Accountability, Data collection and Telecommunications

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. The Russia-linked APT group Sandworm (UAC-0165) has compromised eleven telecommunication service providers in Ukraine between May and September 2023, reported the Ukraine’s Computer Emergency Response Team (CERT-UA).

Telecommunications

Telecommunications Authentication Data collection Passwords

Why You Should Opt Out of Sharing Data With Your Mobile Provider

Krebs on Security

MARCH 20, 2023

A new breach involving data from nine million AT&T customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with your mobile device — unless and until you affirmatively opt out of this data collection.

Mobile

Mobile Wireless Advertising Accountability

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

Security Affairs

DECEMBER 30, 2020

T-Mobile has disclosed a data breach exposing customers’ account’s information. “We are reaching out to let you know about a security incident we recently identified and quickly shut down that may have impacted some of your T-Mobile account information.”

Data breaches

Data breaches Mobile Telecommunications Accountability

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Privacy Roundup: Week 12 of Year 2025

Security Boulevard

MARCH 24, 2025

While MFA is primarily a security feature, its primary privacy benefit is adding another layer of security to prevent unauthorized access to information contained in particular important or sensitive accounts. These apps also frequently use Bluetooth data to gather location information and proximity to nearby devices.

Surveillance

Surveillance Telecommunications Malware Data breaches

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

Internal Revenue Service website for months: Anyone seeking to create an account to view their tax records online would soon be required to provide biometric data to a private company in Virginia — ID.me. banks are stiffing account takeover victims. A single bitcoin is trading at around $45,000. Elizabeth Warren (D-Mass.)

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 9, 2024

New York Times source code compromised via exposed GitHub token SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform Pandabuy was extorted twice by the same threat actor UAC-0020 threat actor used the SPECTR Malware to target Ukraine’s defense forces Chinese threat actor exploits old ThinkPHP flaws since October 2023 A new Linux (..)

Data breaches

Data breaches Banking Hacking Malware

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

Health Insurance Portability & Accountability Act (HIPAA) The Health Insurance Portability and Accountability Act (HIPAA) sets standards for protecting sensitive health information, particularly electronic health records (EHRs).

Cybersecurity

Cybersecurity Computers and Electronics Cyber threats Healthcare

TOP 10 unattributed APT mysteries

SecureList

OCTOBER 7, 2022

The traffic originated from a suspicious library loaded into the memory of a domain controller server and registered as a Windows password filter, which has access to plain-text passwords to administrative accounts. There are reasons to believe that unknown Linux implants exist that can send data collected from Linux machines to Mafalda.

Malware

Malware Computers and Electronics Telecommunications Encryption

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

Using a malicious script, the attackers redirected their targets’ incoming email to an email address controlled by the attackers, gathering data from the compromised accounts. It determined that the injection point was situated within the connection between two Egyptian telecommunication providers. Drone hacking!

Hacking

Hacking Energy and Utilities Media Malware

Best Network Monitoring Tools for 2022

eSecurity Planet

JANUARY 26, 2022

For larger organizations, the PRTG Enterprise Monitor can monitor thousands of devices for a distributed environment offering auditable data collection and service-based SLA monitoring through the ITOps Board. Read more : Best Identity and Access Management (IAM) Solutions for 2022. VIAVI Solutions.

Marketing

Marketing DDOS Threat Detection DNS

PIPEDA

Centraleyes

SEPTEMBER 23, 2024

It benefits consumers by ensuring that their personal data is collected, used, and disclosed responsibly and only with their consent. The law applies to businesses across all industries that engage in commercial activities, including retail, banking, telecommunications, and online services. What are the Requirements for PIPEDA?

Data breaches

Data breaches Artificial Intelligence Technology Risk

Best 5 SOC 2 Compliance Software in 2024

Centraleyes

AUGUST 1, 2024

Advanced Automation Features that automate data collection, monitoring, and reporting. Financial Services Banks, payment processors, and financial institutions must safeguard financial data and ensure systems’ integrity and availability. User-Friendly Interface An intuitive design that simplifies complex compliance tasks.

Software

Software Risk Cyber Risk Telecommunications

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Though Paladin has a smaller portfolio relative to other top contenders with 75 companies, the company has a substantial stack of strategic investments in technology, telecommunications, and more. VCs are ultimately accountable to the wishes of their GPs and LPs and not afraid to make decisions to their benefit.

Cybersecurity

Cybersecurity Technology Marketing Healthcare

On Executive Order 12333

Schneier on Security

SEPTEMBER 28, 2020

The Article pays particular attention to EO 12333’s designation of the National Security Agency as primarily responsible for conducting signals intelligence, which includes the installation of malware, the analysis of internet traffic traversing the telecommunications backbone, the hacking of U.S.-based

Surveillance

Surveillance Telecommunications Internet Internet

Promising Jobs at the U.S. Postal Service, ‘US Job Services’ Leaks Customer Data

Krebs on Security

MAY 2, 2023

This page indicates that access to the consumer and payment data collected by US Job Services is currently granted to several other coders who work with Mr. Mirza in Pakistan, and to multiple executives, contractors and employees working for a call center in Murfreesboro, Tennessee.

Marketing

Marketing Advertising Scams Telecommunications

‘Unpacking’ technical attribution and challenges for ensuring stability in cyberspace

SecureList

JUNE 20, 2022

However, the only actors that deliver the entire narrative of a cyberattack – discussing accountability and international law – are nation states. Cyber attribution is a necessary step to accountability in cyberspace. [2] within network activity logs collected by the Internet Service Provider (ISP), etc.).

Energy and Utilities

Energy and Utilities Data collection Malware Cybersecurity

Top 18 Cybersecurity Startups to Watch in 2021

eSecurity Planet

JANUARY 28, 2021

The two-tier program includes business development opportunities, training, joint marketing, partner collateral, marketing co-op funds, sales leads and field account planning. ” This is a valuable corner of the market, as an estimated 80 percent of all data breaches occur while data is traveling between cloud networks.

Cybersecurity

Cybersecurity Threat Detection Artificial Intelligence Marketing

Data Privacy in the United States: A Recap of 2023 Developments

Centraleyes

FEBRUARY 1, 2024

Connecticut – S 1058: Attorney Generals Recommendations Enacted to enhance consumer protection, Connecticut’s S 1058 intersects with charitable organizations, telecommunications, and the attorney general’s recommendations. The legislation imposes a civil penalty, emphasizing accountability and responsible data practices.

Data privacy

Data privacy Consumer Protection Media Data collection

Cyber Security Informer

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Why You Should Opt Out of Sharing Data With Your Mobile Provider

Webinars

Trending Sources

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

Webinars

Privacy Roundup: Week 12 of Year 2025

Happy 13th Birthday, KrebsOnSecurity!

Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION

2024 Cybersecurity Laws & Regulations

TOP 10 unattributed APT mysteries

Advanced threat predictions for 2024

Best Network Monitoring Tools for 2022

PIPEDA

Best 5 SOC 2 Compliance Software in 2024

Top VC Firms in Cybersecurity of 2022

On Executive Order 12333

Promising Jobs at the U.S. Postal Service, ‘US Job Services’ Leaks Customer Data

‘Unpacking’ technical attribution and challenges for ensuring stability in cyberspace

Top 18 Cybersecurity Startups to Watch in 2021

Data Privacy in the United States: A Recap of 2023 Developments

Stay Connected