Encryption, Telecommunications and VPN - Cyber Security Informer

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. How AI and automation are amplifying the scale and sophistication of VPN attacks.

VPN

VPN Authentication Ransomware Risk

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

It is perhaps best known for selling virtual private networking (VPN) software that lets users remotely access networks and computers over an encrypted connection. Iranian hackers recently have been blamed for hacking VPN servers around the world in a bid to plant backdoors in large corporate networks.

VPN

VPN Passwords Software Telecommunications

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

Strong segmentation with firewalls and DMZs, securing VPN gateways, and ensuring encrypted traffic with TLS v1.3 The US government’s continued investigation into the People’s Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign.”

Telecommunications

Telecommunications Government Mobile Cyber threats

What Is Encryption? Definition, How it Works, & Examples

eSecurity Planet

DECEMBER 7, 2023

Encryption uses mathematical algorithms to transform and encode data so that only authorized parties can access it. What Encryption Is and How It Relates to Cryptology The science of cryptography studies codes, how to create them, and how to solve them. How Does Encryption Process Data? How Does Encryption Process Data?

Encryption

Encryption Passwords IoT Firewall

GUEST ESSAY: Australia’s move compelling VPNs to cooperate with law enforcement is all wrong

The Last Watchdog

FEBRUARY 11, 2019

When government agencies and international intelligence groups pooled together resources to gather user data, the VPN’s encryption seemed like the light at the end of the tunnel. The amendment forces all companies, even VPN providers, to collect and give away confidential user data if the police demand it.

Encryption

Encryption VPN Telecommunications Data privacy

The Russian Government blocked ProtonMail and ProtonVPN

Security Affairs

FEBRUARY 2, 2020

The p opular ProtonMail end-to-end encrypted email service and ProtonVPN VPN service have been blocked by the Russian government this week. This week the Russian government has blocked the ProtonMail end-to-end encrypted email service and ProtonVPN VPN service.

Government

Government VPN Telecommunications Advertising

The Best Ways to Secure Communication Channels in The Enterprise Environment

CyberSecurity Insiders

DECEMBER 12, 2021

The messages you send are encrypted on the client side so the content is visible only by you and the recipient intended to read it. The features that are coming soon include: SSO, MFA, templates, real time secure communication, dedicated portal, option to choose your own encryption module, monitoring, real time authorization and more.

VPN

VPN Passwords Encryption Mobile

GALLIUM Threat Group targets global telcos, Microsoft warns

Security Affairs

DECEMBER 12, 2019

The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. ” reads the warning published by Microsoft.

Telecommunications

Telecommunications DNS Malware Advertising

Ukrainian police arrested Ransomware gang behind attacks on 50 companies

Security Affairs

JANUARY 14, 2022

The gang was also providing VPN-like services used by other cybercriminal organizations to carry out malicious activities used to deliver malware to the target organization. Source SSU. The law enforcement arrested the leader of the group, a 36-year-old man that lives in Kyiv, along with his wife and three other acquaintances.

Ransomware

Ransomware DDOS Telecommunications Malware

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

FEBRUARY 18, 2019

Talos reported that these DNS hijacks also paved the way for the attackers to obtain SSL encryption certificates for the targeted domains (e.g. webmail.finance.gov.lb), which allowed them to decrypt the intercepted email and VPN credentials and view them in plain text. adpvpn.adpolice.gov.ae: VPN service for the Abu Dhabi Police.

DNS

DNS Internet Internet Government

Lapsus$: The New Name in Ransomware Gangs

Security Boulevard

MARCH 15, 2022

Other targets include Brazil’s Ministry of Health (MoH) and Brazilian telecommunications operator Claro. Since they appear to be succeeding, Lapsus$ announced that they are looking to recruit insiders employed at telecommunications, software and gaming companies, among other technology businesses.

Ransomware

Ransomware Telecommunications Firmware Media

Russia’s watchdog Roskomnadzor threatens to fine Twitter and Facebook

Security Affairs

FEBRUARY 2, 2020

Russia’s telecommunications watchdog Roskomnadzor has instituted administrative proceedings against Facebook and Twitter after they refused to store data of Russian users on servers located in the country. This week the Russian government has blocked the ProtonMail end-to-end encrypted email service and ProtonVPN VPN service.

Telecommunications

Telecommunications VPN Advertising Government

APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign

SecureList

MARCH 30, 2021

The actor leveraged vulnerabilities in Pulse Connect Secure in order to hijack VPN sessions, or took advantage of system credentials that were stolen in previous operations. Log of the hijacking VPN session from DESKTOP-A41UVJV. Encrypted Ecipekac Layer II loader (shellcode). Encrypted Ecipekac Layer IV loader (shellcode).

Malware

Malware Encryption VPN Technology

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

Within six hours, the attacker began encrypting the organization’s systems. This concealed their attack until the environment was encrypted and backups were sabotaged. Scattered Spider previously targeted telecommunications firms, likely to support its SIM-swapping activities that facilitate account takeovers.

Social Engineering

Social Engineering Engineering Accountability Backups

Hacktivists Use Telegram, Signal, Dark Web to Assist Protestors in Iran

SecureWorld News

SEPTEMBER 30, 2022

Check Point has also observed the sharing of open VPN servers for the purpose of bypassing censorship, as Iran has limited the use of internet and social media. The actors used their access to move laterally within the network, encrypt network devices with BitLocker, and hold the decryption keys for ransom.". "In police department.

Government

Government Telecommunications Encryption Internet

WinDealer dealing on the side

SecureList

JUNE 2, 2022

It primarily goes after targets located in China, such as foreign diplomatic organizations established in the country, members of the academic community, or companies from the defense, logistics and telecommunications sectors. Layout of the encrypted data. x33x44”). Description. Sample value (in hex). Unknown static value.

Malware

Malware Encryption Social Engineering Telecommunications

What to do if your company was mentioned on Darknet?

SecureList

DECEMBER 12, 2023

To find out, in 2022 we created a list of 700 companies worldwide from different industries: industrial, telecommunication, financial, retail, and others. But are we really conscious of the true scale of the threat? Then we searched through Darknet trying to answer the question of “How likely these companies have suffered a breach?”

Data breaches

Data breaches Accountability Telecommunications Malware

Ransomware world in 2021: who, how and why

SecureList

MAY 12, 2021

To ensure that their ability to restore encrypted files would never be questioned, they cultivated an online presence, wrote press releases and generally made sure their name would be known to all potential victims. The malware sample has an encrypted configuration block with many fields, which allow attackers to fine-tune the payload.

Ransomware

Ransomware Encryption Malware Cybercrime

DDoS attacks in Q1 2021

SecureList

MAY 10, 2021

To prevent attacks via RDP, it is recommended to hide RDP servers behind a VPN or disable UDP port 3389. That said, a VPN is no panacea if it too is vulnerable to amplification attacks. In Q1 2021, for instance, attackers went after Powerhouse VPN servers.

DDOS

DDOS Cryptocurrency Media Marketing

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

Within six hours, the attacker began encrypting the organization’s systems. This concealed their attack until the environment was encrypted and backups were sabotaged. Scattered Spider previously targeted telecommunications firms, likely to support its SIM-swapping activities that facilitate account takeovers.

Social Engineering

Social Engineering Engineering Accountability Backups

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Perimeter81 VPN and zero trust 2020 Private Wiz Cloud security 2020 Private OneTrust Privacy management 2019 Private Darktrace AI network security 2017 Private Recorded Future Threat intelligence 2017 Acquired: Insight Thycotic Access management 2015 Private Checkmarx Application security 2015 Acquired: P.E.

Cybersecurity

Cybersecurity Technology Marketing Healthcare

China-linked APT Salt Typhoon has breached telcos in dozens of countries

Security Affairs

DECEMBER 4, 2024

China-linked APT group Salt Typhoon has breached telecommunications companies in dozens of countries, US govt warns. President Biden’s deputy national security adviser Anne Neuberger said that China-linked APT group Salt Typhoon has breached telecommunications companies in dozens of countries. reads the joint advisory.

Telecommunications

Telecommunications Government Mobile Cyber threats

Group-IB Hi-Tech Crime Trends 2020/2021 report

Security Affairs

NOVEMBER 25, 2020

Group-IB’s report Hi-Tech Crime Trends 2020/2021 examines various aspects of cybercrime industry operations and predicts changes to the threat landscape for various sectors, namely the financial industry, telecommunications, retail, manufacturing, and the energy sector. Ransomware operators buy access and then encrypt devices on the network.

Banking

Banking Ransomware Phishing Marketing

APT trends report Q1 2021

SecureList

APRIL 27, 2021

The attackers used vulnerabilities in an SSL-VPN product to deploy a multi-layered loader we dubbed Ecipekac (aka DESLoader, SigLoader and HEAVYHAND). The victims we observed were all high-profile Tunisian organizations, such as telecommunications or aviation companies. We attribute this activity to APT10 with high confidence.

Malware

Malware Government Spyware Social Engineering

Ransomware by the numbers: Reassessing the threat’s global impact

SecureList

APRIL 23, 2021

In addition, attackers appear to be more focused on exfiltrating data as well as encrypting it, i.e., siphoning off confidential information and threatening to make it public if the victims refuse to pay. These include crypto-ransomware (malware that encrypts your files), screen lockers, browser lockers, and boot lockers. Conclusion.

Ransomware

Ransomware Mobile Malware Encryption

Cyber Security Informer

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Hackers Were Inside Citrix for Five Months

Trending Sources

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

What Is Encryption? Definition, How it Works, & Examples

GUEST ESSAY: Australia’s move compelling VPNs to cooperate with law enforcement is all wrong

The Russian Government blocked ProtonMail and ProtonVPN

The Best Ways to Secure Communication Channels in The Enterprise Environment

GALLIUM Threat Group targets global telcos, Microsoft warns

Ukrainian police arrested Ransomware gang behind attacks on 50 companies

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Lapsus$: The New Name in Ransomware Gangs

Russia’s watchdog Roskomnadzor threatens to fine Twitter and Facebook

APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign

Scattered Spider x RansomHub: A New Partnership

Hacktivists Use Telegram, Signal, Dark Web to Assist Protestors in Iran

WinDealer dealing on the side

What to do if your company was mentioned on Darknet?

Ransomware world in 2021: who, how and why

DDoS attacks in Q1 2021

Scattered Spider x RansomHub: A New Partnership

Top VC Firms in Cybersecurity of 2022

China-linked APT Salt Typhoon has breached telcos in dozens of countries

Group-IB Hi-Tech Crime Trends 2020/2021 report

APT trends report Q1 2021

Ransomware by the numbers: Reassessing the threat’s global impact

Stay Connected