Security News

BlackBerry has decided its plan to split into two separate companies is not a good idea and will instead reorganize itself into two independent divisions. The former smartphone champ has two businesses: cyber security and IoT. Neither has thrived in recent years so, in pursuit of greater shareholder value, the Canadian biz conducted a review it called Project Imperium.

As the number of ransomware attacks continue to rise, Blackberry has found as a part of its annual threat report that there may be a shared economy amongst cyber criminals that is growing. "This infrastructure has also incubated a criminal shared economy, with threat groups sharing and outsourcing malware allowing for attacks to happen at scale. In fact, some of the biggest cyber incidents of 2021 look to have been the result of this outsourcing."

A previously undocumented initial access broker has been unmasked as providing entry points to three different threat actors for mounting intrusions that range from financially motivated ransomware attacks to phishing campaigns. The threat landscape as we know it has been increasingly dominated by a category of players known as the initial access brokers, who are known to provide other cyber-criminal groups, including ransomware affiliates, with a foothold to an infinite pool of potential organizations belonging to diverse geographies and sectors via persistent backdoors into the victim networks, effectively building a pricing model for remote access.

A previously undocumented initial access broker has been unmasked as providing entry points to three different threat actors for mounting intrusions that range from financially motivated ransomware attacks to phishing campaigns. The threat landscape as we know it has been increasingly dominated by a category of players known as the initial access brokers, who are known to provide other cyber-criminal groups, including ransomware affiliates, with a foothold to an infinite pool of potential organizations belonging to diverse geographies and sectors via persistent backdoors into the victim networks, effectively building a pricing model for remote access.

A major vulnerability affecting older versions of BlackBerry's QNX Real-Time Operating System could allow malicious actors to cripple and gain control of a variety of products, including cars, medical, and industrial equipment. BlackBerry QNX technology is used worldwide by over 195 million vehicles and embedded systems across a wide range of industries, including aerospace and defense, automotive, commercial vehicles, heavy machinery, industrial controls, medical, rail, and robotics.

BlackBerry this week issued a critical security advisory for past versions of its QNX Real Time Operating System, used in more than 175m cars, medical equipment, and industrial systems. BlackBerry QNX Software Development Platform version 6.5.0SP1 and earlier, QNX OS for Medical 1.1 and earlier, and QNX OS for Safety 1.0.1 are affected by an integer overflow vulnerability in the calloc() function of the C runtime library.

The Cybersecurity Infrastructure and Security Agency and BlackBerry warned in separate alerts Tuesday that threat actors can take over or launch denial of service attacks on devices and critical infrastructure by exploiting what are called BadAlloc bugs tied to BlackBerry's QNX operating system. QNX is a real-time OS, used in embedded systems such as automobiles, medical devices and handsets.

CISA today warned that IoT and OT security flaws known as BadAlloc impact BlackBerry's QNX Real Time Operating System used by critical infrastructure organizations.BlackBerry QNX powers critical infrastructure systems.

Stellar Cyber announced that it has partnered with BlackBerry to accelerate adoption of AI-powered security solutions for enterprises and managed security service providers. Both companies are pioneers in using AI and machine learning to eliminate signatures and manual scripts from security solutions, and they are going to market together as a catalyst for AI-based security adoption worldwide by offering an integrated solution that combines BlackBerry's prevention-first AI-driven Unified Endpoint Security offerings with Stellar Cyber's security operations platform.

Blackberry Cylance's consumer antivirus product will not support macOS Big Sur until the end of January - three months after the Apple operating system's latest version was released. The iGiant's OS hit version 11 on Friday 13th November, appropriately enough given the chaos that followed, yet despite version 11.1 being released in mid-December, Cylance still hasn't updated its Smart Antivirus product to support it.