Blueliv 2022-03-31 13:59:39
An RCE vulnerability affecting Spring Core’s JDK 9 and later has become a trending topic in cybersecurity networks during the past couple days. This discovery, compared by some to the Log4Shell vulnerability, ...
The Russia-Ukraine crisis shakes up the cybercriminal ecosystem
Table of Contents Introduction Russian Side UNC1151/Ghostwriter/TA445 The Red Bandits Conti Team Ukrainian side IT Army of Ukraine Anonymous Belarusian Cyber Partisans AgainstTheWest (ATW) Network Battalion 65′ (NB65) Underground forums position Raidforums ...
The 10 biggest cyber threats facing the financial services industry
Considering the sensitive information it holds, it’s no wonder that the financial services industry continues to be one of the most targeted sectors by today’s cybercriminals. Recent societal and technological changes in ...
Best of 2021 – State of Underground Card Shops in 2021
(life after Joker’s Stash) Table of Contents Introduction Active credit card shops FERum Shop Brian’s Club Thefreshstuffs Missing Credit Card Shops ValidCC VaultMarket Rescator Conclusions Introduction On February 15, 2021, ...
Best of 2021 – Combating COMB: 3.2 billion credentials leaked in breach compilation
2021 has barely begun and we have already witnessed what appears to be the biggest compilation of breached credentials in our lifetime. The Compilation of Many Breaches (COMB) was recently made available ...
ShinyHunters leaks Wirecard Brasil data
Summary On November 4 2021, the threat actor known as ShinyHunters leaked data belonging to PagSeguro-owned online payment solution Wirecard Brasil via Raidforums. The data, which is only partially available, included personally ...
The most critical vulnerabilities right now – November 2021
From SolarWinds to the first of many Microsoft 0-days, the first half of 2021 saw thousands of critical CVEs impact software and solutions from some of the world’s leading and most reputable ...
What the RAMP leadership change means for cybersecurity
One actor doubles down on ransomware while another promises something “tasty” on the horizon Introduction In July 2021, the Russian-speaking forum RAMP (Ransom Anon Market Place) was unveiled, taking its name ...
CVE-2021-41773 – Apache web server Path traversal
This past Monday, October 4th, Apache disclosed a vulnerability introduced on Apache HTTP Server 2.4.49 known as CVE-2021-41773. At the same time, update 2.4.50 was released, fixing this vulnerability. The vulnerability allows ...
Blueliv supports TIBER-EU for threat intelligence-based ethical red-teaming
TIBER-EU is the European framework for threat intelligence-based ethical red-teaming and the first EU-wide guide on how authorities, threat intelligence and red-team providers should collaborate with different organizations to help improve their ...
