Cyber Threat Intelligence from BlackBerry

The BlackBerry Threat Research and Intelligence team works 24x7x365 to hold the line against threat actors and cyberattacks, identifying and stopping threats no one has ever seen before.

Subscribe to get our latest threat research and intelligence and stay up to date on recent attacks.

BlackBerry Global Threat Intelligence Report — March 2024 Edition

The latest report from the BlackBerry Threat Research and Intelligence team—covering September to December 2023—shows a 19% increase in cyberattacks per day over the previous period. The report indicates threat actors are increasingly exploiting internet-connected critical infrastructure like power, water and transportation systems.

Get the Report Watch the Webinar

Recent BlackBerry Threat Research and Intelligence Alerts

AllaKore RAT Targets Mexican Banks and Cryptocurrency Platforms

A financially motivated threat actor is targeting Mexican banks and cryptocurrency trading entities with a modified version of AllaKore RAT – an open-source remote access tool. Lures use Mexican Social Security Institute (IMSS) naming schemas. The attackers appear to be most interested in large companies, many with gross revenues over $100M USD, that report directly to the Mexican government’s IMSS department.

Discover More

Aftermath of the Qakbot Takedown: Is My Organization Safe?

The DOJ and FBI’s joint takedown of Qakbot was a multinational operation that culminated in the disruption of one of the world’s longest-running malware families and botnets. 700,000 computers were impacted globally, including 200,000 in the U.S. Since no arrests were made, new and worrying activity suggests the law enforcement operation may not have impacted Qakbot operators' spam delivery infrastructure, but rather only their C2 servers.

Learn More

Sneaky Technique Can Steal Sensitive Info from Your Graphics Card

Researchers from four top American universities uncovered a new way for threat actors to access visual information, such as usernames and passwords, from your graphics card while you're online and browsing certain websites. Researchers call this threat “GPU.zip” because it takes advantage of the hidden data compression methods used by modern graphics processing units (GPUs) to leak visual data to a malicious third party.

Digital Hijacking at Sea: Unveiling a Cyber Attack Scenario in the Red Sea

Experts explore a cyber hijacking scenario in the Red Sea, showcasing how AI from BlackBerry and Dryad Global can detect and prevent maritime cyberattacks. Gain insights from leaders in cybersecurity and maritime operations; learn about threats facing the industry and AI's role in proactive threat detection and operational efficiency.

Led by Dr. Rory Hopcraft of the University of Plymouth’s CyberSHIP lab, Corey Ranslem, CEO of Dryad Global, and Ismael Valenzuela, VP of Threat Research and Intelligence at BlackBerry Cybersecurity, this webinar is tailored for CSOs, maritime security professionals, vessel operators, and anyone vested in maritime operations.

View Webinar Now

Global Threat Intelligence Report Deep Dive | March 2024 Edition

The BlackBerry® Global Threat Intelligence Report is used by cybersecurity decision makers worldwide to stay informed and ahead of the latest cybersecurity threats.

Join Ismael Valenzuela, VP Threat Research and Intelligence, and Geoff O’Rourke, Senior Technical Lead, for a deep dive into the newest report. Topics include "Incident response: tales from the trenches" and top critical infrastructure threats.

Listen to the Webinar

What Is CylanceINTELLIGENCE and How Can It Help?

Empower your security teams with CylanceINTELLIGENCE™, a subscription CTI service that helps organizations avoid breaches by delivering contextual threat intelligence designed for preventing, hunting, and responding to dynamic attacks.

LEARN MORE