Rust on Android goes bare metal: 3 key mobile security benefits
A milestone in the software industry's move toward safer programming languages was reached last week with Google's announcement that it is extending the use of Rust into bare-metal Android environments ...
The evolution of app sec: Getting off the scan-and-fix hamster wheel remains elusive
Over the last 20 years, cybersecurity has changed a lot, but one thing has remained resistant to change: scanning resources for defects and fixing them. Now may be the time to hop ...
5 ways APIs can be the weak link in supply chain security
Application programming interfaces (APIs) have become indispensable to the modern enterprise. They're the glue that allows organizations to connect their partners and customers — and the go-to tool that empowers developers to ...
Typosquatting campaign delivers r77 rootkit via npm
ReversingLabs researchers have identified a new, malicious supply chain attack affecting the npm platform. The “typosquatting” campaign first appeared in August and pushed a malicious package, node-hide-console-windows, which downloaded a Discord bot ...
ReversingLabs A1000 Threat Analysis and Hunting Solution Update Drives SecOps Forward
Our customers rely on ReversingLabs A1000 Threat Analysis and Hunting Solution to provide an instant malware lab, delivering static and dynamic analysis. Here, we break down the newest improvements to this necessary ...
NIST supply chain security guidance for CI/CD environments: What you need to know
The National Institute of Standards and Technology's new proposed guidelines for integrating software supply chain security into CI/CD pipelines have arrived at an opportune time for security teams, with attacks on the ...
What we know about BlackCat and the MGM hack
More than a week after it suffered a crippling ransomware attack, the hotel giant MGM is struggling to recover. The attack, linked to the ransomware-as-a-service (RaaS) group known as ALPHV, or BlackCat, ...
EPSS vs. CVSS: Exploit prediction could change the game on software risk management
Security teams are faced with more alerts than they can handle. SecurityScorecard and the Cyentia Institute estimate that organizations fix only 10% of the vulnerabilities in their software each month. That's not ...
