The latest contributions and threat intelligence analysis from Blueliv’s analyst team. Explore our reports and whitepapers, designed to help security teams of all sizes implement their value and improve their security posture.

CryptoAPI in Malware


November 2, 2018

For a considerable period, cryptography algorithms with varying levels of complexity have been detected in most malware families. Many have different purposes, from decrypting configuartions carried by the malware...

Managing cyber-risk: Cyberthreat intelligence and the Insurance sector


October 31, 2018

Organizations in all sectors face increasingly virulent and sophisticated cyberthreats on a weekly, if not daily basis. The insurance sector is particularly at risk.  From organized criminal groups seeking...

ARS Loader evolution, a new stealer (ZeroEvil) and AirNaine (TA545)


October 5, 2018

This blog post details the research performed by the Blueliv Labs team and presented by Jose Miguel Esparza at Virus Bulletin in Montreal. The research is related to ARS...

Drupalgeddon2 (SA-CORE-2018-002 / CVE-2018-7600) – an analysis of payloads observed in the wild 


April 18, 2018

A few weeks ago a highly critical Drupal vulnerability dubbed as Drupalgeddon2 (SA-CORE-2018-002 / CVE-2018-7600) was discovered and patched by Drupal developers. This security problem permits remote code execution...

GDPR: Accelerate your reaction time, reduce your penalty


November 13, 2017

New whitepaper shows how threat intelligence can help mitigate the impact of GDPR on your business The new European Union General Data Protection Regulation (GDPR) is coming into force...

Research from Blueliv honored at Artificial Intelligence & Machine Learning conference


November 3, 2017

Blueliv recently participated in the 20th International Conference of the Catalan Association for Artificial Intelligence (Congrés Català en Intel·ligència Artificial or CCIA), whose objective is to foster discussion among...

Making the headlines: Bad Rabbit and Reaper malware


October 27, 2017

Though we process thousands of malware samples per day, very few of them attract the attention of the mainstream media in the way that Bad Rabbit and Reaper have...

TrickBot banking trojan using EFLAGS as an anti-hook technique


October 6, 2017

In one of our analysis of the TrickBot banking trojan, we found an interesting anti-sandbox that catches (almost) all user-mode (ring3) sandboxes, and we would like to share it...

Sonic Drive-In | Credit Card Theft Detection Use Case


October 5, 2017

Photo courtesy Sonic Franchises On September 26, 2017, Sonic the U.S. fast-food chain based in Oklahoma City, OK, with about 3,600 locations across 45 states, acknowledged that their...

Data Breach | Avoid being the next Equifax


September 19, 2017

Image Courtesy CNN Money On 29 July 2017, Equifax, one of the big-three credit reporting companies, announced the discovery of a data breach exposing an estimated 143M Americans. Unauthorized...

4 Strategies to bolster your 2017 security posture


September 1, 2017

Is your business prepared for a cyber threat? Here are some considerations to help you understand the important dynamics of your security posture strategies: End users are the number...

Threat intelligence to help you avoid toxic rogue mobile apps


August 23, 2017

Image Courtesy BBC News How did my dad’s Uber account get hacked? Sometime around July 6, 2017, ABC News Brisbane reporter Josh Bavas, received 2 a.m. notification that someone...

10 things you need to know about brand abuse and how to stay alerted to them


August 11, 2017

Brand abuse is a big problem, and it’s getting bigger. Between 2010-2014, the EU, US, and Japanese customs authorities seized and estimated €467.5M EU / $953.2M US / ¥100M...

How banks can protect customers from “Man in the browser attacks”


August 4, 2017

Criminal groups use a wide range of methods to compromise users and siphon its bank accounts, for this reason, when a user’s computer is infected by a malware, depending...

Targeted Malware Detection


July 27, 2017

Today’s cyber criminal wants one thing. He wants to get his malware into your IT network because once he’s in, he can go to work–remotely–achieving the myriad of other...

Avoid the cost and headache of leaked data (here’s how)


July 20, 2017

“Leaked data falls into 4 types,” says Peter Gordon from SANS Institute: confidential information, intellectual property, customer data and health records. Data leakage, however, is not limited to deliberate...

The many colors of cybersquatting – Do not underestimate them


July 7, 2017

Blueliv Guest Post | Jean-Jacques Dahan, Managing Director and Expert Consultant for Online Brand Security & Global Domain Strategy at Zeusmark. Cybersquatting is a constant challenge for a company. It is...

Protect your business against ruthless