Blueliv
Blog & Resources

Blog

GDPR: Accelerate your reaction time, reduce your penalty

New whitepaper shows how threat intelligence can help mitigate the impact of GDPR on your business The new European Union General Data Protection Regulation (GDPR) is coming into force soon, and personal data breaches will be among the most seriously penalized issues a company can face. In fact, an organization in breach of GDPR can be fined up to 4 percent of its annual global turnover, or €20 million – whichever is greater – for the most serious infringements. With the new legislation set […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

Research from Blueliv honored at Artificial Intelligence & Machine Learning conference

Blueliv recently participated in the 20th International Conference of the Catalan Association for Artificial Intelligence (Congrés Català en Intel·ligència Artificial or CCIA), whose objective is to foster discussion among the local Artificial Intelligence & Machine Learning research community. Blueliv’s Daniel Gibert presented a poster of his collaborative work on ‘Convolutional Neural Networks for Classification of Malware Assembly Code,’ and we are delighted to announce that he was awarded Best Poster at CCIA’17 for his efforts. Congratulations! The publication, summarized […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

Making the headlines: Bad Rabbit and Reaper malware

Though we process thousands of malware samples per day, very few of them attract the attention of the mainstream media in the way that Bad Rabbit and Reaper have recently. Here’s a quick overview, their potential impact on business and some suggested mitigation techniques to help you and your organization.   Bad Rabbit burrowing into Europe and Russia This ransomware shares some similarities with WannaCry, which caused widespread alarm when it came into the public eye earlier this year. […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

TrickBot banking trojan using EFLAGS as an anti-hook technique

In one of our analysis of the TrickBot banking trojan, we found an interesting anti-sandbox that catches (almost) all user-mode (ring3) sandboxes, and we would like to share it with you. hash: 2ebeef906142f328168e7e62e8be7fbaee48e3521853d76ea778005ada6e938a The sample does something like this: lea eax, [ebp+time] ; 1. prepare buffer for GetSystemTime push eax call GetSystemTime ; 2. malware goes straight to Windows API pushf pop eax ; 3. read EFLAGS add eax, offset sub_x ; 4. skip EFLAGS bytes from sub_x jmp […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

Sonic Drive-In | Credit Card Theft Detection Use Case

Photo courtesy Sonic Franchises On September 26, 2017, Sonic [SONC] the U.S. fast-food chain based in Oklahoma City, OK, with about 3,600 locations across 45 states, acknowledged that their payment processor detected some unusual activity. “The first hints of a breach at the Oklahoma City-based fast-food chain came last week,” reported KrebsOnSecurity on his blog last week. “I began hearing from sources at financial institutions about a recent pattern of fraudulent transactions on cards that had all previously been […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

Data Breach | Avoid being the next Equifax

Image Courtesy CNN Money On 29 July 2017, Equifax, one of the big-three credit reporting companies, announced the discovery of a data breach exposing an estimated 143M Americans. Unauthorized access took place between mid-May through July 2017. One source has called this a category-5 event.   Details of the data breach The investigators found bad actors exploited the vulnerability in a U.S. website application and made off with Personal Identity Information (PII): Names Social security numbers Dates of birth […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

4 Strategies to bolster your 2017 security posture

Is your business prepared for a cyber threat? Here are some considerations to help you understand the important dynamics of your security posture strategies: End users are the number one security risk in any organization Your security strategy needs to be adaptable to a changing threat landscape BYOD, 3rd-party cloud and social media are accelerating risk factors According to a recent analysis by Ponemon Institute, a single cybersecurity attack costs an average of $3.62M US / €4.31M EU. Can […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

Threat intelligence to help you avoid toxic rogue mobile apps

Image Courtesy BBC News How did my dad’s Uber account get hacked? Sometime around July 6, 2017, ABC News Brisbane reporter Josh Bavas, received 2 a.m. notification that someone had just accessed his Uber account in Los Angeles and shortly after, someone in Moscow. (He was in Australia.) He tried to get into his account to see the problem, but he had been signed out and his password changed. In a similar story back in May 2015, BBC News […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

10 things you need to know about brand abuse and how to stay alerted to them

Brand abuse is a big problem, and it’s getting bigger. Between 2010-2014, the EU, US, and Japanese customs authorities seized and estimated €467.5M EU / $953.2M US / ¥100M JA in counterfeited products from China alone. The next 4 countries–Hong Kong, Turkey, Greece, and Panama–accounted for another third. Brand abuse can come from pirate operators around the globe or from espionage within the walls of your own hijacked systems and breached intelligence. Fraudsters can infiltrate at every stage of […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

How banks can protect customers from “Man in the browser attacks”

Criminal groups use a wide range of methods to compromise users and siphon its bank accounts, for this reason, when a user’s computer is infected by a malware, depending on its main goal and its capabilities, it could use multiple methods to obtain sensitive information, such as changing the DNS resolution or proxy pollution to redirect the user to a malicious site, searching on the filesystem for stored passwords, inspecting the main memory, infecting the browsers and/or libraries they […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone