Hot Topics

Paul Roberts
ReversingLabs Blog

Danger: Researchers exploit gaps in connected vehicle software supply chain

Danger: Researchers exploit gaps in connected vehicle software supply chain

| | CI/CD Security, software supply chain security
Researchers compromised source code and development infrastructure for Mercedes-Benz and SiriusXM Connected Vehicle Services, raising security concerns. A group of researchers probing the security of applications and infrastructure that supports connected vehicles discovered they could access the development environments and raw application source code of German automaker Mercedes Benz and ... Read More
ReversingLabs Blog
After hack, CircleCI tells devs to update secrets now

After hack, CircleCI tells devs to update secrets now

| | CI/CD Security, Threat Detection & Secrets
In this latest attack on software development environments, the CircleCI platform may have exposed secrets used by millions of software developers ... Read More
ReversingLabs Blog
New supply chain mandates: Uncle Sam wants you (to secure your software)!

New supply chain mandates: Uncle Sam wants you (to secure your software)!

| | Enduring Security Framework (ESF), Executive Order on Cybersecurity (EO 14028), software supply chain security
Here are the key elements of Executive Order 14028, and software supply chain security guidance from the Enduring Security Framework working group.  ... Read More
ReversingLabs Blog
New supply chain mandates: Uncle Sam wants you (to secure your software)!

New supply chain mandates: Uncle Sam wants you (to secure your software)!

| | Enduring Security Framework (ESF), Executive Order on Cybersecurity (EO 14028), software supply chain security
Here are the key elements of Executive Order 14028, and software supply chain security guidance from the Enduring Security Framework working group.  ... Read More
ReversingLabs Blog
A Conversation with Chris Inglis and Anne Neuberger

National Cyber Director: Higher bar for software supply chain security is key to cyber resilience

| | Dev & DevSecOps, Executive Order on Cybersecurity (EO 14028), Software Bill of Materials (SBOM), software supply chain security
Chris Inglis said the government is setting a new bar for supply chain security as the national cybersecurity focus shifts from incident response to cyber resilience ... Read More
ReversingLabs Blog
A Conversation with Chris Inglis and Anne Neuberger

National Cyber Director: Higher bar for software supply chain security is key to cyber resilience

| | Dev & DevSecOps, Executive Order on Cybersecurity (EO 14028), Software Bill of Materials (SBOM), software supply chain security
Chris Inglis said the government is setting a new bar for supply chain security as the national cybersecurity focus shifts from incident response to cyber resilience ... Read More
ReversingLabs Blog
SBOMs are coming for medical devices. Prof. Kevin Fu explains what to expect

SBOMs are coming for medical devices. Prof. Kevin Fu explains what to expect

| | Software Bill of Materials (SBOM), software supply chain security
... Read More
ReversingLabs Blog
SBOMs are coming for medical devices. Prof. Kevin Fu explains what to expect

SBOMs are coming for medical devices. Prof. Kevin Fu explains what to expect

| | Software Bill of Materials (SBOM), software supply chain security
... Read More
ReversingLabs Blog
Gaps in the NVD increase U.S. cyber threat

Gaps in the NVD increase U.S. cyber threat

| | LabsCon, Threat Research
Discrepancies in reports to the national vulnerability databases (NVD) show the U.S. lags behind China, exposing U.S. firms to cyber attacks ... Read More
ReversingLabs Blog
ConversingLabs - Bryson Bort of Scythe.io talks Colonial Pipeline: Lessons Learned

The pandemic turned out to be a boon for public-private cybersecurity cooperation

| | LabsCon, security operations
The shift to remote work punched holes in government networks. But it also fostered a transformation in public-private cooperation, one NSA official noted at LABScon.  ... Read More
ReversingLabs Blog