cyber espionage
![Android](https://img.helpnetsecurity.com/wp-content/uploads/2024/06/24133618/android-danger-400x200.webp)
Open-source Rafel RAT steals info, locks Android devices, asks for ransom
The open-source Rafel RAT is being leveraged by multiple threat actors to compromise Android devices and, in some cases, to lock them, encrypt their contents, and demand money …
![cyber threat](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/25143238/cyber-threat1-400x200.jpg)
Chinese attackers leverage previously unseen malware for espionage
Sophos released its report, “Operation Crimson Palace: Threat Hunting Unveils Multiple Clusters of Chinese State-Sponsored Activity Targeting Southeast Asia,” which details a …
![North Korea](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/21143805/north_korea2-400x200.jpg)
Moonstone Sleet: A new North Korean threat actor
Microsoft has named yet another state-aligned threat actor: Moonstone Sleet (formerly Storm-1789), which engages in cyberespionage and ransomware attacks to further goals of …
![printer](https://img.helpnetsecurity.com/wp-content/uploads/2020/05/14114130/printer-windows-400x200.jpg)
Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)
For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print …
![Ivanti](https://img.helpnetsecurity.com/wp-content/uploads/2024/02/28130430/ivanti-1500-400x200.webp)
State-sponsored hackers know enterprise VPN appliances inside out
Suspected Chinese state-sponsored hackers leveraging Ivanti Connect Secure VPN flaws to breach a variety of organizations have demonstrated “a nuanced understanding of …
![elections](https://img.helpnetsecurity.com/wp-content/uploads/2023/11/27164950/elections-400x200.jpg)
Cyber threats cast shadow over 2024 elections
Considering that 2024 is a historic year for elections – with an estimated half of the world’s population taking part in democratic votes – this high threat of cyber …
![vote](https://img.helpnetsecurity.com/wp-content/uploads/2016/06/09111919/vote-400x200.jpg)
Global malicious activity targeting elections is skyrocketing
With more voters than ever in history heading to the polls in 2024, Resecurity has identified a growing trend of malicious cyber-activity targeting sovereign elections …
![email](https://img.helpnetsecurity.com/wp-content/uploads/2020/02/31160247/email-smoke-red-400x200.jpg)
Russian hackers breached Microsoft, HPE corporate maliboxes
Cozy Bear (aka Midnight Blizzard, aka APT29) has been busy hacking and spying on big tech companies: both Microsoft and Hewlett Packard Enterprise (HPE) have recently …
![laptop](https://img.helpnetsecurity.com/wp-content/uploads/2023/04/13114656/laptop4-400x200.jpg)
Blackwood APT delivers malware by hijacking legitimate software update requests
ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group, which they dubbed Blackwood. Blackwood has carried out cyberespionage …
![cloud](https://img.helpnetsecurity.com/wp-content/uploads/2023/12/15121401/cloud-red-400x200.jpg)
OilRig targets Israel organizations with new lightweight downloaders
ESET researchers analyzed a growing series of new OilRig downloaders that the group used in several campaigns throughout 2022 to maintain access to target organizations of …
![cyber threat](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/25143238/cyber-threat1-400x200.jpg)
Russian hackers target unpatched JetBrains TeamCity servers
Russian state-sponsored hackers have been exploiting CVE-2023-42793 to target unpatched, internet-facing JetBrains TeamCity servers since September 2023, US, UK and Polish …
![Microsoft Outlook](https://img.helpnetsecurity.com/wp-content/uploads/2023/12/05120123/microsoft-outlook-1400-400x200.jpg)
Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397)
Russian state-backed hacking group Forest Blizzard (aka Fancy Bear, aka APT28) has been using a known Microsoft Outlook vulnerability (CVE-2023-23397) to target public and …