In a post published last month, the company provided a link to the leak site of the Hive ransomware, another Windows-only malware group. The link provided at that time is still valid on Friday morning AEST.
The reason why firms and journalists do not provide links to such leak sites is because there may often be information available there which should not get into the public domain.
iTWire will not be linking to the BlackBerry post for the same reason.
iTWire asked Blackberry about this practice and Eric Milam, vice-president, Research Operations at BlackBerry, responded: "The research blogs that BlackBerry publishes are geared towards cyber security researchers and are in line with standard responsible disclosure practices that BlackBerry adheres to."
This explanation does not hold water for the simple reason that the BlackBerry post in question is open to world+dog. Had it been open to only a select audience, there would be no need to write about it.
Cyber security has become an extremely lucrative field and the number of companies offering services in this area has grown by leaps and bounds.
In fact, BlackBerry is itself a recent entrant to the field, having made its debut after acquiring an existing vendor, Cylance, in February 2019. Prior to that, the Canadian firm was only known for its distinctive smartphones with old-style physical keyboards.
Given this explosion in the number of companies vying for available business, companies do everything possible to get their names in the media. Blog posts about the company's own research or a general security issue, which journalists are informed about, are one way to show up on a media site.
This is not to decry the BlackBerry research in the post under discussion; it contains a very detailed and ionteresting discussion of Hive, a ransomware group that is relatively new.
However, the publication of material that should not be disclosed tends to nullify its good points altogether.