Remove Cybercrime Remove Social Engineering Remove Telecommunications
article thumbnail

Voice Phishers Targeting Corporate VPNs

Krebs on Security

For now at least, they appear to be focusing primarily on companies in the financial, telecommunications and social media industries. Allen said it matters little to the attackers if the first few social engineering attempts fail. A phishing page (helpdesk-att[.]com) com) targeting AT&T employees. Image: urlscan.io.

Phishing 363
article thumbnail

Security Affairs newsletter Round 500 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog Thai police arrested Chinese hackers involved in SMS blaster attacks Zyxel firewalls targeted in recent ransomware attacks Malware campaign abused flawed Avast Anti-Rootkit driver Russia-linked APT TAG-110 uses targets Europe and Asia Russia-linked threat (..)

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device. One of the groups that reliably posted “Tmo up!

Mobile 340
article thumbnail

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. 24, Russia invades Ukraine, and fault lines quickly begin to appear in the cybercrime underground. I will also continue to post on LinkedIn about new stories in 2023. Uber blames LAPSUS$ for the intrusion.

article thumbnail

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

The attacker gained initial access to two employee accounts by carrying out social engineering attacks on the organization’s help desk twice. Scattered Spider previously targeted telecommunications firms, likely to support its SIM-swapping activities that facilitate account takeovers.

article thumbnail

Teen Hackers Behind Notorious Lapsus$ Group Convicted in London

SecureWorld News

RELATED: Lapsus$ Returns One Week After 7 Teenage Hackers Arrested ] The extent of Kurtaj's involvement in cybercrimes is staggering. Their techniques included SIM swapping, prompt bombing attacks, and social engineering, which allowed them to infiltrate well-defended organizations. and another in Brazil.

article thumbnail

T-Mobile confirms Lapsus$ had access its systems

Security Affairs

Telecommunication giant T-Mobile confirmed the LAPSUS$ extortion group gained access to its networks in March. The popular investigator and journalist Brian Krebs first surmised that the LAPSUS$ gang has breached T-Mobile after he reviewed a copy of the private chat messages between members of the cybercrime group. ” wrote Krebs.

Mobile 102