Blueliv
Blog & Resources

Blog

Cyber Threat Intelligence Feeds | Secure your network before an attack

Which malicious malware attack does your boss need you to block today? Blueliv Cyber Threat Intelligence Feeds provide security information that’s granular, industry specific and on time. Experts from respected think tanks like Gartner and RSA agree. Knowledge-based information and targeted action are having a profoundly positive effect on enterprise security. Threat Intelligence Data Feed uncovers traces left by cyber criminals and pinpoints the source. Big data exposes criminal motives and modus operandi. It provides specific real-time threat particulars […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

What our honeypots taught us about Wannacry ransomware

WannaCry has been on the lips, and especially in the concerns of everyone these last days. As we have addressed in recent posts, Friday, 12th May, marked the beginning of a massive global campaign to spread the WannaCry ransomware (a.k.a. WCry, WannaCrypt, WCrypt, WannaCrypt0r…). The ransomware spreads through a worm that uses the recently leaked ETERNALBLUE exploit, which takes advantage of a SMBv1 vulnerability. Despite the availability of Microsoft’s security update released in mid-March, businesses largely failed to update […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

WannaCrypt Malware Analysis

Last Friday, 12th May, a worm targeting outdated Windows machines was detected. The worm in question used leaked NSA exploits to propagate and dropped a variant of a ransomware called WannaCrypt. This post will try to give you an insight into the infection process, as well as the spreading of the worm and some details about the cryptography. Furthermore, at the bottom, you will find YARA rules to detect this sample.   Infection vector The worm spreads by using […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

Wannacry Ransomware used to spread global cyber attacks

A global ransomware attack began impacting companies and hospitals across the United States, Europe, and Asia early Friday morning. Companies in more than 70 countries have reported incidents as of Friday afternoon. Computers all over the world are being locked down by a ransomware called Wannacry/Wanna/Wcry. The British government has announced that a bitcoin virus attack has hit public hospitals in the country on a large scale, requiring users of the network to pay $300 in exchange for access […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

El ransomware ataca contundentemente el IBEX-35

Este viernes ha saltado la noticia de que el ransomware “WannaCry” se ha colado en los sistemas informáticos de algunas de las empresas del IBEX-35 aprovechando una vulnerabilidad de los sistemas Windows. El Gobierno británico por su parte, ha anunciado que un ataque mediante virus bitcoin ha afectado a gran escala a los grandes hospitales públicos del país, exigiendo a los usuarios de la red el pago de 300$ a cambio de acceso al ordenador. El ransomware es un […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

The real cost of credit card theft and how to protect your assets

Sometime in mid-February 2017, anti-fraud teams from multiple financial institutions contacted KrebsOnSecurity for help tracing the source of a credit card fraud happening in high-end restaurants around the U.S. Investigations revealed a vast majority of patrons with compromised cards dined in locations run by Select Restaurants, Inc., a management group out of Cleveland, OH. Further digging also uncovered a tie-in with an earlier breach discovered in July 2016 that occurred in another national restaurant chain in the U.S.–CiCi’s Pizza. […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

Peeling back the layers surrounding zombie computer botnets

What is a Botnet? To understand a botnet, you first must begin with a bot. A bot is an automated malware program or roBOT that takes control of a computerized device. That single, infected computer, or connected device, joins a larger roBOT NETwork–or BOTNET. Once hijacked, these devices transform into what is essentially a network of cyber-zombies. They do the bidding of their masters–cybercriminals–without the device owner’s knowledge. The bot, either device or software program, can perform multiple actions: […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

Blueliv en Securmática: La ciberseguridad aterriza en la alta dirección

Una vez más, Blueliv participará y patrocinará el congreso global de ciberseguridad, seguridad de la información y privacidad, Securmática. El congreso se llevará a cabo del 25 al 27 de abril en Madrid, y este año tendrá el objetivo de brindar una visión actualizada de cómo se está transformando la ciberseguridad y, a su vez, de cómo se está incorporando a los procesos de transformación sectoriales y empresariales. En la XXVIII edición, Blueliv presentará, junto con Aquae Security, el […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

Deep dive into the Dark Web

What is the Dark Web? The dark web is a part of the World Wide Web made up of a variety of anonymous networks, untraceable online activity and non-referenced URLs and domains. It is only through software that enables users to browse these networks anonymously. The most common dark web network is TOR (The Onion Router). TOR was created by US military researchers to exchange intelligence information in an anonymous way. They release it into the public domain with […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone

Platform Release 3.15: detect cybersquatting threats faster

Our latest platform release (3.15) features an amazing update in the Phishing & Cybersquatting module, giving you the ability to detect a wider variety of cybersquatting threats in a more efficient manner, making your life easier. Cybersquatting cases hit record level Cybersquatting is when a website domain is registered with the name of a popular brand by someone outside the organization, in the hope of reselling it at a profit. According to World Trade Review, Cybersquatting cases hit record […] Read More

Tweet about this on TwitterShare on LinkedInGoogle+Share on FacebookEmail to someone