Please turn on your JavaScript for this page to function normally.
Ivanti
State-sponsored hackers know enterprise VPN appliances inside out

Suspected Chinese state-sponsored hackers leveraging Ivanti Connect Secure VPN flaws to breach a variety of organizations have demonstrated “a nuanced understanding of …

elections
Cyber threats cast shadow over 2024 elections

Considering that 2024 is a historic year for elections – with an estimated half of the world’s population taking part in democratic votes – this high threat of cyber …

vote
Global malicious activity targeting elections is skyrocketing

With more voters than ever in history heading to the polls in 2024, Resecurity has identified a growing trend of malicious cyber-activity targeting sovereign elections …

email
Russian hackers breached Microsoft, HPE corporate maliboxes

Cozy Bear (aka Midnight Blizzard, aka APT29) has been busy hacking and spying on big tech companies: both Microsoft and Hewlett Packard Enterprise (HPE) have recently …

laptop
Blackwood APT delivers malware by hijacking legitimate software update requests

ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group, which they dubbed Blackwood. Blackwood has carried out cyberespionage …

cloud
OilRig targets Israel organizations with new lightweight downloaders

ESET researchers analyzed a growing series of new OilRig downloaders that the group used in several campaigns throughout 2022 to maintain access to target organizations of …

cyber threat
Russian hackers target unpatched JetBrains TeamCity servers

Russian state-sponsored hackers have been exploiting CVE-2023-42793 to target unpatched, internet-facing JetBrains TeamCity servers since September 2023, US, UK and Polish …

Microsoft Outlook
Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397)

Russian state-backed hacking group Forest Blizzard (aka Fancy Bear, aka APT28) has been using a known Microsoft Outlook vulnerability (CVE-2023-23397) to target public and …

Door
Lazarus impersonated Meta recruiter to breach Spanish aerospace firm

Operators of the North Korea-linked Lazarus APT obtained initial access to the network of an aerospace company in Spain last year after a successful spearphishing campaign, by …

undersea cables
Hidden dangers loom for subsea cables, the invisible infrastructure of the internet

More than 97% of the world’s internet traffic passes through subsea cables at some point, according to ENISA. Subsea cables are a vital component of the global internet …

key
How Chinese hackers got their hands on Microsoft’s token signing key

The mystery of how Chinese hackers managed to steal a crucial signing key that allowed them to breach Microsoft 365’s email service and access accounts of employees of 25 …

Android malware
Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store

ESET researchers have identified two active campaigns targeting Android users, where the threat actors behind the tools for Telegram and Signal are attributed to the …

Don't miss

Cybersecurity news