How LANDFALL Spyware Targeted Samsung Devices – and What You Can Do to Stay Protected
Date: November 2025Source: Unit 42Target Platforms: Samsung Android DevicesRegion Impacted: Middle East (Iraq, Iran, Turkey, Morocco) Overview Unit 42 researchers have uncovered a previously unknown Android spyware family, named LANDFALL, that exploited a zero-day vulnerability (CVE-2025-21042) in Samsung’s Android image processing library. This flaw is part of a broader pattern of vulnerabilities discovered across […]
Red Team Cybersecurity: Understanding the Attacker Playbook
Red Team engagements allow organizations to see how a determined adversary operates once inside their environment. The goal is to demonstrate how an attacker can escalate privileges, evade defences, and ultimately achieve business-impacting objectives such as ransomware deployment, theft of intellectual property, or Business Email Compromise (BEC). This article provides an overview of the red […]
Chinese APT Exploits CA Misconfiguration and File Upload Vulnerability in UAE Government Entity
Help AG DFIR and CTI team has observed a targeted cyber intrusion campaign attributed to a Chinese state-aligned APT group, affecting a UAE government entity. The threat actor initially gained access by compromising a service account configured with scheduled task execution privileges. Upon entry, the actor escalated privileges from a regular domain user to a […]
Iranian Cyber Escalation: Strategic Scenarios and Defensive Priorities for the Next 90 Days
The Help AG Cyber Threat Intelligence (CTI) team has observed a noticeable increase in Iranian threat actor operations, aligning with the recent escalation of tensions between Iran and Israel. This uptick has direct implications for the Middle East region, including the UAE and KSA, as regional organizations may be targeted either directly or indirectly as […]
Redefining GRC in the Middle East: From Compliance Burden to Competitive Advantage
In an era where digital disruption reshapes industries daily, governance, risk, and compliance (GRC) has never been more critical or more misunderstood. Too often, GRC is viewed as a compliance checkbox or a bureaucratic overhead. In reality, GRC is the connective tissue that links governance with strategy, risk with opportunity, and compliance with trust. Today, […]
Top Middle East Cyber Threats – September 16th, 2025
At Help AG, our Managed Security Services (MSS) team offers 24x7x365 monitoring of complex IT security infrastructures to some of the largest enterprises in the region. As a result, we have our eyes keenly fixed on the cybersecurity threat landscape and are among the first in the region to learn and act upon new threats. […]
LockBit3 Ransomware Breach
Help AG CTI has observed a recent intrusion chain targeting a UAE based entity where threat actors exploited misconfigured Remote Desktop Protocol (RDP) services to gain unauthorized access to victim environments. Following initial access, the actors conducted discovery using SoftPerfect Network Scanner and Advanced IP Scanner, deployed MeshAgent for persistence, harvested credentials via Mimikatz, and […]
The Salesloft Drift Incident – A Wake-Up Call on Supply Chain Attacks
In August 2025, the cybersecurity world witnessed another stark reminder of the risks posed by supply chain attacks. A trusted third-party SaaS provider, Salesloft Drift, became the weak link in a widespread campaign attributed to threat actor UNC6395. By compromising Drift’s handling of OAuth tokens, attackers were able to access the Salesforce and Google Workspace […]
Cyberattacks Are Where You Least Expect | Christopher Zinn – Pulse 95
🎙️ In this segment from Future Talk on Pulse 95, Christopher Zinn from Help AG explores: 🔹 Why schools are increasingly being targeted by cybercriminals. 🔹 Attackers are coming up with new tactics such as fake Wi-Fi networks. 🔹 How to ensure you stay ahead of attackers. As we integrate further into the digital space, […]
Help AG Recognized as a Major Player in IDC MarketScape: Middle East Governance, Risk, and Compliance (GRC) 2025 Vendor Assessment
