Hacking, Information Security and Telecommunications

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” and its allies for hacking activities in July.

Hacking

Hacking Internet Internet Government

RansomHub gang claims the hack of the telecommunications giant Frontier Communications

Security Affairs

JUNE 4, 2024

The RansomHub ransomware group added the American telecommunications company Frontier Comunications to the list of victims on its Tor leak site. The RansomHub ransomware group claimed to have stolen the information of over 2 million customers from the American telecommunications company Frontier Communications.

Telecommunications

Telecommunications Hacking Data breaches Cybercrime

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. is a French telecommunications company, subsidiary of Iliad S.A. that provides voice, video, data, and Internet telecommunications to consumers in France. Free S.A.S.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

Ukrainian telecommunications operators hit by DarkCrystal RAT malware

Security Affairs

JUNE 27, 2022

The Ukrainian CERT-UA warns of attacks against Ukrainian telecommunications operators involving the DarkCrystal RAT. The Governmental Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a malware campaign targeting Ukrainian telecommunications operators with the DarkCrystal RAT. SecurityAffairs – hacking, RAT).

Telecommunications

Telecommunications Malware Media Passwords

European Telecommunications Standards Institute (ETSI) suffered a data breach

Security Affairs

OCTOBER 2, 2023

The European Telecommunications Standards Institute (ETSI) disclosed a data breach, threat actors had access to a database of its users. Threat actors stole a database containing the list of users of the portal of the European Telecommunications Standards Institute ( ETSI ).

Telecommunications

Telecommunications Data breaches Technology Passwords

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. The Chinese APT focuses on government entities and telecommunications companies in Southeast Asia.

Mobile

Mobile Telecommunications Data breaches Hacking

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. According to public sources, the threat actors targeted ICS of at least 11 Ukrainian telecommunications providers leading to the disruption of their services. ” reads the advisory.

Telecommunications

Telecommunications Authentication Data collection Passwords

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

FEBRUARY 25, 2025

” NKTsKI recommends organizations to strengthen monitoring of threats and information security events in systems provided by LANIT. LANIT Group (Laboratory of New Information Technologies) is one of Russia’s largest IT service and software providers. ” said U.S.

Telecommunications

Telecommunications Software Technology Healthcare

Black Basta ransomware gang hit BT Group

Security Affairs

DECEMBER 4, 2024

British multinational telecommunications holding company BT Group (formerly British Telecom) announced it has shut down some of its servers following a Black Basta ransomware attack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware)

Ransomware

Ransomware Telecommunications Healthcare Insurance

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

. “The US government’s continued investigation into the People’s Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign.” ” reads the joint statement issued by CISA and FBI. law enforcement requests pursuant to court orders.

Government

Government Telecommunications Surveillance Risk

China-linked hackers target telecommunication providers in the Middle East

Security Affairs

MARCH 24, 2023

Researchers reported that China-linked hackers targeted telecommunication providers in the Middle East in the first quarter of 2023. In the first quarter of 2023, SentinelLabs researchers spotted the initial phases of attacks against telecommunication providers in the Middle East. ” reads the report published by SentinelLabs.

Telecommunications

Telecommunications Malware Mobile Internet

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Ukraine) The malspam messages had the topic Free primary legal aid use a password-protected attachment Algorithm of actions of members of the family of a missing serviceman LegalAid.rar.

Computers and Electronics

Computers and Electronics Telecommunications Malware Surveillance

TalkTalk confirms data breach involving a third-party platform

Security Affairs

JANUARY 27, 2025

UK telecommunications firm TalkTalk disclosed a data breach after a threat actor announced the hack on a cybercrime forum. UK telecommunications company TalkTalk confirmed a data breach after a threat actor claimed responsibility for the cyber attack on a cybercrime forum and offered for sale alleged customer data.

Data breaches

Data breaches Telecommunications Cybercrime Hacking

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Storm-2372s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East.”

Phishing

Phishing Authentication Telecommunications Accountability

SFO discloses data breach following the hack of 2 of its websites

Security Affairs

APRIL 11, 2020

San Francisco International Airport (SFO) disclosed a data breach, its websites SFOConnect.com and SFOConstruction.com were hacked last month. SecurityAffairs – hacking, data breach). The post SFO discloses data breach following the hack of 2 of its websites appeared first on Security Affairs. Pierluigi Paganini.

Data breaches

Data breaches Hacking Telecommunications Advertising

Thai police arrested Chinese hackers involved in SMS blaster attacks

Security Affairs

NOVEMBER 25, 2024

Yang faces charges for illegal telecommunications operations, with investigations ongoing to uncover his network and mastermind Thai police issued warrants for 24 suspects, including 9 foreigners and 15 Thais. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, SMS blaster)

Mobile

Mobile Scams Technology Telecommunications

China-linked LightBasin group accessed calling records from telcos worldwide

Security Affairs

OCTOBER 20, 2021

China-linked cyberespionage group LightBasin hacked mobile telephone networks around the world and used specialized tools to access calling records. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019. ” reads the report published by Crowdstrike.

Telecommunications

Telecommunications Mobile Hacking Architecture

Operation Soft Cell – Multiple telco firms hacked by nation-state actor

Security Affairs

JUNE 25, 2019

Once compromised the networks of telecommunication companies, attackers can access to mobile phone users’ call data records. “Based on the data available to us, Operation Soft Cell has been active since at least 2012, though some evidence suggests even earlier activity by the threat actor against telecommunications providers.

Telecommunications

Telecommunications Hacking Advertising Mobile

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

FEBRUARY 13, 2025

On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware. “ Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Russia)

Telecommunications

Telecommunications DNS Passwords Hacking

6 out of 11 EU agencies running Solarwinds Orion software were hacked

Security Affairs

APRIL 16, 2021

European Commissioner for Budget and Administration Johannes Hahn confirmed the hack of some EU agencies as result of the SolarWinds supply chain attack in a response to a question filed by an EU Parliament member in February 2021. The hack allowed the threat actors to spy on the internal email traffic. Pierluigi Paganini.

Hacking

Hacking Software Telecommunications Cyber Attacks

China-linked APT41 group targets telecommunications companies with new backdoor

Security Affairs

OCTOBER 31, 2019

China-linked APT41 group is targeting telecommunications companies with a new piece of malware used to spy on text messages of highly targeted individuals. The experts found the MessageTap backdoor installed on a Linux-based Short Message Service Center (SMSC) server belonging to an unnamed telecommunications company.

Telecommunications

Telecommunications Malware Advertising Mobile

Chinese APT Weaver Ant infiltrated a telco in Asia for over four years

Security Affairs

MARCH 24, 2025

China-linked APT Weaver Ant infiltrated the network of a telecommunications services provider for over four years. Sygnia attributes its activities to China based on the use of Zyxel routers operated by Southeast Asian telecommunication providers, backdoors linked to Chinese groups, and operations during GMT +8 business hours.

Telecommunications

Telecommunications Encryption Accountability Firewall

Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug

Security Affairs

OCTOBER 16, 2022

Some webshell paths that @Volexity identified were used in targeted (likely #APT ) exploitation of key organizations in government, telecommunications, and IT, predominantly in Asia; others were used in massive worldwide #exploitation. SecurityAffairs – hacking, Zimbra). #volexintel 1/4 — Volexity (@Volexity) October 13, 2022.

Hacking

Hacking Antivirus Telecommunications Engineering

IT Army of Ukraine disrupted internet providers in territories occupied by Russia

Security Affairs

OCTOBER 29, 2023

After the invasion of the Crimea and the eastern Ukraine, Ukrainian telecommunications infrastructure was disable by Russian soldiers. Telecommunication infrastructure and internet services are critical infrastructure and were targeted by both Russian and Ukrainian threat actors. reads the advisory published by the CERT-UA.

Internet

Internet Internet Telecommunications DDOS

Lapsus$ gang claims to have hacked Microsoft source code repositories

Security Affairs

MARCH 21, 2022

Microsoft is investigating claims that the Lapsus$ hacking group breached its internal Azure DevOps source code repositories. Their scope of interests includes – major telecommunications companies such as Claro, Telefonica and AT&T. SecurityAffairs – hacking, Microsoft). Pierluigi Paganini.

Hacking

Hacking InfoSec Telecommunications Cybercrime

A powerful DDoS attack hit Hungarian banks and telecoms services

Security Affairs

SEPTEMBER 26, 2020

Hungarian financial institutions and telecommunications infrastructure were hit by a powerful DDoS attack originating from servers in Russia, China and Vietnam. A powerful DDoS attack hit some Hungarian banking and telecommunication services that briefly disrupted them. SecurityAffairs – hacking, Hungary). Pierluigi Paganini.

DDOS

DDOS Banking Telecommunications Advertising

NCSC: New UK law bans default passwords on smart devices

Security Affairs

APRIL 30, 2024

The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will be effective on April 29, 2024. Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, smart device manufacturers) ” reads the announcement published by NCSC.

Passwords

Passwords Manufacturing Telecommunications Cyber Attacks

China-linked APT UNC3886 targets EoL Juniper routers

Security Affairs

MARCH 12, 2025

Its primary focus is on defense, technology, and telecommunications sectors in the US and Asia. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, backdoor) ” Mandiant also provided Indicators of Compromise (IoCs) and Yara rules to detect these backdoors.

Telecommunications

Telecommunications Malware DDOS Technology

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

Security Affairs

DECEMBER 30, 2020

T-Mobile discovered that the attackers had access to the CPNI (Customer Proprietary Network Information). Customer proprietary network information (CPNI) is the data collected by telecommunications companies about a consumer’s telephone calls. The telecommunication giant is in the process of notifying impacted customers.

Data breaches

Data breaches Mobile Telecommunications Wireless

Metador, a never-before-seen APT targeted ISPs and telco for about 2 years

Security Affairs

SEPTEMBER 26, 2022

A previously undetected hacking group, tracked as Metador, has been targeting telecommunications, internet services providers (ISPs), and universities for about two years. SecurityAffairs – hacking, APT). The post Metador, a never-before-seen APT targeted ISPs and telco for about 2 years appeared first on Security Affairs.

Telecommunications

Telecommunications Authentication Malware Internet

AT&T is notifying millions of customers of data breach after a third-party vendor hack

Security Affairs

MARCH 10, 2023

AT&T is warning some of its customers that some of their information was exposed after the hack of a third-party vendor’s system. AT&T is notifying millions of customers that some of their information was exposed after a third-party vendor was hacked. Social Security Number, account passwords).

Data breaches

Data breaches Hacking Wireless Telecommunications

Massive DDoS attack brought down 25% Iranian Internet connectivity

Security Affairs

FEBRUARY 9, 2020

“Network data from the NetBlocks internet observatory confirm extensive disruption to telecommunication networks in Iran on the morning of Saturday, 8 February 2020 lasting several hours.” SecurityAffairs – Iran, hacking). ” reads a post published by NetBlocks. Pierluigi Paganini.

DDOS

DDOS Internet Internet Telecommunications

Hackers gained access to T-Mobile customers and employee personal info

Security Affairs

MARCH 5, 2020

New problems for the wireless carrier T-Mobile that disclosed a data breach that exposed some of the customers’ personal information. A data breach notification published by the telecommunications giant on its website revealed that the security breach impacted both employees and customers. Pierluigi Paganini.

Mobile

Mobile Data breaches Telecommunications Wireless

A Ransomware infected the network of the cybersecurity firm Prosegur

Security Affairs

NOVEMBER 28, 2019

The Spanish multinational security company Prosegur announced that it was of a ransomware attack that disrupted its telecommunication platform. SecurityAffairs – hacking, ransomware). The post A Ransomware infected the network of the cybersecurity firm Prosegur appeared first on Security Affairs. Pierluigi Paganini.

Ransomware

Ransomware Cybersecurity Telecommunications Advertising

France will not ban Huawei from its upcoming 5G networks

Security Affairs

SEPTEMBER 1, 2020

French President Emmanuel Macron announced that France won’t ban the Chinese giant Huawei from its upcoming 5G telecommunication networks. French President Emmanuel Macron announced that his government will not exclude Chinese telecom giant Huawei from the building of the upcoming 5G telecommunication networks.

Telecommunications

Telecommunications Advertising Technology Manufacturing

230K individuals impacted by a data breach suffered by Telco provider Tangerine

Security Affairs

FEBRUARY 23, 2024

Australian telecommunications provider Tangerine disclosed a data breach that impacted roughly 230,000 individuals. Tangerine suffered a data breach that exposed the personal information of roughly 230,000 individuals. The telco notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. 

Data breaches

Data breaches Telecommunications Banking Mobile

T-Mobile customers were hit with SIM swapping attacks

Security Affairs

FEBRUARY 27, 2021

The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks. Pierluigi Paganini.

Mobile

Mobile Data breaches Telecommunications Identity Theft

AT&T confirmed that a data breach impacted 73 million customers

Security Affairs

MARCH 30, 2024

In August 2021, the ShinyHunters group claimed to have a database containing private information on roughly 70 million AT&T customers, but the company denied that they had been stolen from its systems. ” reads a statement published by the telecommunication giant.

Data breaches

Data breaches Telecommunications Cybercrime Hacking

Security Affairs newsletter Round 500 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 1, 2024

Soldier Major cybercrime operation nets 1,006 suspects UK hospital network postpones procedures after cyberattack Tether Has Become a Massive Money Laundering Tool for Mexican Drug Traffickers, Feds Say Florida Telecommunications and Information Technology Worker Sentenced for Conspiring to Act as Agent of Chinese Government Rockstar 2FA: A Driving (..)

Cybercrime

Cybercrime Firewall Social Engineering Ransomware

FCC adds Kaspersky to Covered List due to unacceptable risks to national security

Security Affairs

MARCH 26, 2022

Below is the list of Covered Equipment or Services added on March 25, 2022: Information security products, solutions, and services supplied, directly or indirectly, by AO Kaspersky Lab or any of its predecessors, successors, parents, subsidiaries, or affiliates. Telecommunications services provided by China Telecom (Americas) Corp.

Risk

Risk Telecommunications Mobile Antivirus

US and UK details a new Python backdoor used by MuddyWater APT group

Security Affairs

FEBRUARY 24, 2022

The group’s victims are mainly in the telecommunications, government (IT services), and oil sectors. In January, US Cyber Command (USCYBERCOM) officially linked the MuddyWater APT group to Iran’s Ministry of Intelligence and Security (MOIS). SecurityAffairs – hacking, Iran). ” continues the advisory. Pierluigi Paganini.

Telecommunications

Telecommunications Malware Government Hacking

Caketap, a new Unix rootkit used to siphon ATM banking data

Security Affairs

MARCH 18, 2022

The China-linked hacking group has been active since at least 2016, according to the CrowdStrike researchers it is using a very sophisticated toolset. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by the group since 2019. SecurityAffairs – hacking, Caketap). Pierluigi Paganini.

Banking

Banking Telecommunications System Administration Hacking

DOD DISA US agency discloses a security breach

Security Affairs

FEBRUARY 21, 2020

The Defense Information Systems Agency (DISA) US agency in charge of secure IT and communication for the White House has disclosed a data breach. The agency sent a data breach notification to its employees last week informing them of a security breach that took place last year between May and July. Pierluigi Paganini.

Data breaches

Data breaches Telecommunications Advertising Hacking

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Security Affairs

JUNE 11, 2022

Iran-linked Lyceum APT group uses a new.NET-based DNS backdoor to target organizations in the energy and telecommunication sectors. The Iran-linked Lyceum APT group, aka Hexane or Spilrin, used a new.NET-based DNS backdoor in a campaign aimed at companies in the energy and telecommunication sectors, ZScaler researchers warn.

DNS

DNS Telecommunications Malware Phishing

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

RansomHub gang claims the hack of the telecommunications giant Frontier Communications

Trending Sources

France’s second-largest telecoms provider Free suffered a cyber attack

Ukrainian telecommunications operators hit by DarkCrystal RAT malware

European Telecommunications Standards Institute (ETSI) suffered a data breach

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Russia warns financial sector organizations of IT service provider LANIT compromise

Black Basta ransomware gang hit BT Group

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

China-linked hackers target telecommunication providers in the Middle East

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

TalkTalk confirms data breach involving a third-party platform

Storm-2372 used the device code phishing technique since August 2024

SFO discloses data breach following the hack of 2 of its websites

Thai police arrested Chinese hackers involved in SMS blaster attacks

China-linked LightBasin group accessed calling records from telcos worldwide

Operation Soft Cell – Multiple telco firms hacked by nation-state actor

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

6 out of 11 EU agencies running Solarwinds Orion software were hacked

China-linked APT41 group targets telecommunications companies with new backdoor

Chinese APT Weaver Ant infiltrated a telco in Asia for over four years

Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug

IT Army of Ukraine disrupted internet providers in territories occupied by Russia

Lapsus$ gang claims to have hacked Microsoft source code repositories

A powerful DDoS attack hit Hungarian banks and telecoms services

NCSC: New UK law bans default passwords on smart devices

China-linked APT UNC3886 targets EoL Juniper routers

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

Metador, a never-before-seen APT targeted ISPs and telco for about 2 years

AT&T is notifying millions of customers of data breach after a third-party vendor hack

Massive DDoS attack brought down 25% Iranian Internet connectivity

Hackers gained access to T-Mobile customers and employee personal info

A Ransomware infected the network of the cybersecurity firm Prosegur

France will not ban Huawei from its upcoming 5G networks

230K individuals impacted by a data breach suffered by Telco provider Tangerine

T-Mobile customers were hit with SIM swapping attacks

AT&T confirmed that a data breach impacted 73 million customers

Security Affairs newsletter Round 500 by Pierluigi Paganini – INTERNATIONAL EDITION

FCC adds Kaspersky to Covered List due to unacceptable risks to national security

US and UK details a new Python backdoor used by MuddyWater APT group

Caketap, a new Unix rootkit used to siphon ATM banking data

DOD DISA US agency discloses a security breach

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Stay Connected