Security Affairs

OCTOBER 20, 2021

A China-linked hacking group, tracked as LightBasin (aka UNC1945 ), hacked mobile telephone networks around the globe and used specialized tools to access calling records and text messages from telecommunications companies. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019.

Telecommunications 136

Telecommunications Mobile Hacking Architecture 136

Digital Shadows

MARCH 17, 2025

The ransomware targets unpatched internet-facing servers, impacting systems across 70+ countries in sectors like critical infrastructure, health care, governments, education, technology, manufacturing, and small- to medium-sized businesses. 3 Whats Behind its Enduring Popularity? What makes CVE-2018-13379 so dangerous is its stickiness.

VPN 133

VPN Authentication Ransomware Risk 133

Krebs on Security

FEBRUARY 18, 2019

This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers. federal civilian agencies to secure the login credentials for their Internet domain records. That changed on Jan.

DNS 279

DNS Internet Internet Government 279

Schneier on Security

JANUARY 14, 2020

Since the internet, especially the "internet of things," is expected to rely heavily on 5G infrastructure, potential Chinese infiltration is a serious national security threat. To be sure, there are significant security improvements in 5G over 4G­in encryption, authentication, integrity protection, privacy, and network availability.

Data collection 279

Data collection Software Marketing Government 279

Security Affairs

MARCH 12, 2025

Its primary focus is on defense, technology, and telecommunications sectors in the US and Asia. While UNC3886 previously focused their operations on network edge devices, this activity demonstrated theyre also targeting internal networking infrastructure, such as Internet Service Provider (ISP) routers.

Telecommunications 66

Telecommunications Malware DDOS Technology 66

Security Affairs

DECEMBER 14, 2022

The number of internet-facing cameras in the world is growing exponentially. Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. New research by Cybernews shows an exponential rise in the uptake of internet-facing cameras. Surge in internet-facing cameras. Most insecure brands.

Surveillance 145

Surveillance Manufacturing Passwords Internet 145

Krebs on Security

AUGUST 19, 2020

For now at least, they appear to be focusing primarily on companies in the financial, telecommunications and social media industries. Thus, the second factor cannot be phished, either over the phone or Internet. And in many cases, those codes are only good for a short duration — often measured in seconds or minutes.

Phishing 363

Phishing VPN Social Engineering Media 363

Krebs on Security

AUGUST 12, 2020

Adding multi-factor authentication (MFA) at these various providers (where available) and/or establishing a customer-specific personal identification number (PIN) also can help secure online access. Your best option is to reduce your overall reliance on your phone number for added authentication at any online service.

Accountability 359

Accountability Mobile Banking Passwords 359

Cisco Security

NOVEMBER 18, 2022

Often security researchers and security teams focus on threats to software and the risks associated with authenticating and managing users. The telecommunications infrastructure that carries internet traffic between countries and continents is often provided by submarine cables.

Risk 145

Risk Telecommunications Internet Internet 145

Security Affairs

MAY 1, 2024

A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data. Cuttlefish has a modular structure, it was designed to primarily steal authentication data from web requests passing through the router from the local area network (LAN).

Malware 130

Malware DNS Authentication Telecommunications 130

Security Affairs

JUNE 8, 2022

China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers.

Telecommunications 100

Telecommunications Authentication Passwords Accountability 100

Security Affairs

MARCH 30, 2024

In August 2021, the group asked $1 million for the entire database, or $200,000 for access, according to the RestorePrivacy website that examined a sample that appears authentic. ” reads a statement published by the telecommunication giant. reads the RestorePrivacy website. million former account holders.”

Data breaches 144

Data breaches Telecommunications Cybercrime Hacking 144

Security Affairs

JULY 31, 2022

. “We’re publishing the details of a new vulnerability (tracked under CVE-2022-30563) affecting the implementation of the Open Network Video Interface Forum (ONVIF) WS-UsernameToken authentication mechanism in some IP cameras developed by Dahua, a very popular manufacturer of IP-based surveillance solutions.”

Surveillance 145

Surveillance Authentication Telecommunications Manufacturing 145

Malwarebytes

APRIL 14, 2022

The Zloader at hand is a botnet made up of computing devices in businesses, hospitals, schools, and homes around the world which is run by a global internet-based organized crime gang operating malware as a service that is designed to steal and extort money. Legal action. We also saw this method recently used against the Strontium group.

Backups 135

Backups Banking Internet Internet 135

Security Affairs

NOVEMBER 3, 2020

The UNC1945 group carried out attacks aimed at telecommunications companies and leveraged third-party networks to target specific financial and professional consulting industries. ” The threat actor established a foothold on a Solaris 9 server by using the Solaris Pluggable Authentication Module SLAPSTICK backdoor.

Authentication 139

Authentication Advertising Telecommunications Internet 139

Security Affairs

APRIL 10, 2024

In August 2021, the group asked $1 million for the entire database, or $200,000 for access, according to the RestorePrivacy website that examined a sample that appears authentic. While we cannot yet confirm the data is from AT&T customers, everything we examined appears to be valid.” reads the RestorePrivacy website.

Data breaches 126

Data breaches Telecommunications Identity Theft Hacking 126

Security Affairs

JUNE 25, 2020

Just after the WorldNet Telecommunications, the LG electronics fall as a victim of the Maze ransomware operators.” . “As part of our regular darkweb monitoring, our researchers came across the data leak of LG Electronics been published by the Maze ransomware operators. ” reads the post published by Cyble.

Computers and Electronics 129

Computers and Electronics Ransomware Mobile Telecommunications 129

Troy Hunt

MARCH 27, 2018

She was pretty shocked when I showed her this as it was precisely the same verbal password as she used to authenticate to her bank. I'm like yo my credit cards and financial information your entering into this internet system isn't even fully encrypted. No video recording or photos needed.

Passwords 178

Passwords Banking Mobile Telecommunications 178

Security Affairs

FEBRUARY 10, 2022

In 2018, the FBI Internet Crime Complaint Center (IC3) received complaints for 1,611 SIM swapping attacks, while the number of complaints in the period between 2018 e 2002 was 320 causing a total of losses of $12 million. Authenticate calls from third party authorized retailers requesting.

Mobile 104

Mobile Cryptocurrency Accountability Passwords 104

Krebs on Security

JUNE 28, 2018

Consider the case of a consumer who receives their home telephone service as part of a bundle through their broadband Internet service provider (ISP). Failing to set up a corresponding online account to manage one’s telecommunications services can provide a powerful gateway for fraudsters. ”

Banking 218

Banking Accountability Mobile Media 218

Cisco Security

JUNE 2, 2022

Dell’Oro Group, the trusted source for market information in the telecommunications, enterprise networks, and data center IT infrastructure industries, recognized Cisco as the SASE Market Share Leader in 2021, with 19% of the total market share by revenue.

Marketing 103

Marketing Architecture Internet Internet 103

eSecurity Planet

SEPTEMBER 1, 2021

Exposing the Internet of Things (IoT) Universe. The National Telecommunications and Information Administration (NTIA) released its National Strategy to Secure 5G implementation plan starting in January. NTIA and CISA: Memos from the Feds What is 5G? How is 5G Different? What Are the Cybersecurity Risks of 5G? Supply Chains.

Risk 137

Risk Cybersecurity IoT Wireless 137

eSecurity Planet

FEBRUARY 11, 2022

Most essentially, facial recognition technology promises a solid amount of internal and external security advantages in the day-to-day activity of enterprises, making it a key technology for passwordless authentication. Also read: Passwordless Authentication 101. False Negatives, Deepfakes and Other Concerns.

Software 126

Software Technology Authentication Artificial Intelligence 126

The Last Watchdog

AUGUST 20, 2019

Related: Most companies ignorant about rising mobile attacks While it might be tempting to dismiss the potential revenue lost by Apple, Samsung, HTC and other suppliers of authentic phones, this counterfeit wave is particularly worrisome. The faked phones flooding the market today are slicker than ever. The smartphone industry knows this.

Malware 185

Malware Mobile Manufacturing Marketing 185

Malwarebytes

JUNE 19, 2023

As it happens, you don’t have to buy an internet connected device for one of the most private areas of your home. There’s plenty of cheap Internet of Things (IoT) baby monitors out there with default passwords baked in, insecurely stored data, and an alarming amount of compromise stories in the news.

Passwords 95

Passwords IoT Internet Internet 95

Malwarebytes

OCTOBER 13, 2022

The usual targets range from organizations in the IT sector, including telecommunications service providers; the DIB (Defense Industrial Base) sector, which is related to military weapons systems; and other critical infrastructure sectors. Authentication bypass by spoofing. Use multi-factor authentication. Command injection.

Authentication 92

Authentication Telecommunications Government Cyber threats 92

SecureWorld News

OCTOBER 6, 2022

Utilize phishing-resistant multi-factor authentication whenever possible. Enable robust logging of Internet-facing systems and monitor the logs for anomalous activity.". PRC state-sponsored cyber actors continue to exploit known vulnerabilities and use publicly available tools to target networks of interest.

Passwords 98

Passwords Telecommunications Government Cybersecurity 98

Malwarebytes

OCTOBER 5, 2021

“A global privacy disaster”, “espionage gold”, and “a state-sponsored wet dream” are just some of the comments one can read regarding the breach at Syniverse, a key player in the tech/telecommunications industry that calls itself the “center of the connected world.”

Telecommunications 85

Telecommunications Mobile Accountability Authentication 85

Security Affairs

JANUARY 23, 2019

Within 10 business days, agencies will have to change the passwords for their DNS account and enable multifactor authentication where available, but CISA warns risks for SMS-based MFA. The check must be completed in 10 days and includes Address (A), Mail Exchanger (MX), and Name Server (NS) records.

DNS 111

DNS Government Advertising Telecommunications 111

SecureWorld News

OCTOBER 7, 2021

A recent hack discovered by one of the world's largest telecommunications companies has the potential to impact millions of cell phone users worldwide. Several security researchers have expressed concerns over the secondary effects of the breach, including how it could impact 2-factor authentication (2FA).

Data breaches 98

Data breaches Hacking Mobile Authentication 98

The Security Ledger

OCTOBER 8, 2020

To achieve their 5G transformation, telecommunications providers require security solutions and platforms built from the ground up for modern, dynamic business models. The post Opinion: Staying Secure Through 5G Migration appeared first on The Security Ledger.

Telecommunications 52

Telecommunications IoT Cyber Attacks Authentication 52

Security Affairs

MARCH 23, 2022

The threat actors used the compromised credentials and/or session tokens to access the target networks through internet-facing systems and applications (i.e. Their scope of interests includes – major telecommunications companies such as Claro, Telefonica and AT&T.

Accountability 104

Accountability VPN Social Engineering Hacking 104

Security Boulevard

SEPTEMBER 28, 2022

Optus, the second-largest telecommunications company in Australia, has experienced an API security incident – and it might come with a $1 million price tag. According to the OWASP API Security Top 10, broken user authentication constitutes the second biggest API vulnerability. Growing API Usage in Telco Sector Increases Security Risks.

Telecommunications 52

Telecommunications IoT Authentication Digital transformation 52

SecureWorld News

MAY 25, 2023

Leighton, who will present the closing keynote, "Cyber World on Fire: A Look at Internet Security in Today's Age of Conflict," at SecureWorld Chicago on June 8, said the targeting of Guam should be viewed as a key threat. "Volt Panda also appears to be targeting critical cyber infrastructure throughout the U.S." Guam is critical to the U.S.

Firewall 98

Firewall Cyber threats Telecommunications Internet 98

SC Magazine

MAY 18, 2021

Not surprisingly, one of the first priorities Dow Jones focused on was providing employees secure access to the internet and company IT resources while they worked from home. They replaced their telecommunications network and built a new software-defined wide area network to handle policy, security and networking functions.

IoT 70

IoT Telecommunications Manufacturing Firewall 70

SecureList

NOVEMBER 14, 2022

From a different angle, reporting from The Intercept revealed mobile surveillance capabilities available to Iran for the purposes of domestic investigations that leverage direct access to (and cooperation of) local telecommunication companies. We believe that research into mail software vulnerabilities is only getting started.

Firmware 128

Firmware Surveillance Mobile Telecommunications 128

The Security Ledger

MARCH 13, 2019

» Related Stories Podcast Episode 129: Repair Eye on the CES Guy and Sensor Insecurity EU calls for End to Default Passwords on Internet of Things Podcast Episode 134: The Deep Fake Threat to Authentication and analyzing the PEAR Compromise. NIST Floats Internet of Things Cybersecurity Standards. Read the whole entry. »

IoT 40

IoT Cybersecurity Internet Internet 40