Blog

The Blueliv blog is home to the latest threat intelligence analysis, content from investigations, corporate news, information about our modular cyberthreat intelligence solutions, and more. Take some time to explore the archives and perspectives from our intelligence analysts and management team.

corporate-blueliv
Why Vawtrak v2 could be the next major banking Trojan
Neira Jones, Non-Executive Director Cognosec, Partner Global Cyber Alliance and industry influencer shares her thoughts on the evolution of banking Trojans and digital transformation in the finance sector in our new white paper. Think more like a criminal… This came to my attention through the excellent report published by cyber...
computer-security-day-2016
Computer Security Day 2016: Make a date with our malware sandbox
Today marks Computer Security Day 2016. Our responsibility to ensure the security of our networks and connected devices is ‘always on’ in an age when we are heavily dependent on being online just to function normally. But, it’s always good to pause and remind ourselves about how important it...
corporate-blueliv
Blueliv Invites Soltra Edge Users to Join Free Intelligence Sharing Platform
Blueliv Threat Exchange Network reassured by recent acquisition of Soltra Edge in continued effort to encourage collaboration and intelligence sharing in cyber security industry. BARCELONA, Spain – Nov. 28, 2016 – PRLog — Blueliv, a leading provider of cyber threat intelligence, today broadcast the availability of the Blueliv Threat Exchange Network, a free intelligence...
corporate-blueliv
Blueliv in Gartner’s Hype Cycle for Infrastructure Protection 2016
In 2016, the threat level to enterprise IT continues to be at very high levels, with daily accounts in the press of large breaches and attacks. No single safeguard will protect your organization against all possible attacks, hence, difficult investment choices must be made to select the right mix...
industry-blog
Don’t end up in the dark this Black Friday
Don’t end up in the dark this Black Friday! Online sales in the US are predicted to increase by over 13% this Black Friday vs. 2015, surpassing $3billion. Is your IT infrastructure up to the challenge ?   Recently we’ve been blogging about the importance of a resilient network...
corporate-blueliv
Platform release 3.11: making customers’ lives easier
The Product Dev team here at Blueliv is all about delivering continuous improvement to create a top-notch user experience. The latest Blueliv Threat Intelligence Platform release 3.11 includes five key updates designed to make life a little easier for customers. Extra security has been built into two-factor authentication to...
Mirai_code_2
Mirai: the people’s botnet
Mirai-botnet, the infamous IoT botnet, has struck again, and this time it almost took down an entire country; Liberia. Mirai botnet is a botnet that attempts to infect Internet of Things (IoT) devices to perform DDoS attacks, and was recently used to perform the largest DDoS attack ever which...
ransomware
Ransomware – an up-to-date overview
Overview The Blueliv Threat Intel Research Labs team has recently analyzed a large amount of ransomware samples to obtain a global overview on the status quo of this malware family. We’re sharing our conclusions here. Think before you pay We’ve found that in some cases, ransomware encrypts your data...
NCSAM-2016-Building-resilience-in-critical-systems
NCSAM 2016: Building resilience in critical systems
Connectivity is critical nowadays, and we expect a highly reliable connection wherever we are, whatever we’re doing. Our dependency on being online forms a fundamental part of our global infrastructure; without the internet, electricity supply, transport and communication would quickly come to a standstill. Protecting our networks is therefore...
industry-blog
Some tricks look like treats: using Threat Intelligence to improve your cyber threat visibility
Social engineering techniques date back to classical mythology. Social engineering can take many different forms, yet the basic concept hasn’t evolved since the Ancient Greeks deployed the Trojan horse. And as cyber security professionals, Trojan is a term we reference nearly every day. So why, in 2016, do we...
industry-blog
Our continuously connected lives: What’s your ‘apptitude’?
Recent news headlines reported one of the largest DDOS (Distributed Denial of Service) attacks to date. DNS service provider Dyn suffered multiple network outages affecting popular sites including Twitter, Github and Etsy as a result of this attack, of which we know one source of traffic was the Mirai...
industry-blog
NCSAM 2016: Recognizing and combatting cybercrime
As we mark week three of National Cyber Security Awareness Month, we’re pausing to take stock of the many different forms of online crime. At Blueliv, we’re focused on fighting the bad guys who threaten the security and net worth of organizations across all industries. But we’re very familiar...
industry-blog
From the Break Room to the Board Room: creating a culture of cyber security in the workplace – a start-up’s perspective
This October, we’re supporting National Cyber Security Awareness Month as an official champion. NCSAM is celebrated every October and marks a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online. No matter how many faces fill...
industry-blog
NCSAM 2016: The basic steps to online safety and security
Blueliv is proud to be supporting National Cyber Security Awareness Month 2016. NCSAM is celebrated every October and marks a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online. This week the NCSAM champions have one...
ransomware
From Barcelona to London: Blueliv at RANT! Risk and Network Threat forum
This week Blueliv sponsored its first RANT forum event at The Counting House in London to share the findings from the recent technical investigation into banking Trojan Vawtrak v2. Ramon Vicens, VP of Threat Intelligence Research Labs, talked through the analysis and was met with lively debate from the...
310-platform-release
3.10 Platform Release: Faster and smarter incident management
We’re pleased to announce the latest release of the Blueliv Cyber Threat Intelligence Platform. Release 3.10 brings you a number of functional improvements and new automated features to improve the efficiency of your SOC team and simplify the task of analysing and responding to threats. Here are a few...
Vawtrak
Vawtrak v2: The next big banking Trojan
This month Blueliv Threat Intelligence Research Labs team has published an exclusive report revealing the most complete picture of Vawtrak v2 malware seen to date. Vawtrak is a serious threat to the finance sector and is predicted to be the next major banking Trojan. Chasing cybercrime: Network insights into...
corporate-blueliv
Gartner includes Blueliv in “Innovation Insight for MRTI” 2016 report
We’re pleased that Blueliv has been mentioned in the Gartner 2016 “Innovation Insight for Machine Readable Threat Intelligence (MRTI)” report as one of the: “Example Providers of Commercial Threat Intelligence Feeds You Can Acquire” and “Example Vendors That Help You Aggregate Threat Intelligence” The report, written by cyber security analysts Craig...
corporate-blueliv
Blueliv sponsors and attends CyberSecurity MeetUp, Helsinki
Blueliv was a proud sponsor of the recent CyberSecurity MeetUp held at Microsoft in Helsinki on 31 August 2016. Our very own Ramon Vicens, Research Labs VP, took part in the agenda to showcase the Blueliv Threat Exchange Network and share insight on innovation, social communities and sharing intelligence...
Vawtrak
Vawtrak banking Trojan: a threat to the banking ecosystem
Today marks the start of c0c0n International Cyber Security and Policing Conference 2016 where our Labs Research expert, Raashid Bhat, will be sharing insight into the threats posed by the Vawtrak Trojan, one of the most prevalent banking Trojans around today. It promises to be an unmissable session based...
industry-blog
Hacking group Shadow Brokers infiltrate NSA Equation Group
Militarization of cyberspace is no longer a novelty. Instances of governments using sophisticated zero-day malware against other nations’ organizations and industry have been seen before now. This week a previously unknown group calling themselves “Shadow Brokers” claimed to have infiltrated a server belonging to Equation Group, a hacking group...
threat-exchange-network
New Release of Blueliv Threat Exchange Network
Cyber-criminals are very well organised and typically operate as part of highly sophisticated and specialised criminal organizations. Needless to say, in terms of the skills and methods used they are often years ahead of the businesses and establishments they target. In response, companies are increasingly hiring cyber security specialists,...
Ransomware chronology
Ransomware – How to defend yourself against it
What is Ransomware? Ransomware is a type of malware that has lately been increasingly in use by the cyber criminals. In order to profit from the distribution of Ransomware, the bad guys have been targeting numerous businesses and large organizations around the world. In essence, the Ransomware malware is...
National-Cyber-Security-Awareness-Month-2016-Champion
Blueliv Becomes the “National Cyber Security Awareness Month 2016” Champion
We are happy to announce that Blueliv is supporting the National Cyber Security Awareness Month (NCSAM) 2016. NCSAM was created as a collaborative effort between government and industry to ensure all digital citizens have the resources needed to stay safer and more secure online while also protecting their personal...
309-platform-release
Version 3.9 Platform Release feat. NEWS
While you guys have been fine-tuning your cyber defence strategies and finding ways to further improve your overall security postures, we have been busy making improvements to our Threat Intelligence Management Platform. As always, our clients have been really helpful and awesome by providing us with valuable feedback, and...
Inside-Tinba-Infection-Stage-2
Inside Tinba Infection: Stage 2
This is a continuation of the first Tinba post, which is part of a series of posts on how Tinba gradually infects a system. Before we jump into analysis, let’s do a quick recap of the previous actions performed by Tinba and described in the STAGE 1 post: Prepares...
Cyber-Attacks-Targeting-SWIFT
Cyber Attacks Targeting SWIFT – Recap
SWIFT stands for Society for Worldwide Interbank Financial Telecommunication, and its purpose is to allow banks and financial institutions in general to communicate securely. It is used in the exchange of information between banks, such as transactions. In this post you will get a short summary of the incidents...
GoIgnite
Blueliv winner of Go Ignite, the scale up program led by four world class telcos
Go Ignite, an alliance between four telecoms, announced last week the five winners selected from its inaugural call for start-ups launched at Mobile World Congress 2016, which attracted over 142 applications from the global start-up community. The winners were selected from the following categories: cyber security, big data analytics,...
money-conf
MoneyConf 2016: Machine Learning, Big Data and Data Privacy
Blueliv was thrilled to participate for the first time in the latest edition of MoneyConf 2016, based in Madrid. The event offered us the possibility, to attend select panel sessions and participate to roundtables with Top-level financial decision makers and introduce our Cybersecurity solution. We also had the privilege...
Gartner-summit
The Gartner Security Summit Washington DC 2016
Blueliv had the pleasure of spending a couple of days with the wider Gartner community at Gartner’s annual security conference held in Washington DC. The event lasted three and a half days and covered a wide range of security topics. The purpose of this blog post is to cover...
money-conf
We will be at MoneyConf, where the world’s biggest banks and tech firms meet
Next week we will be exhibiting at MoneyConf, which is hitting Madrid on June 21 and June 22. MoneyConf focuses on the future of finance where the world-leading financial institutions will mix with the most promising tech startups, such as Blueliv. Leading financial institutions find themselves facing a rising...
Inside-Tinba-DGA-Infection-Stage-1
Inside Tinba-DGA Infection: Stage 1
Tinba DGA is a bank trojan that was first discovered in 2012. It is mainly distributed through malware spam emails or malvertising. Although not a new threat, Tinba is still one of the used trojans by criminals to steal online banking sensitive information. There are a number of papers on how...
infosecurity2016
Blueliv at Infosecurity Europe London
We are happy to announce that next week Blueliv will be attending the Infosecurity conference in London, which will welcome the industry’s leading thought-leaders, practitioners, policy-makers and analysts. The 21st edition of Infosecurity Europe, Europe’s largest and most comprehensive Information Security event, will see more companies exhibit than ever...
corporate-blueliv
Blueliv at Gartner Security and Risk Management Summit
Next month on 13th of June Blueliv will attend the Gartner Security & Risk Management Summit in Washington, D.C. Gartner Security and Risk Management Summit 2016 provides attendees with proven practices and strategies needed to maintain cost-effective security and risk programs to support digital business and drive enterprise success. The...
corporate-blueliv
Blueliv continues with a strong momentum
We are happy to share the news of an unprecedented momentum we are currently experiencing at Blueliv with you. Last year we were named Gartner Cool Vendor in Communications Service Provider Security, where we were selected as one of the most promising, valuable, and innovative companies that enable telecoms...
corporate-blueliv
Blueliv is selected as part of Momentum Partners Cyber Security Review Q1 2016
We are happy to announce that Blueliv has been included in the Momentum Partners Q1 2016 Cyber Security Market Review as one of the most interesting companies in the Threat Intelligence field. Momentum Partners has completed their selection from the 1,500+ cyber security companies the firm tracks globally. Input...
Adaptive Security Model
Possible approaches to adaptive security
Traditional approaches to integrating cyber threat intelligence into an adaptive security model have relied very heavily on utilizing open source threat intelligence feeds and integrating these into a SIEM. The thinking behind this may have well been that the crowd-sourced threat intelligence is just as good if not better...
Securmatica-2016-Recap
Securmatica 2016 Recap
Last week the 27th annual Spanish security congress Securmatica took place. The purpose of the summit was to analyze the key factors in the cyber security industry, to showcase cyber defence strategies of leading companies, and to highlight the benefits of the collaborative models to fight cyber-crime. Blueliv together...
corporate-blueliv
Fast and affordable threat intelligence for MSSP
Rapidly changing threat vectors are too overwhelming for most medium-sized and large businesses to take on alone. They lack qualified, dedicated cyber threat intelligence professionals, because these resources are scarce and costly. They typically rely on specialized MSSPs to establish an effective, strategic response to current cyber threats. With Blueliv...
threat-exchange-network
Here is the Blueliv Threat Exchange Network!
This week marks an important milestone for us here at Blueliv with the announcement of our Threat Exchange Network (beta version). A new release of our strong collaborative community is out to continue fight cyber crime together. Blueliv Threat Exchange Network is designed to share IoCs such as IPs, URLs...
Malware-grabbers-and-their-behavior
Malware grabbers and their behavior
Malware is made to serve very different kinds of purposes, which depend on the objective of the authors. Nowadays, there is a very large number of samples that exist and it is common to classify them into different categories based on their behavior. This post provides an overview of...
corporate-blueliv
Blueliv will be at Securmatica
As the previous years, Blueliv will be sponsoring the standout infosec event Securmatica. The security congress will take place from April 26th to 28th in Madrid with the title “¿Qué le está pasando a la ciberseguridad?” (What is happening in the cyber security landscape?).  This edition aims to analyze which are...
Cyber-Security-Trends-2016
Cyber Security Trends 2016: Prevention, defence and reaction are priorities
The complexity of cyber threats will keep on growing so that traditional security measures will be unable to reduce them. CISOs will be forced to rethink on how to operate in the cyberspace and to adapt resilience to this new situation. There will be new threats and highly sophisticated attacks...
corporate-blueliv
Blueliv at “The new security paradigm” Telefonica’s event in Paris
Next April 5th we will participate in the Telefonica’s event “The new security paradigm: innovation and proactivity”, which will take place in Paris. The security landscape is constantly changing with new threats, and the products and solutions associated with preventing them, emerging all the time. Jordi Garasa, our VP Sales...
corporate-blueliv
Summary of the Security Conference RootedCON’16
As some of you might know, we’ve been sponsoring this year’s edition of the  cyber security RootedCON16 conference which took place in Madrid last week. This Spanish security conference is focused on showing innovative techniques and researches that can be of interest for security professionals and enthusiasts, and it lasts...
RSA-2016-Recap
RSA 2016 Recap!
Last week was an exciting week for all of us at Blueliv who were fortunate enough to attend the RSA 2016 Cyber Security Conference in San Francisco where we had a booth in the South Hall. The energy at the conference was amazing and people really seemed to love...
Antihooking-techniques-used-by-Andromeda-aim-to-defeat-Cuckoo-like-sandboxes
Antihooking techniques used by Andromeda aim to defeat Cuckoo-like sandboxes
Some sandboxes, for example, Cuckoo Sandbox, implement a technique known as hooking. The hooking of functions allows the programmer, user or analyst to intercept calls, messages or events passed between a program and its libraries. This is very useful when analyzing malware because it allows the reverse engineer to view...
corporate-blueliv
Blueliv supports Rooted CON 2016
Next week a new edition of the Rooted CON 2016 computer security conference will take place in Madrid, March 4 – 7 and we are proud to announce that we will sponsor the conference. The computer security conference Rooted CON born with the purpose of promoting the exchange of knowledge between members of...
corporate-blueliv
Video: Get started using our malware analysis sandbox today
A couple of weeks ago we launched a new community feature, our online malware analysis sandbox and now, it’s time to show you how it works and the varied functionalities it offers to our community users. At Blueliv we are focused on trying to make cyber intelligence available for...
corporate-blueliv
Meet Blueliv team at RSA, booth S738
The countdown begins for the most established IT security event in the world, RSA Conference. As a proud participant in RSA, we invite you to join us at booth #S738 South Hall in San Francisco, February 29 – March 4 where you’ll have the opportunity to see how our Targeted and Automated Threat Intelligence Solution...
research-blog
Tracking the footprints of PushDo Trojan
PushDo Trojan is a downloader trojan responsible for downloading its spam counterpart and other malicious Trojans. Since its beginning, it has evolved into many different versions and in this blog post, we will make a deeper analysis of it. The Packer PushDo Trojan often comes along with a packer, which...
corporate-blueliv
Visit Blueliv at RSA Conference, booth #S738
It’s that time of the year again – time for one of our favorite conferences, RSA! Last year was our first year at RSA and we are thrilled to be returning as a sponsor of the 2016 RSA Conference in San Francisco, California. From February 29th to the March 4th,...
Adaptive-Security-Architecture-to-protect-companies
Adaptive Security Architecture to protect companies from Advanced Attacks
Adaptive security will become one of the key phrases you will hear over and over again this year. As with many new concepts, the term itself can be hindered by the varied definitions people attach to it and the context within which it is used. In this instance I...
corporate-blueliv
The best of Blueliv’s blog: Most read posts of 2015
Catching up on some reading this week? We took a look back at Blueliv’s blog posts in 2015 to see which stories were most read by our audience and came up with 10 best Blueliv’s blog posts for the last year. It was a year full of huge stories...
corporate-blueliv
Merry Christmas and Happy New Year!
At the holiday season, our thoughts turn to those who have made Blueliv’s progress possible. It is in this spirit we would like to say: Thank you and best wishes for the Holiday Season and coming New Year! Blueliv team
Demo Free Trial Community Newsletter