# Blog **[blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/escape-from-the-maze/](https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/escape-from-the-maze/)** Discover our cybersecurity articles underground card shop banner [Credit Card Fraud Investigation: State of Underground Card Shops in 2022](https://www.blueliv.com/blog/Credit-card-fraud-investigation-state-of-underground-card-shops-in-2022) 20 May 2022 ----- eat e ta e a d d a ópe Sa, eat te ge ce a ysts In our latest credit card fraud investigation blog our threat intelligence analysts investigate the current card shop ecosystem, from active shops and the return of Rescator as well as other recently shuttered card shops and credit card fraud to look out for. [Read More](https://www.blueliv.com/blog/Credit-card-fraud-investigation-state-of-underground-card-shops-in-2022) The State of Ransomware in 2022 [The State of Ransomware in 2022](https://www.blueliv.com/blog/the-state-of-ransomware-in-2022) 17.May.2022 ----- ue, a Outpost co pa y Ransomware continues to be a prevalent threat to almost every modern industry after a sudden renaissance at the beginning of the COVID-19 pandemic as threat actors sought to capitalize on overwhelmed organizations and their suddenly vulnerable employees. [Read More](https://www.blueliv.com/blog/the-state-of-ransomware-in-2022) FTSE 100 credential theft study [FTSE 100 credential theft study 2022](https://www.blueliv.com/blog/FTSE-100-compromised-credential-study-2022) 10.May.2022 ----- Co po ate c ede t a t e t s a ta geted e o t a d a es S 00 co pa es c ede t a s pa t cu a y att act e to cybe c a s t accelerated digital transformation (BYOD and hybrid working). Once an attacker gets hold of stolen user credentials and passwords, they can sell the credentials in the cybercrime underground or use them to compromise an organization’s network, bypassing security measures and threaten the credibility and integrity of the institution. [Read More](https://www.blueliv.com/blog/FTSE-100-compromised-credential-study-2022) The most critical vulnerabilities right now - April 2022 [The most critical vulnerabilities right now - April 2022](https://www.blueliv.com/blog/the-most-critical-vulnerabilities-right-now-april-2022) 02.May.2022 ----- ue, a Outpost co pa y The first few months of 2022 have brought with them plenty of breaches and vulnerabilities for threat experts to sink their teeth into. Here's a roundup of the most critical vulnerabilities to date this year. [Read More](https://www.blueliv.com/blog/the-most-critical-vulnerabilities-right-now-april-2022) Dissecting Spring4Shell [Dissecting Spring4Shell](https://www.blueliv.com/blog/Dissecting-Spring4Shell) 31.Mar.2022 ----- ue, a Outpost co pa y An RCE vulnerability affecting Spring Core’s JDK 9 and later has become a trending topic in cybersecurity networks during the past couple days. This discovery, compared by some to the Log4Shell vulnerability, generated a lot of confusion and even got mistook with a different vulnerability affecting Spring Cloud, which got a CVE assigned the same day, and even linked them to completely unrelated commits on Spring Core’s GitHub. In this blogpost, we will clarify what happened and what you can do to protect yourself. [Read More](https://www.blueliv.com/blog/Dissecting-Spring4Shell) Russian-linked malware cyberattacks [Russian-linked malware cyberattacks: what you need to know about Hermetic Wiper and Cyclops Blink](https://www.blueliv.com/blog/Russian-linked-malware-cyberattacks-what-you-need-to-know-about-hermetic-wiper-and-cyclops-blink) ----- 08 a 0 Blueliv, an Outpost24 company Just days after Russia launched its invasion against the people of Ukraine, news reports emerged of several cyberattacks. Deployed systematically ahead of the land invasion, Russian cyberattacks against Ukraine have rendered Ukrainian banks, government departments and other core services unavailable through the use of sophisticated ‘data wipers [Read More](https://www.blueliv.com/blog/Russian-linked-malware-cyberattacks-what-you-need-to-know-about-hermetic-wiper-and-cyclops-blink) mitre ATT&CK® framework [Using Mitre Att&CK with threat intelligence to improve Vulnerability Management](https://www.blueliv.com/blog/Using-mitre-attack-with-threat-intelligence-to-improve-vulnerability-management) ----- 9 o 0 Simon Roe, Product Manager Outpost24 Threat actors are constantly evolving their tactics and techniques in the attack lifecycle and infiltrate company infrastructure. While most organizations are already performing vulnerability management based on CVEs by MITRE, few have considered the powerful correlations between threat intelligence, CVEs and the ATT&CK® framework. In this blog we highlight the benefits of bringing them together to drive focused remediation and improve cyber defense. [Read More](https://www.blueliv.com/blog/Using-mitre-attack-with-threat-intelligence-to-improve-vulnerability-management) The most critical vulnerabilities ----- e ost c t ca [u e ab t es](https://www.blueliv.com/blog/the-most-critical-vulnerabilities-right-now-november-2021) g t o o e be 0 10.Nov.2021 Blueliv, an Outpost24 company [Read More](https://www.blueliv.com/blog/the-most-critical-vulnerabilities-right-now-november-2021) CVE-2021-41773 [CVE-2021-41773 – Apache web server Path traversal](https://www.blueliv.com/blog/cve-2021-41773-apache-web-server-path-traversal) 07.Oct.2021 ----- s past o day, Octobe t, pac e d sc osed a u e ab ty t oduced o pac e Se e 9 o as C 0 3 t the same time, update 2.4.50 was released, fixing this vulnerability. The vulnerability allows an attacker to bypass Path traversal protections, using encoding, and read arbitrary files on the webserver’s file system. Both Linux and Windows servers running this version of Apache are affected. [Read More](https://www.blueliv.com/blog/cve-2021-41773-apache-web-server-path-traversal) published 1M credit cards [Insights about All World Cards and the published 1M credit cards](https://www.blueliv.com/blog/insights-about-all-world-cards-and-the-published-1m-credit-cards) 12.Aug.2021 ----- ue, a Outpost co pa y “All World Cards” is a new underground card shop created at the end of May 2021. The card shop went quite unnoticed until it caught the attention of the cybercriminal underground and the cybersecurity industry on August 2, 2021, by making publicly available one million compromised cards totally free of charge. All World Cards has currently listed for sale more than 2,7 million compromised cards. [Read More](https://www.blueliv.com/blog/insights-about-all-world-cards-and-the-published-1m-credit-cards) **2021 Web Application Security for Pharma and Healthcare** **[GET THE GUIDE >>](https://outpost24.com/resources/whitepapers/2021-web-application-security-for-healthcare-report)** ## Upcoming Events There are currently no upcoming events. -----