phishing Lure MalDocs with Spectra Analyze | ReversingLabs

Spectra Analyze's network indicator analysis features yield insights that are useful in analyzing phishing lures like MalDocs. Here's how.

ReversingLabs @reversinglabs.com · 7d

🤖 Use of AI in container workloads is growing — but security is not native. That makes additional controls essential: https://bit.ly/473tFBf

#ContainerSecurity #AppSec #AISecurity

How to secure AI running in container workloads | ReversingLabs

Use of AI in container workloads is growing -- but security is not native. That makes additional controls essential. Here's what you need to know.

ReversingLabs @reversinglabs.com · 8d

The #SOC needs multiple vantage points when investigating #malware. Use this link to get all the new updates for RL's #MalwareAnalysis & #ThreatHunting capabilities: https://bit.ly/4ovf1ID

ReversingLabs @reversinglabs.com · 9d

RL recently introduced significant updates to its #MalwareAnalysis & #ThreatHunting portfolio, adding new AI-driven & Kubernetes-ready capabilities. Join us this Friday to learn more: https://bit.ly/47pe4ff

ReversingLabs webinar promotional image titled 'Advancing Threat Hunting & Malware Analysis with AI, Kubernetes ICAP, IoC Enrichment & More.' Scheduled for October 24, 12-1 PM. Features an abstract digital background.

ReversingLabs @reversinglabs.com · 13d

This method is then being called from procedures that are responsible for generating wallet keys, essentially exfiltrating the sensitive wallet data to the threat actor.

ReversingLabs @reversinglabs.com · 13d

It contains a malicious method "Shuffle" that sends data to a remote URL, which is encrypted in the code, to avoid detection.

ReversingLabs @reversinglabs.com · 13d

⚠️ RL researchers have discovered a malicious #NuGet package that is impersonating "Netherum," a popular #Ethereum library. It has over 10M downloads, but these are most definitely artificially inflated: secure.software/nuget/packag...

ReversingLabs @reversinglabs.com · 13d

⚠️ Turns out that #MCP servers have a credentials problem, with over half of open-source implementations using credentials that rely on insecure, long-lived, static secrets: https://bit.ly/3WHbXgJ #AppSec #AISecurity

Model Context Protocol credential weakness raises red flags | ReversingLabs

More than half of MCP servers were found to rely on static, long-lived credentials. With AI agents on the rise, that's a problem.

ReversingLabs @reversinglabs.com · 13d

🤔 Application security posture management (#ASPM) is only as good as the technology it depends on. Learn why binary analysis & reproducible builds are key for #AppSec: https://bit.ly/3W3vw2H

Why modern AppSec tooling is key to ASPM's effectiveness | ReversingLabs

Application security posture management is only as good as the technology it depends on. Here's why software supply chain security tooling is key.

ReversingLabs @reversinglabs.com · 14d

🔥 When it comes to #GRC, open source software (#OSS) is in the hot seat. Register for this live session, ft. #OpenSource legal experts: https://bit.ly/46QTxjD

What OSS Developers Need to Know About Compliance & Regulations | ReversingLabs

Learn how global regulations impact open source development. Join experts for practical compliance strategies every developer should know.

ReversingLabs @reversinglabs.com · 14d

Veaty is a #backdoor used in targeted attacks against multiple Iraqi entities. It utilizes emails to communicate with its C2, & disables certificate verification. Protect yourself by deploying our public #YARArules: https://bit.ly/3x34FdW #Malware #ThreatHunting

GitHub - reversinglabs/reversinglabs-yara-rules: ReversingLabs YARA Rules

ReversingLabs YARA Rules. Contribute to reversinglabs/reversinglabs-yara-rules development by creating an account on GitHub.

ReversingLabs @reversinglabs.com · 14d

🤝 When the RL ICAP Server is integrated with the Kiteworks ICAP Client, organizations achieve a highly fortified file exchange ecosystem: https://bit.ly/43hr3NC #Cybersecurity #ThreatIntel #FileSecurity

Secure Your Data Exchange with ReversingLabs & Kiteworks | ReversingLabs

Learn how the integration of the RL ICAP Server with the Kiteworks ICAP client can enhance your file security and threat detection.

ReversingLabs @reversinglabs.com · 15d

#OSS supply chain attacks aren't going away anytime soon. And with fewer young people becoming maintainers, the future of #OpenSource is uncertain. Watch the newest episode of ConversingLabs #podcast, or listen wherever you get your favorite shows: https://bit.ly/3WzF8SV

ConversingLabs: Who Will Maintain Open Source’s Future? | ReversingLabs

GitHub’s Abigail Cabunoc Mayes talks about the uncertainty of open source’s future caused by a shrinking number of Gen Z maintainers.

ReversingLabs @reversinglabs.com · 15d

🤖 Apps made using #VibeCoding can be a minefield for #AppSec teams, especially when non-#Dev users don't understand #AIcoding security risks: https://bit.ly/4o93T4N

Vibe coding in production: 4 security lessons | ReversingLabs

Vibe-coded apps that make it to production can be a minefield for security teams. Here are key takeaways for your AppSec team.

ReversingLabs @reversinglabs.com · 16d

#BPFDoor is a #Linux #backdoor used by the Chinese #APT group #RedMenshen in targeted attacks against multiple industries. It utilizes BPF to remain undetected. Protect yourself by deploying our public #YARArules: https://bit.ly/3x34FdW

GitHub - reversinglabs/reversinglabs-yara-rules: ReversingLabs YARA Rules

ReversingLabs YARA Rules. Contribute to reversinglabs/reversinglabs-yara-rules development by creating an account on GitHub.

ReversingLabs @reversinglabs.com · 19d

It contains the same obfuscation as observed in the rand-user-agent campaign on #npm: secure.software/npm/packages...

rand-user-agent - npm | ReversingLabs Spectra Assure Community

Supply chain risk analysis for rand-user-agent. Learn more about package security, deployment risks, vulnerabilities, popularity, versions, and more with ReversingLabs.

secure.software

ReversingLabs @reversinglabs.com · 19d

Malicious content can be found in the application's #GitHub repository (hidden from default screen view): github.com/dawar2151/cl...

ReversingLabs @reversinglabs.com · 19d

⚠️ RL researchers detected a malicious Phantom dApp: phantom.com/apps/claimyo...

The application claimyoursols.app seems to be fairly used in the #blockchain community. #Dev #Malware

Claim Your SOLs

Claim Your SOLs is a tool that helps you unlock and recover SOL on Solana. By closing unused accounts, you get back 0.00204 SOL for each close or burn. By closing Token-2022 mint accounts, you reclaim...

Reposted by ReversingLabs

Cyber Threat Alliance @cyberalliance.bsky.social · 20d

Our @cyberalliance.bsky.social member @reversinglabs.com article on vibe coding
www.linkedin.com/pulse/vibe-c...
#cybersecurity #supplychain #vibecoding

Vibe coding is the new OSS — in the worst way possible

Welcome to this week’s edition of Chainmail: Software Supply Chain Security News, which brings you the latest software security headlines, curated by the team at ReversingLabs (RL). This week: Vibe co...

www.linkedin.com

ReversingLabs @reversinglabs.com · 20d

🔨 Built-in security can play a role — & fits with the #SecureByDesign concept — but robust #cybersecurity controls remain essential: https://bit.ly/4o9vceu

Why ‘security as by-product' is no replacement for modern tooling | ReversingLabs

Built-in security can play a role -- and fits with the Secure by Design concept -- but robust security controls remain essential to managing risk.

ReversingLabs @reversinglabs.com · 21d

🐝 Attack surface management (ASM) isn’t just another buzzword. It represents a fundamental shift in #cybersecurity strategy, especially with risks from #GenAI & #AICoding on the rise: https://bit.ly/4nAWRoZ

The attack surface is expanding: 10 ways to bolster risk management | ReversingLabs

Attack surface management (ASM) isn't just another buzzword. It represents a fundamental shift in security strategy with risk on the rise.

ReversingLabs @reversinglabs.com · 22d

A malicious #MCP package was found on #npm last week by researchers at Koi. While MCP servers are believed to be "the next big thing" for #AI innovation, this incident has some sobering ramifications for #AppSec teams: https://bit.ly/3VTkAoc

The Postmark MCP server attack: 5 key takeaways | ReversingLabs

A malicious Model Context Protocol package was found in the wild last week. Here are lessons from the compromise of the AI interface tool.