Blog

The Blueliv blog is home to the latest threat intelligence analysis, content from investigations, corporate news, information about our modular cyberthreat intelligence solutions, and more. Take some time to explore the archives and perspectives from our intelligence analysts and management team.

corporate-blueliv
ThreatStream and Blueliv announce a partnership to offer unique cyber threat intelligence
Following our intelligence sharing philosophy, we are happy to announce our alliance with ThreatStream. From today, the Blueliv Threat Intelligence Feed will be part of the ThreatStream Alliance of Preferred Partners (APP) store, allowing its users to have access to unique intelligence about verified online crime servers conducting malicious...
Blueliv-Releases-Q3-2015-Global-Cyber-Threat-Report
Blueliv Releases Q3 2015 Global Cyber Threat Report
  Between July and September 2015 Blueliv detected and analyzed 5.5 million stolen credentials and credit cards, 300,000 targeted malware samples, and 500,000 crime servers through its cyber threat intelligence platform. Now, we want to share the analysis of this data with you in our Blueliv Global Cyber Threat Report. THEFT...
Revisiting-the-latest-version-of-Andromeda-Gamarue-Malware1
Revisiting the latest version of Andromeda/Gamarue Malware
Andromeda Malware aka Gamarue Malware has been prevalent since it came into limelight a couple of years ago. Also, the author keeps it well updated ever since. With respect to its earlier avatars, it has gone through several changes from anti-analysis to a change in protocol format. Some excellent write-ups...
corporate-blueliv
Secure Group and Blueliv announce strategic partnership to deliver Security Intelligence in Italy
We continue expanding globally and today, we are happy to inform you that we have signed a strategic partnership with Secure Group, the Security Division of Yotta Tecnologie and the leading Italian Managed Security Services Provider. With more than 15 years in the market, Secure Group offers their customers...
Dridex-reloaded
Dridex reloaded?
Dridex has been the scourge of banks regarding bank data and credential theft as well as fraud in the last 12 months. Cyber criminals have been improving the network following the special cases and problems they have faced depending on the financial institutions they have attacked. They have also...
corporate-blueliv
Blueliv supports the 2015 National Cyber Security Awareness Month
October 1 marked the start of the 12th annual 2015 National Cyber Security Awareness Month (NCSAM), led by the National Cyber Security Alliance (NCSA), and we are happy to announce that Blueliv is supporting it. As an official champion, we recognize our commitment to cybersecurity and online safety. Celebrated every October, National...
corporate-blueliv
Blueliv supports the 2015 National Cyber Security Awareness Month
Blueliv has developed an input plugin for Logstash that, with the help of the ELK stack, provides real-time, actionable cyber threat intelligence to help organisations understand the scale of cyber threats currently aligned against them.  Why the ELK stack? Most companies that are defending themselves against these attacks use some...
industry-blog
Collaborative Information Exchange Models to Fight Cyber Threats
The fight against cybercrime should take on a new direction. It should utilize the collaborative models of social media also referred to as Web 2.0 technologies that allow for the socialization of the fight against cyber threats through a community or group. This is how we can overcome the...
October-events
October events
Experts from Blueliv are going to participate in a range of events in October. We want to share them with you, as they might be of your interest, that’s why we invite you to find out about them bellow. Cyber Security 2015 “Act Differently”, 3-4 October, Stresa, Italy. Blueliv...
Introduction-to-honeypots
Introduction to honeypots
As most of you already know, honeypots are hosts that act as a bait, exposing services on the internet in order to lure attackers. Below is a honeypots introduction. Using honeypots, security researchers can: Monitor the attackers’ activity on the internet. Discover possible vulnerable services being exploited by an...
corporate-blueliv
Blueliv, speaker at the next Barcelona Elastic Meetup
We are really happy to announce that Blueliv will participate in the next Barcelona Elastic Meetup, which will take place on October 7th at Itnig. There, João Alves, Software Engineer at Blueliv, will give a presentation. Here  is an abstract: Every day thousands of companies worldwide are affected by...
corporate-blueliv
La socialización de la lucha contra las ciberamenazas
La revista de ciberseguridad SIC ha publicado en su número de septiembre el artículo escrito por Daniel Solís, CEO de Blueliv, La socialización de la lucha contra las ciberamenazas. La lucha contra el cibercrimen debe tomar una nueva dirección en la que modelos colaborativos 2.0 permitan socializar la lucha contra las ciberamenazas mediante una comunidad...
corporate-blueliv
Splunk App for Blueliv tutorial
As you may already know, the Splunk® App for Blueliv is available for users to be able to access the Blueliv’s Cyber Threat Information Intelligence Feed through Splunk console. Below you will find a Splunk App Blueliv tutorial to help you set it up and use it effectively. The...
Botnets-and-C&C-Trial
Botnets and C&C Trial: Detect Infections in your Computer and Retrieve Compromised Credentials
Botnets and other malicious software attacks that compromise corporate PCs are increasing at an alarming rate and growing in sophistication. In the first half of the year, Blueliv detected and analyzed more than 10 million stolen credentials and credit cards and is now tracking more than 220,000 live crime...
corporate-blueliv
September events
August is getting to its end and it’s time to think of the coming school year, which is around the corner full of new projects. At Blueliv we are more than ready for the coming months and today we would like to inform you about the cyber security events taking...
industry-blog
Want to fight cyber threats? Start collaborating
It is universally known that no one, be it an individual or a company, can hope to find and neutralize every threat that can be found out in the wild. In cyber crime there is a tendency towards industrialization. You can find forums and marketplaces where services (such as...
Blueliv-Releases-Q2-2015-Global-Cyber-Threat-Report
Blueliv Releases Q2 2015 Global Cyber Threat Report
Through its cyber threat intelligence platform Blueliv detected and analyzed 5 million stolen credentials and credit cards, 200,000 targeted malware samples, and 500,000 crime servers between April and June 2015. THEFT OF CREDIT AND DEBIT CARD INFORMATION In the second quarter of 2015, the US has continued to be the...
research-blog
Blueliv discovers the Alina variant – Joker
Joker malware is a Point of Sale malware that was developed using, as a baseline, the Alina POS source code. After tracking it for some weeks, we’ve realized that behind the malware there is a dedicated effort towards developing and improving the sample. We have got our hands on...
corporate-blueliv
Are your IPs infected? Check it now!
We are excited to introduce to you a new IP infection detection tool on our community: you can now look up an IP and see if it belongs to crime servers reported on our Cyber Threat Intelligence platform. Further information such as the domain, the country where this IP...
corporate-blueliv
Cyber Threat Data Feed, ultra fresh intelligence at your fingertips
We are pleased to announce that we have launched the Cyber Threat Intelligence Data Feed which will allow any organization to track the threats that are aligned against it in real-time and to quantify and qualify what attack vectors are being used by malicious attackers. Cyber Threats have become the most common...
corporate-blueliv
Empowering your ELK stack with Blueliv plugin
We have just released a new application for ELK stack. The ELK stack contains Elasticsearch, Logstash, and Kibana. Although they have all been built to work exceptionally well together, each one is a separate open source project that is driven by Elastic. The role of each of these technologies is divided as...
Introduction-to-Android-Malware
Introduction to Android Malware
Hello everyone! As some of you already know, mobile threats are on the rise. Every day there are more and more mobile devices, which translates in more targets for the malware industry. But, as we always say, the best weapon against malware is knowledge. For this reason, we bring...
corporate-blueliv
We will paticipate at the Innovation in cyber security applied to the protection of digital identity summer course
Next week we will participate in the Innovation in cyber security applied to the protection of digital identity summer course. The course, which is organized by the Rey Juan Carlos University, will take place from July 6th to 8th in Aranjuez. There will be a space dedicated to startups and...
corporate-blueliv
We keep growing and internationalizing!
Some months ago we told you we moved into a bigger new office in Barcelona. Today we are glad to let you know we have opened two new international offices to be more accessible to our worldwide clients and increase the internationalization of the company: London and San Francisco....
research-blog
Webinar. Chasing the Cyber Crime: network insights of Dyre and Dridex Trojan Bankers.
We would like to invite you to the Chasing the Cyber Crime: network insights of Dyre and Dridex Trojan Bankers webinar on the 8th of July.  As you may already know, in the current landscape of Trojan Bankers, Dyre and Dridex are the most nefarious ones due to the amount of infections...
corporate-blueliv
We will be at BSides Lisbon 2015
Next week, July 3rd, we will be sponsoring BSides Lisbon 2015. The security conference will consist of two tracks with really interesting security talks.   We want to give you the opportunity to attend the conferences and that’s why we are offering 3 free tickets to the first three people that...
Why-is-Blueliv-Gartner-cool
Why is Blueliv Gartner “cool”?
Recently Blueliv has been designated a Cool Vendor in Communications Service Provider Security, 2015 and in this post I want to try and encapsulate what was it that made us “cool”. The Blueliv solution has a number of key features that will make it immediately apparent why Gartner has labelled...
research-blog
Introduction to Blueliv’s API, part1
Greetings everyone! Today we want to introduce you a little bit more to our API and show you all the amazing things you can do with the data. This post is the first of a series that we plan to write in order to make things easier for you...
corporate-blueliv
Python SDK to access our Cyber Threat Intelligence API, updated
We have just updated the Python SDK to access our API. Using our Python SDK allows you to take advantage of our cyber-threat intelligence data faster, requiring less coding than using it manually. Taking into account the feedback provided by our users, we decided to improve our Python SDK...
corporate-blueliv
Blueliv named a “Cool Vendor” by Gartner
We are proud to announce that Blueliv has been included in the list of “Cool Vendors” in the 2015 report titled, “Cool Vendors in Communications Service Provider Security, 2015” by Deborah Kish, Akshay K. Sharma, Craig Lawson at Gartner, Inc. This is the first year that Gartner has selected...
industry-blog
Threat Intelligence & RSA
Cyber Defense Magazine has just published the following article of Nahim Fazal, Head of International Business Development at Blueliv. RSA 2015 was very much the year of Threat Intelligence. That is the overwhelming sensation one is left with as the dust settles on the RSA conference for this year. Perhaps more...
research-blog
Performing automated Yara Q&A with Cuckoo
As it is well known, Cuckoo Sandbox is a malware analysis system which allows us to customize both processing and reporting stages. In this context, we can feed Cuckoo with Yara Rules based not only on the content of malware, but also on its behavior. One of the most prominent issues...
corporate-blueliv
Want different results? Quit doing the same. Interview with Daniel Solis, CEO & Founder
In one phrase, define Blueliv. We are the innovators, the paradigm-shifters. We’re a company dedicated to fighting cyber threats in ways no one has ever done before. With this approach, we’re able to view cyber threats and attacker characteristics from an unconventional perspective and successfully anticipate targets and potential outcomes....
Fighting-cyber-crime-by-using-Splunk
Fighting cyber crime by using Splunk
As we told you in the post about our free API, threat intelligence is the key factor in the fight against cyber crime and cyber threats, mostly because this intelligence helps you and your organization to prevent and mitigate attacks. But the issue usually is gathering this information. That’s...
Blueliv-Releases-Q1-2015-Global-Cyber-Threat-Report
Blueliv Releases Q1 2015 Global Cyber Threat Report
  Blueliv reveals startling scale of cybercrime, pinpoints geolocations most affected Dyre and Dridex, the most nefarious banking Trojans Blueliv releases its Cyber Threat Report, revealing detailed figures on criminal online activity in the first quarter of 2015. Through its cyber threat intelligence platform between January and March 2015, Blueliv...
corporate-blueliv
New Splunk App for Blueliv
Blueliv has just released a new application for Splunk®. Splunk is an event analyzer that collects data generated by any source and provides the user with tools and dashboards to analyze and correlate this data.  With this App, Splunk users will be able to access the Blueliv’s Cyber Threat...
corporate-blueliv
We are pleased to share our cyber space video with you!
We are pleased to announce that Blueliv’s video is ready for the cyber world to view. The video, based on a cyber space video game, explains how our targeted cyber threat solution can turn global threats into predictive and actionable intelligence. Thinking from new perspectives is what we do. We dig...
research-blog
Ciberamenazas emergentes. A qué nos enfrentamos y cómo lo combatimos
La revista de ciberseguridad SIC ha publicado en su número de abril el artículo escrito por Ramón Vicens, VP Threat Intelligence de Blueliv, y Víctor Acín, analista de Threat Intelligence de Blueliv, Ciberamenazas emergentes. A qué nos enfrentamos y cómo lo combatimos. En los últimos años las bandas del...
corporate-blueliv
Join Blueliv in the fight against cybercrime with our free API
From Blueliv we believe that sharing expertise and intelligence is the key to get the upper hand in an ever-changing war on cyber crime. But the issue, usually, is where to acquire this information. We think that fighting e-crime should be a possibility for everyone, and for that reason,...
Blueliv-Releases-Q1-2015-Global-Cyber-Threat-Report
Chasing cybercrime: network insights of Dyre and Dridex Trojan bankers. (Report)
Trojan Bankers are a family of botnets that specialize in stealing information related to the financial sector and user data in order to sell it in underground marketplaces, some of them, also perform wire transfers using these credentials or by taking control of the infected computer. Due to the...
corporate-blueliv
Blueliv Cyber Threat Map
We are pleased to announce that we have just launched an interactive Cyber Threat Map which shows in real time the geolocation of cybercrime servers that are actively engaged in criminal activity such as credit card theft, credential theft or malware distribution. And anyone can access it via our...
Blueliv-will-be-at-Securmatica-next-week
Blueliv will be at Securmatica next week
As the previous years, Blueliv will be participating at Securmatica next week. The security congress will take place from April 21st to 23rd in Madrid and will focus on innovation and change, with the title Innovación y cambio: Manos a la obra (Innovation and change: Get down to work). In...
corporate-blueliv
Visit Blueliv at RSA booth #321
Stop by the Blueliv booth #321 at the annual RSA security conference to see how our Targeted Cyber Threat Intelligence Platform can turn global threats into predictive, actionable intelligence and help stop cyber threats against your organization. Join us at booth #321 South Hall, learn more about the latest discovered...
Main-PoS-infection-techniques
Main PoS infection techniques and how to avoid them
Stealing payment card data has become an everyday crime that yields quick monetary gains. The goal is to steal the data stored on the magnetic stripe of payment cards, clone the cards, and run charges on the accounts associated with them or even burn credit card track information into...
industry-blog
How could UBER accounts have been compromised?
Uber is an American company that develops and operates a mobile application that allows users to provide and employ transporting services for people. Motherboard reported last week that thousands of active Uber accounts are for sale in black markets located in the dark web. After investigating the issue, Uber...
industry-blog
How to avoid a Dridex infection?
In the recent days we have been seeing a lot of commotion around the botnet Dridex. This improved version of Dridex is proliferating thanks to an effective phishing campaign. Taking advantage of the proximity of the annual tax declaration, the organization behind this botnet is sending emails to unsuspecting...
corporate-blueliv
We will be at Sthack 2015
This Friday, March 27th, the security conference created in 2011 by the Ingesup Computer Security club Sthack will take place in Bordeaux. Blueliv will be there and Ramon Vicens, Threat Intelligence VP, and Victor Acin, Threat Intelligence Analyst, will offer the talk “Cyber Threats – The reality”, with the aim...
research-blog
The Equation Group: a new degree of sophistication in APT attacks
The Equation Group, what do we know so far? The topic of APT’s and state sponsored espionage has been back the news over the last few weeks. Based in the excellent and in-depth report of Kaspersky Labs “Equation Group: Questions and answers“, it seems that the level of sophistication...
corporate-blueliv
Blueliv will be at Rooted CON 2015
This week a new edition of the security conference Rooted CON will take place in Madrid, March 5 – 7. There, our CEO Daniel Solis will be participating at the RootedPANEL ¿Tiene que dar alguien el carnet de hacker? (Does somebody have to give the hacker license?), March 5th at 17:30....
We-will-be-at-4YFN-Mobile-World-Congress
We will be at 4YFN – Mobile World Congress
Over the course of four days, 2-5 March 2015, Mobile World Capital Barcelona will host the world’s greatest mobile event: Mobile World Congress.  We are proud to participate in the first Telefónica Open Future Showcase, which is part of 4YFN and will take place on Tuesday at 16.30 in...
corporate-blueliv
Tomorrow Blueliv will be at Detect & Defend
Tomorrow we will be participating in Detect and Defend 2015, a security congress organized by IT Cube that will take place in Fürstenfeldbruck, Germany. 200 attendants are expected and international security experts will offer their point of view on Cyber Security. Blueliv will also be there and Nahim Fazal,...
corporate-blueliv
Blueliv will be at RSA 2015
We are pleased to announce that Blueliv will be participating in the RSA Conference 2015. The conference will be hold in San Francisco April 20-24. The RSA conference is one of the most recognized IT security events worldwide. Roughly 25.000 people attend the conference every year to experience hundreds...
corporate-blueliv
We have moved to our new office in Barcelona!
After some days surrounded by boxes and other unimaginable items that we didn’t even know we had, at last we can inform that we have moved to our new office in Barcelona. Our team has grown in the last months and we were running out of space, so now...
corporate-blueliv
We are pleased to share our new website with you!
We are pleased to announce that our new website is live and ready for the world to view. With simplicity, ease of use, and accessibility in mind, we have lined our menus to give a quick access to the items you are looking for. Apart form the company information...
industry-blog
Actionable Approach to Fighting Cybercrime using Cyber Threat Intelligence
Cyber Defense Magazine has recently published the following article of Dennis Lee, Territory Manager North America at Blueliv. Organizations are finding themselves in a world where having defensive controls like a firewall, secure datacenter and stringent security policies is simply not enough. In 2014, we’ve seen companies like JP Morgan Chase, Sony...
Demo Free Trial Community Newsletter