DNS, Internet and Telecommunications - Cyber Security Informer

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Security Affairs

SEPTEMBER 26, 2024

internet service providers (ISPs) as part of a cyber espionage campaign code-named Salt Typhoon. internet service providers in recent months as part of a cyber espionage campaign code-named Salt Typhoon. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.”

Internet

Internet Internet DNS Telecommunications

Sea Turtle Hackers Spy on Dutch ISPs and Telecommunication Companies

Heimadal Security

JANUARY 10, 2024

Sea Turtle Turkish state-backed group changed to focus on internet service providers (ISPs), telcos, media, and Kurdish websites. DNS hijacking and traffic redirection that leads to man-in-the-middle attacks are among their cyber espionage techniques.

Telecommunications

Telecommunications DNS Media Internet

Why You Need a Secondary DNS

Security Boulevard

SEPTEMBER 15, 2022

Last month, a large Canadian telecommunications provider suffered a catastrophic outage for more than 18 hours. Many Canadians found themselves disconnected when cellular networks and the internet failed to respond—at home or at work. The post Why You Need a Secondary DNS appeared first on Security Boulevard.

DNS

DNS Telecommunications Internet Internet

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

FEBRUARY 18, 2019

This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers. federal civilian agencies to secure the login credentials for their Internet domain records. That changed on Jan.

DNS

DNS Internet Internet Government

ICANN warns of large-scale attacks on Internet infrastructure

Security Affairs

FEBRUARY 24, 2019

Large-scale attacks are threatening the global Internet infrastructure, the alarm was launched by the Internet Corporation for Assigned Names and Numbers (ICANN). After an emergency meeting, the Internet Corporation for Assigned Names and Numbers (ICANN) confirmed that the global Internet infrastructure is facing large-scale attacks.

Internet

Internet Internet DNS Telecommunications

Alleged Iran-linked APT groups behind global DNS Hijacking campaign

Security Affairs

JANUARY 10, 2019

Security expert uncovered a DNS hijacking campaign targeting organizations in various industries worldwide and suspects Iranian APT groups. It is interesting to note that FireEye confirmed that this campaign is different from other operations carried out by Iranian APT groups due to the use of DNS hijacking at scale.

DNS

DNS Telecommunications Government Encryption

DHS issues emergency Directive to prevent DNS hijacking attacks

Security Affairs

JANUARY 23, 2019

DHS has issued a notice of a CISA emergency directive urging federal agencies of improving the security of government-managed domains (i.e.gov) to prevent DNS hijacking attacks. The notice was issued by the DHS and links the emergency directive Emergency Directive 19-01 titled “Mitigate DNS Infrastructure Tampering.”.

DNS

DNS Government Telecommunications Advertising

INTERNET BLOCKING IN MYANMAR – SECRET BLOCK LIST AND NO MEANS TO APPEAL

Security Affairs

AUGUST 10, 2020

In March 2020, The Ministry of Telecommunications (MoTC) issued a directive to all operators in Myanmar with a secret list of 230 sites to be blocked due to the nature of the content; adult content and fake news. Our findings show that both Telenor and MPT block websites using DNS tampering. Circumvention of Internet blocking.

Internet

Internet Internet Telecommunications DNS

Sunburst: connecting the dots in the DNS requests

SecureList

DECEMBER 18, 2020

For instance, before making the first internet connection to its C2s, the Sunburst malware lies dormant for a long period, of up to two weeks, which prevents an easy detection of this behavior in sandboxes. In the initial phases, the Sunburst malware talks to the C&C server by sending encoded DNS requests. Low-level details.

DNS

DNS Telecommunications Malware Encryption

Cuttlefish malware targets enterprise-grade SOHO routers

Security Affairs

MAY 1, 2024

Researchers at Lumen’s Black Lotus Labs discovered a new malware family, named Cuttlefish, which targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data from internet traffic. The malicious code can also perform DNS and HTTP hijacking within private IP spaces.

Malware

Malware DNS Authentication Telecommunications

RuNet – Russia successfully concluded tests on its Internet infrastructure

Security Affairs

DECEMBER 24, 2019

Russia successfully disconnected from the internet. Russia’s government announced that it has successfully concluded a series of tests for its RuNet intranet aimed at country disconnection from the Internet. One of them is checking the integrity and security of the Internet as a result of external negative influences.”

Internet

Internet Internet DNS Surveillance

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

“Do NOT conduct CFPB work using mobile voice calls or text messages,” reads the email sent to the employees referencing a recent government statement acknowledging the telecommunications infrastructure attack. internet service providers in recent months as part of a cyber espionage campaign code-named Salt Typhoon.

Hacking

Hacking Internet Internet Mobile

China-linked LightBasin group accessed calling records from telcos worldwide

Security Affairs

OCTOBER 20, 2021

A China-linked hacking group, tracked as LightBasin (aka UNC1945 ), hacked mobile telephone networks around the globe and used specialized tools to access calling records and text messages from telecommunications companies. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019.

Telecommunications

Telecommunications Mobile Hacking Architecture

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Security Affairs

JANUARY 7, 2024

Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns. The group targets government entities, Kurdish (political) groups like PKK, telecommunication, ISPs, IT-service providers (including security companies), NGO, and Media & Entertainment sectors; Over the years, the group enhanced its evasion capabilities. .

Media

Media Accountability Telecommunications Government

Massive Surge in DDoS Attacks Reported in First Quarter of 2023

CyberSecurity Insiders

APRIL 12, 2023

The report stems from a detailed analysis of attacks targeting StormWall’s clientele, which spans various sectors such as finance, e-commerce, telecommunications, entertainment, transportation, education, and logistics. Telecommunications continued to be a popular target, enduring 16% of attacks and a 47% YoY increase.

DDOS

DDOS Telecommunications Data breaches DNS

How to Stop DDoS Attacks: Prevention & Response

eSecurity Planet

SEPTEMBER 3, 2022

These events can occur accidentally and even within a corporate network; however, intentional attacks on internet-facing resources are far more common. Also read: How to Secure DNS. DNS Flood: The attacking machines send spoofed DNS requests at a high packet rate to overwhelm the DNS server and shut down the domain.

DDOS

DDOS DNS Firewall Internet

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

JULY 13, 2019

The campaign uncovered by Avast aimed at silently modifying the Brazilian users’ Domain Name System (DNS) settings to redirect victims to malicious websites mimicking legitimate ones. In some cases the router is reconfigured to use rogue DNS servers, which redirect victims to phishing pages that closely look like real online banking sites.

DNS

DNS Passwords Advertising Banking

GALLIUM Threat Group targets global telcos, Microsoft warns

Security Affairs

DECEMBER 12, 2019

The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. ” reads the warning published by Microsoft.

Telecommunications

Telecommunications DNS Malware Advertising

Netanyahu accuses Iran of cyber attacks carried out daily

Security Affairs

JANUARY 29, 2019

Early January, security experts at FireEye uncovered a DNS hijacking campaign that was targeting government agencies, ISPs and other telecommunications providers, Internet infrastructure entities, and sensitive commercial organizations in the Middle East, North Africa, North America and Europe.

Cyber Attacks

Cyber Attacks Telecommunications Advertising DNS

What are Common Types of Social Engineering Attacks?

eSecurity Planet

JULY 29, 2021

Vishing attacks are also similar to phishing and smishing, but these attacks target VoIP and telecommunications services rather than text-based mediums. Usually this is accomplished either by deploying malware that changes the target computer’s host files, or by using a technique known as DNS cache poisoning.

Social Engineering

Social Engineering Engineering Phishing DNS

What is a Managed Security Service Provider? MSSPs Explained

eSecurity Planet

AUGUST 22, 2023

Expanding attack surfaces require additional skills to secure, maintain, and monitor an ever-expanding environment of assets such as mobile, cloud, and the internet of things (IoT). Telecommunications MSSPs such as Verizon satisfy these needs and provide the financial security of a large corporate partner for equally large customers.

Telecommunications

Telecommunications Firewall Penetration Testing Cybersecurity

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

The new “ Hi-Tech Crime Trends 2019/2020 ” report describes attacks on various industries and critical infrastructure facilities, as well as campaigns aimed at destabilization of the Internet in certain countries. Internet destabilization at state level. The telecommunications sector: Are providers ready for 5G?

Banking

Banking Telecommunications Marketing Internet

WinDealer dealing on the side

SecureList

JUNE 2, 2022

It primarily goes after targets located in China, such as foreign diplomatic organizations established in the country, members of the academic community, or companies from the defense, logistics and telecommunications sectors. Full control over the DNS, meaning they can provide responses for non-existent domains.

Malware

Malware Encryption Social Engineering Telecommunications

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. So in 2014, the Defense Advanced Research Project Agency, DARPA, the people who really funded the original internet said, "Can we make cyber fully autonomous?" but they never actually checked that.

InfoSec

InfoSec Artificial Intelligence Computers and Electronics Software

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent. In October, telecommunications firm Telenor Norway was another to fall victim. Extortionists’ activity regularly made the news throughout 2020.

DDOS

DDOS Cryptocurrency Marketing Internet

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. So in 2014, the Defense Advanced Research Project Agency, DARPA, the people who really funded the original internet said, "Can we make cyber fully autonomous?" but they never actually checked that.

InfoSec

InfoSec Artificial Intelligence Computers and Electronics Software

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. So in 2014, the Defense Advanced Research Project Agency, DARPA, the people who really funded the original internet said, "Can we make cyber fully autonomous?" but they never actually checked that.

InfoSec

InfoSec Artificial Intelligence Computers and Electronics Software

APT trends report Q1 2021

SecureList

APRIL 27, 2021

Although Lyceum still prefers taking advantage of DNS tunneling, it appears to have replaced the previously documented.NET payload with a new C++ backdoor and a PowerShell script that serve the same purpose. The victims we observed were all high-profile Tunisian organizations, such as telecommunications or aviation companies.

Malware

Malware Spyware Government Social Engineering

KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO

Krebs on Security

JUNE 20, 2024

. “Ultimately, my clients don’t care what you say about any of the websites or corporate entities in your Article, as long as you completely remove my clients’ names from the Article and cooperate with my clients to have copies of the Article where my clients’ names appear removed from the Internet,” Mr. Gurvits wrote.

Marketing

Marketing Telecommunications DNS Data privacy

Cyber Security Informer

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Sea Turtle Hackers Spy on Dutch ISPs and Telecommunication Companies

Trending Sources

Why You Need a Secondary DNS

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

ICANN warns of large-scale attacks on Internet infrastructure

Alleged Iran-linked APT groups behind global DNS Hijacking campaign

DHS issues emergency Directive to prevent DNS hijacking attacks

INTERNET BLOCKING IN MYANMAR – SECRET BLOCK LIST AND NO MEANS TO APPEAL

Sunburst: connecting the dots in the DNS requests

Cuttlefish malware targets enterprise-grade SOHO routers

RuNet – Russia successfully concluded tests on its Internet infrastructure

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

China-linked LightBasin group accessed calling records from telcos worldwide

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Massive Surge in DDoS Attacks Reported in First Quarter of 2023

How to Stop DDoS Attacks: Prevention & Response

For nearly a year, Brazilian users have been targeted with router attacks

GALLIUM Threat Group targets global telcos, Microsoft warns

Netanyahu accuses Iran of cyber attacks carried out daily

What are Common Types of Social Engineering Attacks?

What is a Managed Security Service Provider? MSSPs Explained

Group-IB presents its annual report on global threats to stability in cyberspace

WinDealer dealing on the side

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

DDoS attacks in Q4 2020

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

APT trends report Q1 2021

KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO

Stay Connected