Blog

The Blueliv blog is home to the latest threat intelligence analysis, content from investigations, corporate news, information about our modular cyberthreat intelligence solutions, and more. Take some time to explore the archives and perspectives from our intelligence analysts and management team.

Shining a light on the darknet
A common visualization for the Internet is an iceberg. The indexed ‘surface’ web is less than 10% of what is visible, but 90% is non-indexed and known as the deep web. A small subset of the deep web includes hidden information and services: the dark web, or darknet. It’s...
Sweet Dream(s): An examination of instability in the darknet markets
These past few weeks in cyber underground news have seen the surprising hat trick of the passage of the self-imposed deadline for the closure of the notorious Dream Market, the law enforcement seizure of Valhalla Market, and the law enforcement takedown and arrests of admins associated with the Wall Street Market.  Many of the trends observed following...
industry-blog
Threat Exchange Network blog: April 2019
The Blueliv Threat Exchange Network is a global community of thousands of cybersecurity experts, IT professionals and academics. Each month members publish the latest news, threat data, IOCs and more in order to improve resilience and accelerate incident response. Members can create their own intelligence feed for free by exporting...
Threat Actor activity: a quick recap
In our recent Threat Landscape Report we profiled several active threat actors which have made an impact over the past year. All of the threat actors in this article remain under close observation. Sharing this intelligence is part of our ongoing mission to collaborate with industry peers, enrich the...
research-blog
Where is Emotet? Latest geolocation data
Emotet is an old malware threat that continues to affect many users and companies around the world. Once a machine has been infected, a number of things can happen—but typically, new malware is deployed and credentials are stolen. Emotet’s business model is based on distribution groups – the stolen...
Fraud and cybercrime in Latin America: an evolving threat landscape
Internet penetration is rapidly increasing in Latin America. Mobile usage is commonplace, and more people own bank accounts than ever before which means online transactions are also on the rise. This is great news for innovative Latin American companies, and consequently, cybercriminals targeting them. With higher levels of growth...
Selling FormBook
Our home city Barcelona hosted BSides last week, where the information security community across Europe gathered discuss the current security landscape. Members of our Labs team were invited to present research into FormBook, one of the most notorious info-stealers and form-grabbers in recent years. The fight against cybercrime is...
Blueliv announces technical alliance with MrLooquer
We are excited to announce our latest technical alliance, following founders Fran Gomez and Rafa Sanchez’ presentation at this year’s RootedCon in Madrid. MrLooquer, a fellow Spanish cybersecurity company, provides valuable information to help organizations manage their risk accurately. Their technology discovers and analyses IPv4 and IPv6 assets covering...
industry-blog
Threat Exchange Network blog: March 2019
The Blueliv Threat Exchange Network is a global community of thousands of cybersecurity experts, IT professionals and academics. Each month members publish the latest news, threat data, IOCs and more in order to improve resilience and accelerate incident response. Members can create your own intelligence feed for free by exporting these...
Taking stock: RSA Conference 2019
Last week’s RSA Conference in San Francisco was one of the busiest ever, drawing tens of thousands of information security professionals, law enforcement and academics from around the world. RSA is always a great barometer of how the cybersecurity market is evolving at a global level, and this year...
Overview and thoughts about Shamoon3 toolkit
Introduction On August 15, 2012, a computer attack left “out of the box” about 30,000 Windows systems of the Saudi Aramco oil company. The incident had a significant impact on businesses processes and production at the company, which took weeks to return to normal activity. The malware deployed in...
Annual Cyberthreat Landscape report shines spotlight on credential theft and expanding Latin America market
Today we launch our Annual Cyberthreat Landscape Report for 2018-19, providing insights into emerging and evolving cybersecurity trends. By sharing intelligence and collaborating with the industry, we are in a much better position to fight cybercrime this year. The report reveals that botnet stolen credentials increased by a staggering fifty...
Threat intelligence for healthcare: how to get the most out of your investment
Healthcare C-suite leaders are facing challenging times. This is the most breached sector globally, accounting for 24% of all cases investigated by Verizon. Valuable patient data, mission critical but exposed digital endpoints and strict compliance requirements all add to the cybersecurity challenge. This is where threat intelligence (TI) can...
Sales of AZORult grind to an AZOR-halt
Author of Popular Credential Stealer Announces End of Sales Key Points In late December, the author of the AZORult stealer publicly stated that he would be ending sales of the malware. AZORult has been advertised on Russian-language cybercrime forums since at least 2016 and has become fairly popular among...
Real-time threat detection and why timing is the key to threat intelligence
You wouldn’t sit idle under siege. However, when it comes to confronting real-time cyberthreats, it is what some businesses are doing – oftentimes without even realizing it. Organizations are increasingly finding themselves targets of cybercrime, carried out by hacktivists, nation states, or financially motivated criminals. In fact, on average...
Blueliv partners with e92plus, the UK channel’s leading cybersecurity value-added distributor
We are delighted to announce that we have partnered with e92plus as a key distributor to help grow our channel business in the UK. e92plus is the leading cybersecurity VAD for the UK channel, whose extensive cybersecurity knowledge and experience will enable VARs and MSSPs to benefit from using our solutions...
Threat Exchange Network blog: January 2019
The Blueliv Threat Exchange Network is a global community of thousands of cybersecurity experts, IT professionals and academics. Each month members publish the latest news, threat data, IOCs and more in order to improve resilience and accelerate incident response. Members can create your own intelligence feed for free by...
financial sector
Effective threat intelligence for the financial sector
Financial sector CISOs and security teams face a tough challenge. They need to keep the organization  safe from the huge volume of indiscriminate threats that are unfortunately the price of doing business on the internet today. But they must also ensure they’re as resilient as possible to targeted, sophisticated...
Why threat intelligence help CISOs make better security decisions
In just a few short years, the discipline of threat intelligence (TI) has grown from something on the cutting edge of cybersecurity, to a must-have feature for any CISO serious about effectively managing online risk. Allowing organizations to finally move from a reactive to a proactive posture, it can...
Top 10 Criteria for Buying the Best Threat Intelligence Solutions
CISOs are busy people. The chances are you’re balancing a variety of tasks: from communication with the board, to managing incident response, organization-wide training strategies, and a growing regulatory compliance burden driven by the GDPR and EU NIS Directive. This leaves little time to spend on due diligence to...
What does threat mitigation mean in practice?
Cyber threats have reached epidemic proportions. In the UK for example, nearly half (43%) of all businesses polled by the government in 2018 said they’d suffered a security breach or attack in the previous 12 months — and the real figure could be much higher. One vendor said it...
Threat intelligence tools your cybersecurity team needs
Threat intelligence (TI) is a vital capability for any IT security department. If used effectively, it can offer CISOs the ability to take security from a reactive to a proactive posture, enabling them to better manage cyber risk and support the business-wide digital transformation agenda. But the major caveat...
How to choose the right Threat Intelligence for your organization
Today’s CISOs face an unprecedented range of pressures. They are tasked with creating the secure foundation on which the success of boardroom-led digital transformation efforts rest. They must manage a growing volume and variety of risks across networks, applications, clouds, endpoints, servers and supply chains. And they must do...
Threat Exchange Network blog: November 2018
Our community is growing daily – become a member for free and contribute to the network. The fight against cybercrime is a collaborative effort. Here you’ll find some of the top posts from our Threat Exchange Network over the past month. Join for free today – in addition to...
corporate-blueliv
Changing the channel: some significant updates for our strategic partners
New team members, new wins and partner portal upgrades to deliver better services The past year, we have been making numerous improvements to our Strategic Partnership Program, to help Distributors, MSSPs and VARs sell our modular threat intelligence solutions to customers. In January, the relaunch of our multi-market program...
Blueliv receives double honors at Computing Security Excellence Awards
We have been recognized for industry leadership and promoting new collaborative models in Enterprise Security and Enterprise Threat Detection categories We are thrilled to announce today two significant award wins at the Computing.co.uk Security Excellence Awards: the Enterprise Security and Enterprise Threat Detection categories for 2018. The independent panel...
Threat intelligence
What is Threat Intelligence and why is it important?
Index Introduction What threat intelligence isn’t ‘Data’ ‘Information’ What threat intelligence is? Gathering Processing and actionable delivery Integration, visualization and dissemination Categories of threat intelligence Tactical Operational Strategic When to use threat intelligence Before an attack During an attack After an attack The benefits of real-time, dynamic threat intelligence...
research-blog
CryptoAPI in Malware
For a considerable period, cryptography algorithms with varying levels of complexity have been detected in most malware families. Many have different purposes, from decrypting configuartions carried by the malware or downloaded from a server, to encrypting communications with C2s, to encrypting user files in the case of ransomware, and...
Managing cyber-risk: Cyberthreat intelligence and the Insurance sector
Organizations in all sectors face increasingly virulent and sophisticated cyberthreats on a weekly, if not daily basis. The insurance sector is particularly at risk.  From organized criminal groups seeking PII (personally identifiable information), financial account data and anything else that can be monetized, to hacktivists trying disrupt the day-to-day...
North American credential theft industry records substantial quarterly increase, against declines in Europe and Asia
141% increase in compromised credentials detected in North America during Blueliv quarterly analysis Fewer compromised European and Asian credentials detected over same period (22% and 36% decreases respectively) LokiPWS malware family distribution continues to increase faster than Pony this quarter Our latest quarterly credential theft analysis follows the initial...
corporate-blueliv
Blueliv shortlisted for four of Computing’s Security Excellence Awards
Following our recent recognition as Threat Intelligence Company of the Year 2018 by Cybersecurity Breakthrough, we are pleased to announce that we have been named Finalists in the following categories by Computing’s Security Excellence Awards: Security Vendor of the Year – SME Enterprise Security Award Enterprise Threat Detection Award...
research-blog
ARS Loader evolution, a new stealer (ZeroEvil) and AirNaine (TA545)
This blog post details the research performed by the Blueliv Labs team and presented by Jose Miguel Esparza at Virus Bulletin in Montreal. The research is related to ARS Loader and its evolution, the appearance of a new stealer based on ARS, ZeroEvil, and how both malware families have...
industry-blog
Threat Exchange Network blog: September 2018
The Blueliv Threat Exchange Network is a global community of thousands of cybersecurity experts, IT professionals and academics. Each month members publish the latest news, threat data, IOCs and more in order to improve resilience and accelerate incident response. Members can create your own intelligence feed for free by...
Blueliv named ‘Threat Intelligence Company of the Year’ in Cybersecurity Breakthrough Awards 2018
We’re delighted to announced that today we have been named ‘Threat Intelligence Company of the Year 2018’ in the Cybersecurity Breakthrough Awards. Our innovations in cyber-risk management and the promotion of new collaborative models saw us win recognition from an independent panel of experts within the information security industry....
The right tools for the job: how to protect against credential theft
Humans are often described as the weakest link in the cybersecurity chain. This is certainly true to an extent: witness the fact that phishing enabled 93% of data breaches last year. However, it might be more accurate to describe credentials themselves as the biggest threat to organizations. Whether we’re...
Credentials
Why Proactive Cybersecurity Begins with Monitoring for Compromised Credentials
Most IT security teams today are under a huge amount of pressure. With dwindling human resources, they must tackle a growing volume and range of sophisticated threats, as well as support ambitious digital transformation projects which could make or break the fortunes of their organization. Faced with this uphill...
Detecting Compromised Credentials
Why Proactive Cybersecurity Begins with Monitoring for Compromised Credentials Most IT security teams today are under a huge amount of pressure. With dwindling human resources, they must tackle a growing volume and range of sophisticated threats, as well as support ambitious digital transformation projects which could make or break...
insurance credential theft
Insurance Identity theft: The weakest link
Anyone following the cybercrime landscape over the past two decades will be aware of one inalienable truth: online criminals will always go where there are people and money. Unfortunately, a side effect of the digital revolution has meant there are more online users and resultingly greater access to highly...
Banking on Threat Intelligence: The Impact of Credential Theft on Financial Services
A couple of years ago cyber-thieves managed to compromise the accounts of thousands of Tesco Bank customers in the UK, stealing £2.5m in the process. The attack was labelled “unprecedented” at the time. But while major incidents like this are few and far between, attackers are certainly turning the...
Stopping Password Theft: The Value of Proactive Threat Intelligence
Password Theft and passwords represent the “keys to the kingdom” in our modern, digital-centric world. They protect our personal and corporate email, our social networking accounts, and access to our most sensitive financial and healthcare data. At a business level, they’re also still widely used to protect enterprise accounts,...
Identity theft: mitigating risk for the enterprise
Today’s CIOs and CISOs have a problem. On the one hand they’re under increasing pressure to support digital transformation efforts designed to drive business growth and agility. But in moving to new technology platforms they inevitably also expose the organization to increased cyber risk. One of the most damaging...
Threat Exchange Network blog: July 2018
The Blueliv Threat Exchange Network is a global community of thousands of cybersecurity experts, IT professionals and academics. Each month members publish the latest news, threat data, IOCs and more in order to improve resilience and accelerate incident response. Members can create their own intelligence feeds for free by exporting these...
Credential theft: the business impact of stolen credentials
Cybercriminals are stealing credentials using a wide range of techniques, tactics and procedures. The compromised data has a variety of uses and enables attackers to breach organizations and steal sensitive information. In fact, all it takes is a single good credential to gain access to an organization’s infrastructure and...
European credential theft industry booming as US market sees decline
39% increase in compromised credentials detected in Europe and Russia in 2018 Europe-only credential theft success at 62% growth rate Europe and Russia home to half of credential theft victims worldwide (49%) LokiPWS malware family distribution increases over 300% since start of 2017 Today we announced our new report...
Threat Exchange Network blog: June 2018
The Blueliv Threat Exchange Network is a global community of thousands of cybersecurity experts, IT professionals and academics. Each month members publish the latest news, threat data, IOCs and more in order to improve resilience and accelerate incident response. Members can create their own intelligence feeds for free by exporting these...
Combatting password re-use
A recent article on The Register discussed an academic paper proposing that high-profile websites cooperate to stop users re-using passwords. If sites like Twitter and Facebook share users’ credentials, it suggests, they can then work together to make sure users don’t use the same password across different sites. The...
industry-blog
Threat Exchange Network blog: April 2018
The Blueliv Threat Exchange Network is a global community of thousands of cybersecurity experts, IT professionals and academics. Each month members publish the latest news, threat data, IOCs and more in order to improve resilience and accelerate incident response. Members can create your own intelligence feed for free by...
Introducing Threat Context: our newest deep defense tool for richer investigations
Today we release a brand new module to help cybersecurity teams improve their productivity. Threat Context provides contextualized, qualified threat indicator information, enhancing incident triage, post-incident forensics and red teaming activities. SOC, Incident Response and Threat Intelligence teams are plagued by information overload, making it difficult to prioritize threats...
Blueliv RSA 2018
Recap: Blueliv at RSA Conference 2018
Last week, RSA Conference 2018 pulled 45,000 attendees from all over the world to San Francisco’s Moscone Centre. The week was packed with keynotes from tech luminaries, networking events and sessions discussing the latest themes, threats and solutions from the world of cybersecurity. RSA is always a great barometer...
research-blog
Drupalgeddon2 (SA-CORE-2018-002 / CVE-2018-7600) – an analysis of payloads observed in the wild 
A few weeks ago a highly critical Drupal vulnerability dubbed as Drupalgeddon2 (SA-CORE-2018-002 / CVE-2018-7600) was discovered and patched by Drupal developers. This security problem permits remote code execution (RCE) without user authentication and affects the Drupal core of versions 7, 8 and the unmaintained 6 too. Aside from...
industry-blog
Threat Exchange Network blog: March 2018
The Blueliv Threat Exchange Network is a global community of thousands of cybersecurity experts, IT professionals and academics. Each month members publish the latest news, threat data, IOCs and more in order to improve resilience and accelerate incident response. Members can create your own intelligence feed for free by...
industry-blog
Blueliv Annual Cyberthreat Report advises increased intelligence sharing and cross-industry collaboration
Malware advances no longer focused on ‘traditional’ enterprise targets as cybercriminals expand their scope Today we release our Annual Cyberthreat Report, compiling actionable intelligence from Threat Compass with expert insight from our analyst team. We conclude that a higher level of collaboration and intelligence-sharing between industries is ever-more crucial...
industry-blog
Threat Exchange Network blog: February 2018
The Blueliv Threat Exchange Network is a global community of thousands of cybersecurity experts, IT professionals and academics. Each month members publish the latest news, threat data, IOCs and more in order to improve resilience and accelerate incident response. Members can create your own intelligence feed for free by...
corporate-blueliv
Blueliv secures €4 million Series A funding, strengthens leadership team to accelerate global expansion
Vento’s investment boost accompanied by senior hire and growth into new Barcelona headquarters 14 February 2018 – Barcelona, Spain – Blueliv, Europe’s leading provider of enterprise-class cyberthreat intelligence solutions, today announced it has raised €4 million in Series A funding, made a senior appointment and relocated its Barcelona headquarters...
industry-blog
Threat Exchange Network blog: January 2018
The Blueliv Threat Exchange Network is a global community of thousands of cybersecurity experts, IT professionals and academics. Each month members publish the latest news, threat data, IOCs and more in order to improve resilience and accelerate incident response. Members can create your own intelligence feed for free by...
corporate-blueliv
Blueliv Partner Program opens up our modular cyberthreat intelligence tools to the channel
Multi-market Strategic Partnership Program is designed to drive higher margins and accelerate partner revenue and growth Today we launch our Strategic Partnership Program, featuring deal registration incentives, dedicated sales and marketing support, and flexible engagement so partners can develop a model to suit their business. The Strategic Partnership Program...
GDPR-Accelerate-your-reaction-time
GDPR: Accelerate your reaction time, reduce your penalty
New whitepaper shows how threat intelligence can help mitigate the impact of GDPR on your business The new European Union General Data Protection Regulation (GDPR) is coming into force soon, and personal data breaches will be among the most seriously penalized issues a company can face. In fact, an organization in breach of GDPR...
artificial-intelligence
Research from Blueliv honored at Artificial Intelligence & Machine Learning conference
Blueliv recently participated in the 20th International Conference of the Catalan Association for Artificial Intelligence (Congrés Català en Intel·ligència Artificial or CCIA), whose objective is to foster discussion among the local Artificial Intelligence & Machine Learning research community. Blueliv’s Daniel Gibert presented a poster of his collaborative work on...
research-blog
Making the headlines: Bad Rabbit and Reaper malware
Though we process thousands of malware samples per day, very few of them attract the attention of the mainstream media in the way that Bad Rabbit and Reaper have recently. Here’s a quick overview, their potential impact on business and some suggested mitigation techniques to help you and your...
research-blog
TrickBot banking trojan using EFLAGS as an anti-hook technique
In one of our analysis of the TrickBot banking trojan, we found an interesting anti-sandbox that catches (almost) all user-mode (ring3) sandboxes, and we would like to share it with you. hash: 2ebeef906142f328168e7e62e8be7fbaee48e3521853d76ea778005ada6e938a The sample does something like this: lea eax, ; 1. prepare buffer for GetSystemTime push...
sonic-drive-in-credit-card-theft-detection-use-case
Sonic Drive-In | Credit Card Theft Detection Use Case
Photo courtesy Sonic Franchises On September 26, 2017, Sonic the U.S. fast-food chain based in Oklahoma City, OK, with about 3,600 locations across 45 states, acknowledged that their payment processor detected some unusual activity. “The first hints of a breach at the Oklahoma City-based fast-food chain came last...
Avoid-being-the-next-Equifax
Data Breach | Avoid being the next Equifax
Image Courtesy CNN Money On 29 July 2017, Equifax, one of the big-three credit reporting companies, announced the discovery of a data breach exposing an estimated 143M Americans. Unauthorized access took place between mid-May through July 2017. One source has called this a category-5 event.   Details of the...
security-posture
4 Strategies to bolster your 2017 security posture
Is your business prepared for a cyber threat? Here are some considerations to help you understand the important dynamics of your security posture strategies: End users are the number one security risk in any organization Your security strategy needs to be adaptable to a changing threat landscape BYOD, 3rd-party...
avoid-toxic-rogue-mobile-apps
Threat intelligence to help you avoid toxic rogue mobile apps
Image Courtesy BBC News How did my dad’s Uber account get hacked? Sometime around July 6, 2017, ABC News Brisbane reporter Josh Bavas, received 2 a.m. notification that someone had just accessed his Uber account in Los Angeles and shortly after, someone in Moscow. (He was in Australia.) He...
brand-abuse
10 things you need to know about brand abuse and how to stay alerted to them
Brand abuse is a big problem, and it’s getting bigger. Between 2010-2014, the EU, US, and Japanese customs authorities seized and estimated €467.5M EU / $953.2M US / ¥100M JA in counterfeited products from China alone. The next 4 countries–Hong Kong, Turkey, Greece, and Panama–accounted for another third. Brand...
Man-in-the-browser
How banks can protect customers from “Man in the browser attacks”
Criminal groups use a wide range of methods to compromise users and siphon its bank accounts, for this reason, when a user’s computer is infected by a malware, depending on its main goal and its capabilities, it could use multiple methods to obtain sensitive information, such as changing the...
Targeted-malware-detection
Targeted Malware Detection
Today’s cyber criminal wants one thing. He wants to get his malware into your IT network because once he’s in, he can go to work–remotely–achieving the myriad of other criminal activities he and his accomplices have in mind. Your best defense against targeted malware is to thwart the criminal...
leaked-data
Avoid the cost and headache of leaked data (here’s how)
“Leaked data falls into 4 types,” says Peter Gordon from SANS Institute: confidential information, intellectual property, customer data and health records. Data leakage, however, is not limited to deliberate efforts of cyber espionage. In fact, a surprising amount of it tends to be the result of human error–well into...
CISO-360-Congress
Successful CISO 360 Congress sponsored by Blueliv
Last week, Pulse Conferences hosted the CISO 360 Congress at the Grand Marina hotel in Barcelona; an incomparable frame by the Mediterranean Sea where more than 80 CISOs gathered to discuss the most trendy and relevant cyber security topics. The event went on for 3 days and it gave...
colors-of-cybersquatting
The many colors of cybersquatting – Do not underestimate them
Blueliv Guest Post | Jean-Jacques Dahan, Managing Director and Expert Consultant for Online Brand Security & Global Domain Strategy at Zeusmark. Cybersquatting is a constant challenge for a company. It is a broad concept involving many aspects of risk, speculation, and fraud. It should not be underestimated as it provides a...
ruthless-cybersquatters
Protect your business against ruthless cybersquatters
Also this week: Blueliv is pleased to announce a featured post on the subject of Cybersquatting from Jean-Jacques Dahan–Managing Director and Expert Consultant for Online Brand Security & Global Domain Strategy, Zeusmark. This article continues the discussion begun with the Phishing module article. Now, the focus will be on...
Petya-ransomware-2
Petya Ransomware cyber attack is spreading across the globe – Part 2
Following our first blog providing an early analysis about Petya, we are sharing further findings of the malware analysis that we have performed. We divided this post into the three areas we have briefly analyzed after the Petya attack: the propagation techniques of the malware, the encryption techniques used,...
Petya-ransomware-1
Petya Ransomware cyber attack is spreading across the globe – Part 1
As you might know, Petya Ransomware is currently devastating Airlines, Banks & Utilities and many other businesses across the globe. Denmark, France, Spain, Ukraine, and the USA are already impacted and many others might be too in the coming hours. So far, it seems that the sample is being...
phishing
Business threat intelligence | Win the fight against phishing attacks
Blueliv has one module that handles two of the main cyber threats targeted at businesses–Phishing and Cybersquatting. This module plugs into our threat monitoring Enterprise Platform Solution. For completeness, we’ll divide these threats into separate articles. First, it’s important to understand the inherent nature of these attacks. Criminals who...
Infosec
Blueliv at Infosecurity Europe 2017
This year, we had the opportunity to exhibit in this year’s edition of Infosecurity Europe (Infosec) in London, Europe’s largest and most comprehensive Information Security event, which welcomed more than 13,500 visitors including industry’s thought leaders and experts.   Threat Intelligence high in the Agenda The 22nd edition took...
threat-exchange
Blueliv Threat Exchange Network | A community of early cyber responders
Cybercrime has become a socialized industry, and as such criminals employ community knowledge and resources found on the dark web and deep web to intensify efforts. In 2016, Europol identified some startling trends that demonstrate how sophisticated cyber criminals have become. Here are some top specialties and readily available...
MRTI-Feed
Cyber Threat Intelligence Feeds | Secure your network before an attack
Which malicious malware attack does your boss need you to block today? Blueliv Cyber Threat Intelligence Feeds provide security information that’s granular, industry specific and on time. Experts from respected think tanks like Gartner and RSA agree. Knowledge-based information and targeted action are having a profoundly positive effect on...
honeypots-wannacry
What our honeypots taught us about Wannacry ransomware
WannaCry has been on the lips, and especially in the concerns of everyone these last days. As we have addressed in recent posts, Friday, 12th May, marked the beginning of a massive global campaign to spread the WannaCry ransomware (a.k.a. WCry, WannaCrypt, WCrypt, WannaCrypt0r…). The ransomware spreads through a...
wannacrypt-analysis2
WannaCrypt Malware Analysis
Last Friday, 12th May, a worm targeting outdated Windows machines was detected. The worm in question used leaked NSA exploits to propagate and dropped a variant of a ransomware called WannaCrypt. This post will try to give you an insight into the infection process, as well as the spreading...
wannacry
Wannacry Ransomware used to spread global cyber attacks
A global ransomware attack began impacting companies and hospitals across the United States, Europe, and Asia early Friday morning. Companies in more than 70 countries have reported incidents as of Friday afternoon. Computers all over the world are being locked down by a ransomware called Wannacry/Wanna/Wcry. The British government...
wannacry2
El ransomware ataca contundentemente el IBEX-35
Este viernes ha saltado la noticia de que el ransomware “WannaCry” se ha colado en los sistemas informáticos de algunas de las empresas del IBEX-35 aprovechando una vulnerabilidad de los sistemas Windows. El Gobierno británico por su parte, ha anunciado que un ataque mediante virus bitcoin ha afectado a...
credit-card-theft1
The real cost of credit card theft and how to protect your assets
Sometime in mid-February 2017, anti-fraud teams from multiple financial institutions contacted KrebsOnSecurity for help tracing the source of a credit card fraud happening in high-end restaurants around the U.S. Investigations revealed a vast majority of patrons with compromised cards dined in locations run by Select Restaurants, Inc., a management...
botnets
Peeling back the layers surrounding zombie computer botnets
What is a Botnet? To understand a botnet, you first must begin with a bot. A bot is an automated malware program or roBOT that takes control of a computerized device. That single, infected computer, or connected device, joins a larger roBOT NETwork–or BOTNET. Once hijacked, these devices transform...
corporate-blueliv
Blueliv en Securmática: La ciberseguridad aterriza en la alta dirección
Una vez más, Blueliv participará y patrocinará el congreso global de ciberseguridad, seguridad de la información y privacidad, Securmática. El congreso se llevará a cabo del 25 al 27 de abril en Madrid, y este año tendrá el objetivo de brindar una visión actualizada de cómo se está transformando...
Deep-dive-into-the-dark-web
What is the Dark Web?
Deep dive into the Dark Web The Dark Web a part of the World Wide Web made up of a variety of anonymous networks, untraceable online activity and non-referenced URLs and domains. It is only through software that enables users to browse these networks anonymously. The most common network...
315-platform-release
Platform Release 3.15: detect cybersquatting threats faster
Our latest platform release (3.15) features an amazing update in the Phishing & Cybersquatting module, giving you the ability to detect a wider variety of cybersquatting threats in a more efficient manner, making your life easier. Cybersquatting cases hit record level Cybersquatting is when a website domain is registered...
Rooted-con
Blueliv sponsors RootedCON 2017
  This year we once again sponsored RootedCON, Madrid’s annual computer security conference. Our Professional Services team shared their highlights in this blog post. Security professionals from all over the world attended to represent some of the most influential organizations in the cyber security sector. And it wasn’t only...
cyber-threat-intel-platform
Try the Blueliv Cyber Threat Intelligence Platform for free
  Do you want to improve your external threat visibility? The Blueliv Cyber Threat Intelligence Platform 14-day free trial is now available. During your trial Blueliv will look for compromised information belonging to your company (based on the domain of the email you used to register). Use the Blueliv...
rsa-usa-2017
RSA Conference USA 2017: one week on
Year after year, RSA continues to hold the title as the biggest annual IT security event. This year marked Blueliv’s third year of attendance at the renowned San Francisco conference to meet and connect with our industry peers. More exhibitors, more attendees The number of exhibitors increases each year...
313-platform-release
Platform release 3.13: enhanced data gathering
Our latest platform release (3.13) features three fantastic updates to increase customers’ cyber threat visibility and enable users to gather even more threat data than before. And of course, Blueliv’s Product Dev team have been busy implementing some user-interface enhancements. Here’s a little bit about what’s new. Brand mentions...
finance-sector-use-case
Cyber threat intel drives change in the finance sector
Our latest use case documents the implementation of targeted cyber threat intelligence to reduce the level of cyber risk challenging a major bank, and discusses common challenges relevant to financial institutions everywhere. Financial sector use case Industry: Financial Services Challenge: Inefficient management of multiple generic threat intelligence sources This...
privacy-aware
Data Privacy Day 2017 – be #privacyaware
Data has become the most valuable asset to brands big and small, but protecting it is increasingly difficult. It’s been estimated that there will be 30.7 billion connected devices by 2020. Personal data is the fuel that makes this cool new technology work. And with new technology, our attack...
rsa-conference-2017
Don’t miss Blueliv at RSA Conference USA 2017
DETECT AND REACT TO CYBER THREATS FASTER: advanced business threat search and monitoring “Most of the important things in the world have been accomplished by people who have kept on trying when there seemed to be no hope at all.” Dale Carnegie With the words of Dale Carnegie in...
isoc24
iSOC24 Morning Session: Cyber Threat Intelligence 24 Jan 2017
We’re pleased to share that we’ll be joining the agenda as a strategic vendor for iSOC24’s next ‘be in control’ morning session dedicated to Cyber Threat Intelligence in Culemborg, Netherlands. This event is aimed at organizations currently investigating this subject. The morning session will include iSOC24’s insights and experiences...
blueliv-proudest-moments-2016
2016 in review: Blueliv’s proudest moments
2016 has been an eventful year in every sense across the globe. Before we take a well-deserved break over the holidays and prepare ourselves for an even busier 2017, let’s take a look back at seven key milestones Blueliv has accomplished this year. We’d like to wish our customers...
corporate-blueliv
Why Vawtrak v2 could be the next major banking Trojan
Neira Jones, Non-Executive Director Cognosec, Partner Global Cyber Alliance and industry influencer shares her thoughts on the evolution of banking Trojans and digital transformation in the finance sector in our new white paper. Think more like a criminal… This came to my attention through the excellent report published by cyber...
computer-security-day-2016
Computer Security Day 2016: Make a date with our malware sandbox
Today marks Computer Security Day 2016. Our responsibility to ensure the security of our networks and connected devices is ‘always on’ in an age when we are heavily dependent on being online just to function normally. But, it’s always good to pause and remind ourselves about how important it...
corporate-blueliv
Blueliv Invites Soltra Edge Users to Join Free Intelligence Sharing Platform
Blueliv Threat Exchange Network reassured by recent acquisition of Soltra Edge in continued effort to encourage collaboration and intelligence sharing in cyber security industry. BARCELONA, Spain – Nov. 28, 2016 – PRLog — Blueliv, a leading provider of cyber threat intelligence, today broadcast the availability of the Blueliv Threat Exchange Network, a free intelligence...
corporate-blueliv
Blueliv in Gartner’s Hype Cycle for Infrastructure Protection 2016
In 2016, the threat level to enterprise IT continues to be at very high levels, with daily accounts in the press of large breaches and attacks. No single safeguard will protect your organization against all possible attacks, hence, difficult investment choices must be made to select the right mix...
industry-blog
Don’t end up in the dark this Black Friday
Don’t end up in the dark this Black Friday! Online sales in the US are predicted to increase by over 13% this Black Friday vs. 2015, surpassing $3billion. Is your IT infrastructure up to the challenge ?   Recently we’ve been blogging about the importance of a resilient network...
Demo Free Trial Community