Video Poster Image

Cyber Threat Intelligence from BlackBerry

The BlackBerry Threat Research and Intelligence team works 24x7x365 to hold the line against threat actors and cyberattacks, identifying and stopping threats no one has ever seen before.

Subscribe to get our latest threat research and intelligence and stay up to date on recent attacks.

BlackBerry Global Threat Intelligence Report — March 2024 Edition

BlackBerry Global Threat Intelligence Report — March 2024 Edition

The latest report from the BlackBerry Threat Research and Intelligence team—covering September to December 2023—shows a 19% increase in cyberattacks per day over the previous period. The report indicates threat actors are increasingly exploiting internet-connected critical infrastructure like power, water and transportation systems.

Recent BlackBerry Threat Research and Intelligence Alerts

AllaKore RAT Targets Mexican Banks and Cryptocurrency Platforms

A financially motivated threat actor is targeting Mexican banks and cryptocurrency trading entities with a modified version of AllaKore RAT – an open-source remote access tool. Lures use Mexican Social Security Institute (IMSS) naming schemas. The attackers appear to be most interested in large companies, many with gross revenues over $100M USD, that report directly to the Mexican government’s IMSS department.

Aftermath of the Qakbot Takedown: Is My Organization Safe?

The DOJ and FBI’s joint takedown of Qakbot was a multinational operation that culminated in the disruption of one of the world’s longest-running malware families and botnets. 700,000 computers were impacted globally, including 200,000 in the U.S. Since no arrests were made, new and worrying activity suggests the law enforcement operation may not have impacted Qakbot operators' spam delivery infrastructure, but rather only their C2 servers.

Sneaky Technique Can Steal Sensitive Info from Your Graphics Card

Researchers from four top American universities uncovered a new way for threat actors to access visual information, such as usernames and passwords, from your graphics card while you're online and browsing certain websites. Researchers call this threat “GPU.zip” because it takes advantage of the hidden data compression methods used by modern graphics processing units (GPUs) to leak visual data to a malicious third party.

Live and On-Demand Webinars

Global Threat Intelligence Report Deep Dive | March 2024 Edition

The BlackBerry® Global Threat Intelligence Report is used by cybersecurity decision makers worldwide to stay informed and ahead of the latest cybersecurity threats.

Join Ismael Valenzuela, VP Threat Research and Intelligence, and Geoff O’Rourke, Senior Technical Lead, for a deep dive into the newest report. Topics include "Incident response: tales from the trenches" and top critical infrastructure threats.

BlackBerry LIVE: Dark Knight 2.0 - Guide for CTI Reporting

Successful adversary emulation is a direct result of excellent cyber threat intelligence (CTI), which relies heavily upon proper CTI reporting that is informed by intelligence analysts, red team operators, and blue team defenders. Join the BlackBerry and MITRE ATT&CK Evaluations teams for a conversation on what makes CTI reporting useful and how it enables effective purple teaming.

What Is CylanceINTELLIGENCE and How Can It Help?

Empower your security teams with CylanceINTELLIGENCE™, a subscription CTI service that helps organizations avoid breaches by delivering contextual threat intelligence designed for preventing, hunting, and responding to dynamic attacks.

Meet the Global Team Representatives

Ismael Valenzuela

Vice President, Threat Research and Intelligence

Cesar Vargas

Director, Applied Researcher

Thom Ables

Director, Threat Research

Geoff O’Rourke

Senior Technical Lead

Natasha Rohner

Principal Threat Research Publisher

Masaki Kasuya

Principal Threat Researcher

Dean Given

Principal Threat Researcher

Eoin Healy

Principal Threat Researcher

Jacob Faires

Principal Threat Researcher

Alexandra Mozil

Senior Threat Researcher

Dmitry Melikov

Threat Researcher II

Pedro Drimel

Threat Researcher, Consultant