Security Affairs

SEPTEMBER 8, 2024

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. government entities in Belgium, and telecommunications companies in Thailand and Brazil. “Analysis of the script download URL’s telemetry reveals a concentrated pattern of infections. .

Malware 134

Malware Telecommunications Encryption DDOS 134

Security Affairs

SEPTEMBER 5, 2024

The group focuses on government departments that are involved in foreign affairs, technology, and telecommunications. The malware is highly obfuscated and disguises itself as system utilities, allowing attackers to perform tasks like file manipulation, command execution, and remote port scanning. TCP, RDP, TLS, Ping, Web).

Malware 119

Malware Telecommunications Encryption Hacking 119

CyberSecurity Insiders

SEPTEMBER 21, 2022

Coming to the third news related to malware, Vmware and Microsoft have jointly issued a warning against Chromeloader Malware that has evolved into a major threat in recent times. Hackers are seen using this malware to exploit browsers leading to advertising and affiliate frauds. Last is the news about the Russian-Ukraine war.

Malware 121

Malware Telecommunications Insurance Ransomware 121

Security Affairs

SEPTEMBER 19, 2023

China-linked threat actor Earth Lusca used a new Linux malware dubbed SprySOCKS in a recent cyber espionage campaign. Researchers from Trend Micro, while monitoring the activity of the China-linked threat actor Earth Lusca , discovered an encrypted file hosted on a server under the control of the group.

Malware 126

Malware Encryption Telecommunications Authentication 126

Security Affairs

MARCH 24, 2025

China-linked APT Weaver Ant infiltrated the network of a telecommunications services provider for over four years. The encrypted China Chopper variant, frequently used by the attackers, employed AES encryption to evade detection by Web Application Firewalls (WAFs).

Telecommunications 66

Telecommunications Encryption Accountability Firewall 66

Approachable Cyber Threats

MARCH 9, 2023

Category Awareness, News, Case Study As one of the world’s fastest-growing industries, telecommunication has become a highly vulnerable target for cybersecurity threats. In short, telecommunications (telecom) is a fundamental and critical component of our global infrastructure. What can be done? Read more of the ACT

Telecommunications 52

Telecommunications IoT Firewall Encryption 52

Security Affairs

NOVEMBER 21, 2019

The new DePriMon downloader was used by the Lambert APT group, aka Longhorn, to deploy malware. The group is very sophisticated and used zero-day exploits and complex malware to conduct targeted attacks against governments and organizations in almost every industry, including financial, energy, telecommunications, and education, aerospace.

Malware 135

Malware Telecommunications Advertising Encryption 135

Security Affairs

NOVEMBER 28, 2022

While the malware written in.NET is new, its deployment is similar to previous attacks attributed to #Sandworm. In April, Sandworm targeted energy facilities in Ukraine with a new strain of the Industroyer ICS malware (INDUSTROYER2) and a new version of the CaddyWiper wiper. The key is then RSA encrypted and written to aes.bin.

Ransomware 138

Ransomware Encryption Telecommunications Malware 138

SecureList

DECEMBER 22, 2022

Around the same time, we identified ransomware and wiper malware samples resembling those used in the first wave, though with a few interesting modifications that likely allowed evasion of security controls and better attack speeds. Below, we compare and discuss the differences between the wave 1 and wave 2 ransomware and wiper malware.

Ransomware 132

Ransomware Telecommunications Malware Encryption 132

Security Affairs

NOVEMBER 16, 2022

The backdoor unpacking process is composed of several stages, the second-stage malicious code is stored inside the malware PE file. The second stage payload is a heavily obfuscated shellcode, the APT group used an encryption method different for each sample. ” continues the analysis.

Telecommunications 141

Telecommunications Manufacturing Malware Education 141

Security Affairs

MARCH 4, 2024

LightBasin targeted and compromised mobile telephone networks around the globe and used specialized tools to access calling records and text messages from telecommunications companies. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019.

Telecommunications 145

Telecommunications Firewall Mobile Malware 145

Security Affairs

SEPTEMBER 28, 2021

Microsoft discovered new custom malware, dubbed FoggyWeb, used by the Nobelium cyberespionage group to implant backdoor in Windows domains. “Once NOBELIUM obtains credentials and successfully compromises a server, the actor relies on that access to maintain persistence and deepen its infiltration using sophisticated malware and tools.

Malware 109

Malware Telecommunications Encryption Government 109

SecureList

NOVEMBER 15, 2022

Dtrack hides itself inside an executable that looks like a legitimate program, and there are several stages of decryption before the malware payload starts. DTrack unpacks the malware in several stages. The second stage is stored inside the malware PE file. The encryption method used by the second layer differs for each sample.

Malware 145

Malware Telecommunications Encryption Manufacturing 145

Security Affairs

DECEMBER 12, 2019

The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. ” reads the warning published by Microsoft.

Telecommunications 97

Telecommunications DNS Malware Advertising 97

The Last Watchdog

FEBRUARY 27, 2023

And since malware and vulnerabilities constantly change, threat models must continually evolve too. The best all-around metric for SASE/ZT testing is QoE, as it reflects multiple underlying factors, including performance, error detection, encryption variability, overall transaction latency, and (for ZT) concurrent authentication rate.

Risk 208

Risk Architecture Firewall Telecommunications 208

Digital Shadows

MARCH 17, 2025

VPN Infrastructures Allure for Threat Actors PNs have become a fundamental part of network security for organizations worldwide, enabling secure remote access to systems, encrypting sensitive data during transmission, and protecting internal networks from unauthorized access. 3 Whats Behind its Enduring Popularity? 1 hxxps://www.first[.]org/epss/

VPN 133

VPN Authentication Ransomware Risk 133

Security Affairs

SEPTEMBER 20, 2024

Targets include organizations in the government and telecommunications sectors across the Middle East. The experts observed the use of the malware BABYWIPER in Israel in 2022 and the malware ROADSWEEP in Albania in 2022. The group is known for maintaining long-term access to victim networks. ” Mandiant said.

Malware 125

Malware Telecommunications Antivirus Engineering 125

Security Affairs

JANUARY 14, 2022

The gang was targeting organizations via spam campaigns to spread ransomware, however, the police did not disclose the malware family used by the group in its attacks. The gang was also providing VPN-like services used by other cybercriminal organizations to carry out malicious activities used to deliver malware to the target organization.

Ransomware 137

Ransomware DDOS Telecommunications Malware 137

CyberSecurity Insiders

MAY 31, 2022

However, he failed to provide a statement on whether the company paid any ransom to free up the data from encryption. . Kirk Saville, the spokesperson for Hannes Brand, confirmed the news and said that the situation was brought under control within no time.

Ransomware 112

Ransomware Telecommunications Encryption Cyber Attacks 112

Security Affairs

AUGUST 21, 2019

The group hit entities in several industries, including the gaming, healthcare, high-tech, higher education, telecommunications, and travel services industries. Unlike other China-based actors, the group used custom malware in cyber espionage operations, experts observed 46 different malware families and tools in APT41 campaigns.

Malware 109

Malware Telecommunications Advertising Healthcare 109

Krebs on Security

DECEMBER 29, 2022

This bold about-face dumbfounded many longtime Norton users because antivirus firms had spent years broadly classifying all cryptomining programs as malware. Among the Twilio customers targeted was encrypted messaging service Signal , which relied on Twilio to provide phone number verification services. ” SEPTEMBER.

Cryptocurrency 288

Cryptocurrency Cybercrime Computers and Electronics Scams 288

SecureList

OCTOBER 7, 2022

Using LOLBINS, common legitimate pentesting tools, and fileless malware; misleading security researchers by placing false flags—these and other anti-forensic tricks often make threat attribution a matter of luck. The malware spreads through spear-phishing emails with a malicious Microsoft Office document as attachment.

Malware 145

Malware Computers and Electronics Telecommunications Encryption 145

Security Affairs

OCTOBER 24, 2020

The ransomware encrypted files and renamed their filenames by adding the “ easy2lock” extension, this extension was previously associated with recent WastedLocker ransomware infections. Most of the victims belong to the manufacturing industry, followed by IT and media and telecommunications sectors.

Ransomware 123

Ransomware Telecommunications Banking Advertising 123

Malwarebytes

SEPTEMBER 25, 2023

The announcement says Sony's data is for sale: Sony Group Corporation, formerly Tokyo Telecommunications Engineering Corporation, and Sony Corporation, is a Japanese multinational conglomerate corporation headquartered in Minato, Tokyo, Japan We have successfully compromissed [sic] all of sony systems. Stop malicious encryption.

Ransomware 145

Ransomware Computers and Electronics Backups Telecommunications 145

Security Affairs

OCTOBER 7, 2024

Telecommunications giant Comcast is notifying approximately 238,000 customers impacted by the Financial Business and Consumer Solutions (FBCS) data breach. Telecommunications provider Comcast is one of the FBCS customers impacted by the incident. Starting on April 4, 2024, the agency began notifying impacted customers.

Data breaches 131

Data breaches Telecommunications Ransomware Accountability 131

SecureList

MARCH 30, 2021

Most of the discovered malware families are fileless malware and they have not been seen before. One particular piece of malware from this campaign is called Ecipekac (a.k.a Encrypted Ecipekac Layer II loader (shellcode). Encrypted Ecipekac Layer IV loader (shellcode). size of encrypted data. pcasvc.dll.

Malware 145

Malware Encryption VPN Technology 145

SecureList

JUNE 2, 2022

It primarily goes after targets located in China, such as foreign diplomatic organizations established in the country, members of the academic community, or companies from the defense, logistics and telecommunications sectors. Leaving the mystery of the delivery method aside for now, let’s look at the capabilities of the malware itself.

Malware 137

Malware Encryption Social Engineering Telecommunications 137

Security Affairs

OCTOBER 19, 2021

Symantec spotted a previously unknown nation-state actor, tracked as Harvester, that is targeting telecommunication providers and IT firms in South Asia. “The Harvester group uses both custom malware and publicly available tools in its attacks, which began in June 2021, with the most recent activity seen in October 2021.

Telecommunications 86

Telecommunications Malware Government Encryption 86

Malwarebytes

OCTOBER 27, 2023

” Since then the group has expanded its range of activities to include targeting organizations providing cable telecommunications, email, and tech services, and partnering with the ALPHV/BlackCat ransomware group. Use endpoint security software that can prevent exploits and malware used to deliver ransomware. Detect intrusions.

Social Engineering 120

Social Engineering Engineering Ransomware Backups 120

Hacker Combat

JANUARY 30, 2022

Zimperium research team discovered Dark Herring Malware; the team’s report stated that over A hundred million Android users downloaded and installed the applications from the google play store and other app stores. Dark Herring Malware used four hundred and seventy applications to target users in different countries.

Consumer Protection 124

Consumer Protection Telecommunications Malware Scams 124

Security Boulevard

MARCH 15, 2022

Other targets include Brazil’s Ministry of Health (MoH) and Brazilian telecommunications operator Claro. Since they appear to be succeeding, Lapsus$ announced that they are looking to recruit insiders employed at telecommunications, software and gaming companies, among other technology businesses.

Ransomware 128

Ransomware Telecommunications Firmware Media 128

SecureList

SEPTEMBER 30, 2021

This cluster stood out for its usage of a formerly unknown Windows kernel mode rootkit that we dubbed Demodex, and a sophisticated multi-stage malware framework aimed at providing remote control over the attacked servers. We identified multiple attack vectors that triggered an infection chain leading to the execution of malware in memory.

Malware 145

Malware Engineering Encryption Telecommunications 145

SecureWorld News

JANUARY 27, 2023

The United States Department of Justice (DOJ) recently announced that it has successfully taken down the HIVE ransomware network, an international cybercrime ring that had been responsible for stealing and encrypting the data of more than 1,500 companies from 80 different countries.

Ransomware 98

Ransomware Cybercrime Cryptocurrency Telecommunications 98

SecureList

MAY 11, 2023

Security researchers discovered an archive that contained test builds of the malware for a number of less common platforms, including macOS and FreeBSD, as well as for various non-standard processor architectures, such as MIPS and SPARC. Meanwhile, the malware itself evolved, adding an LDAP-based self-spreading mechanism.

Ransomware 140

Ransomware Malware Architecture Telecommunications 140

Malwarebytes

NOVEMBER 6, 2023

Since then the group has expanded its range of activities to include targeting organizations providing cable telecommunications, email, and tech services, and partnering with the ALPHV ransomware group. Use endpoint security software that can prevent exploits and malware used to deliver ransomware. Stop malicious encryption.

Ransomware 127

Ransomware Backups Accountability Social Engineering 127

Security Affairs

JUNE 24, 2024

Over the past year, ExCobalt targeted Russian organizations in the the following industries: Metallurgy Telecommunications Mining Information technology Government Software development The Cobalt’s hallmark was the use of the CobInt tool , the same tool that ExCobalt began using in 2022.

Cybercrime 118

Cybercrime Telecommunications DNS Technology 118

SecureList

MAY 12, 2021

To ensure that their ability to restore encrypted files would never be questioned, they cultivated an online presence, wrote press releases and generally made sure their name would be known to all potential victims. Well-known malware families are involved in the biggest and most wide-reaching campaigns.

Ransomware 145

Ransomware Encryption Malware Cybercrime 145