Hacking, Information Security and Telecommunications

Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia

Security Affairs

APRIL 28, 2025

Earth Kurma APT carried out a sophisticated campaign against government and telecommunications sectors in Southeast Asia. Organizations face potential compromise of sensitive government and telecommunications data, the researchers speculate the attackers maintained prolonged, undetected access to their networks.

Telecommunications

Telecommunications Government Malware Hacking

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” and its allies for hacking activities in July.

Hacking

Hacking Internet Internet Malware

RansomHub gang claims the hack of the telecommunications giant Frontier Communications

Security Affairs

JUNE 4, 2024

The RansomHub ransomware group added the American telecommunications company Frontier Comunications to the list of victims on its Tor leak site. The RansomHub ransomware group claimed to have stolen the information of over 2 million customers from the American telecommunications company Frontier Communications.

Telecommunications

Telecommunications Hacking Data breaches Cybercrime

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. is a French telecommunications company, subsidiary of Iliad S.A. that provides voice, video, data, and Internet telecommunications to consumers in France. Free S.A.S.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

Ukrainian telecommunications operators hit by DarkCrystal RAT malware

Security Affairs

JUNE 27, 2022

The Ukrainian CERT-UA warns of attacks against Ukrainian telecommunications operators involving the DarkCrystal RAT. The Governmental Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a malware campaign targeting Ukrainian telecommunications operators with the DarkCrystal RAT. SecurityAffairs – hacking, RAT).

Telecommunications

Telecommunications Malware Media Passwords

European Telecommunications Standards Institute (ETSI) suffered a data breach

Security Affairs

OCTOBER 2, 2023

The European Telecommunications Standards Institute (ETSI) disclosed a data breach, threat actors had access to a database of its users. Threat actors stole a database containing the list of users of the portal of the European Telecommunications Standards Institute ( ETSI ).

Telecommunications

Telecommunications Data breaches Technology Passwords

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. The Chinese APT focuses on government entities and telecommunications companies in Southeast Asia.

Mobile

Mobile Telecommunications Data breaches Hacking

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. According to public sources, the threat actors targeted ICS of at least 11 Ukrainian telecommunications providers leading to the disruption of their services. ” reads the advisory.

Telecommunications

Telecommunications Authentication Data collection Passwords

Black Basta ransomware gang hit BT Group

Security Affairs

DECEMBER 4, 2024

British multinational telecommunications holding company BT Group (formerly British Telecom) announced it has shut down some of its servers following a Black Basta ransomware attack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware)

Ransomware

Ransomware Telecommunications Healthcare Insurance

Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)

Security Affairs

MARCH 27, 2025

Arkana Security, a new ransomware group, claims to have breached the telecommunications provider WideOpenWest (WOW!). The new ransomware group Arkana Security claims to have hacked US telecom provider WOW!, is a US-based telecommunications company that provides broadband internet, cable TV, and phone services.

Hacking

Hacking Telecommunications Data breaches Internet

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

FEBRUARY 25, 2025

” NKTsKI recommends organizations to strengthen monitoring of threats and information security events in systems provided by LANIT. LANIT Group (Laboratory of New Information Technologies) is one of Russia’s largest IT service and software providers. ” said U.S.

Telecommunications

Telecommunications Software Technology Healthcare

African multinational telco giant MTN Group disclosed a data breach

Security Affairs

APRIL 26, 2025

African multinational telecommunications company MTN Group disclosed a data breach that exposed subscribers’ personal information. MTN Group Limited is a South African multinational telecommunications company headquartered in Johannesburg.

Data breaches

Data breaches Telecommunications Financial Services Mobile

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

. “The US government’s continued investigation into the People’s Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign.” ” reads the joint statement issued by CISA and FBI. law enforcement requests pursuant to court orders.

Government

Government Telecommunications Surveillance Risk

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

The government agencies released a guide that advises telecom and critical infrastructure defenders on best practices to strengthen network security against PRC-linked and other cyber threats. reads the report published by the telecommunications company. “To ” reads the joint advisory. ” continues the advisory. “The

Telecommunications

Telecommunications Government Mobile Cyber threats

China-linked hackers target telecommunication providers in the Middle East

Security Affairs

MARCH 24, 2023

Researchers reported that China-linked hackers targeted telecommunication providers in the Middle East in the first quarter of 2023. In the first quarter of 2023, SentinelLabs researchers spotted the initial phases of attacks against telecommunication providers in the Middle East. ” reads the report published by SentinelLabs.

Telecommunications

Telecommunications Malware Mobile Hacking

TalkTalk confirms data breach involving a third-party platform

Security Affairs

JANUARY 27, 2025

UK telecommunications firm TalkTalk disclosed a data breach after a threat actor announced the hack on a cybercrime forum. UK telecommunications company TalkTalk confirmed a data breach after a threat actor claimed responsibility for the cyber attack on a cybercrime forum and offered for sale alleged customer data.

Data breaches

Data breaches Telecommunications Cybercrime Hacking

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Security Affairs

MAY 1, 2025

The financially-motivated group targeted organizations in the media, tourism, finance, insurance, manufacturing, energy, telecommunications, biotechnology and retail sectors. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,malware)

Malware

Malware Phishing Telecommunications Retail

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Storm-2372s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East.”

Phishing

Phishing Authentication Telecommunications Accountability

SFO discloses data breach following the hack of 2 of its websites

Security Affairs

APRIL 11, 2020

San Francisco International Airport (SFO) disclosed a data breach, its websites SFOConnect.com and SFOConstruction.com were hacked last month. SecurityAffairs – hacking, data breach). The post SFO discloses data breach following the hack of 2 of its websites appeared first on Security Affairs. Pierluigi Paganini.

Data breaches

Data breaches Hacking Telecommunications Advertising

Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 17, 2024

Agency Warns Employees About Phone Use Amid Ongoing China Hack APT Actors Embed Malware within macOS Flutter Applications The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat Iranian “Dream Job” Campaign 11.24

Cryptocurrency

Cryptocurrency Malware Hacking Ransomware

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Ukraine) The malspam messages had the topic Free primary legal aid use a password-protected attachment Algorithm of actions of members of the family of a missing serviceman LegalAid.rar.

Computers and Electronics

Computers and Electronics Telecommunications Malware Surveillance

Thai police arrested Chinese hackers involved in SMS blaster attacks

Security Affairs

NOVEMBER 25, 2024

Yang faces charges for illegal telecommunications operations, with investigations ongoing to uncover his network and mastermind Thai police issued warrants for 24 suspects, including 9 foreigners and 15 Thais. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, SMS blaster)

Mobile

Mobile Scams Technology Telecommunications

China-linked LightBasin group accessed calling records from telcos worldwide

Security Affairs

OCTOBER 20, 2021

China-linked cyberespionage group LightBasin hacked mobile telephone networks around the world and used specialized tools to access calling records. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019. ” reads the report published by Crowdstrike.

Telecommunications

Telecommunications Mobile Hacking Architecture

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Security Affairs

DECEMBER 14, 2020

Nation-state actors, allegedly Russia-linked hacked, have compromised the networks of several US government agencies, including the US Treasury, the Commerce Department’s National Telecommunications and Information Administration (NTIA). The hack allowed the threat actors to spy on the internal email traffic.

Hacking

Hacking Software Telecommunications Government

Operation Soft Cell – Multiple telco firms hacked by nation-state actor

Security Affairs

JUNE 25, 2019

Once compromised the networks of telecommunication companies, attackers can access to mobile phone users’ call data records. “Based on the data available to us, Operation Soft Cell has been active since at least 2012, though some evidence suggests even earlier activity by the threat actor against telecommunications providers.

Telecommunications

Telecommunications Hacking Advertising Mobile

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

FEBRUARY 13, 2025

On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware. “ Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Russia)

Telecommunications

Telecommunications DNS Passwords Hacking

6 out of 11 EU agencies running Solarwinds Orion software were hacked

Security Affairs

APRIL 16, 2021

European Commissioner for Budget and Administration Johannes Hahn confirmed the hack of some EU agencies as result of the SolarWinds supply chain attack in a response to a question filed by an EU Parliament member in February 2021. The hack allowed the threat actors to spy on the internal email traffic. Pierluigi Paganini.

Hacking

Hacking Software Telecommunications Cyber Attacks

China-linked APT41 group targets telecommunications companies with new backdoor

Security Affairs

OCTOBER 31, 2019

China-linked APT41 group is targeting telecommunications companies with a new piece of malware used to spy on text messages of highly targeted individuals. The experts found the MessageTap backdoor installed on a Linux-based Short Message Service Center (SMSC) server belonging to an unnamed telecommunications company.

Telecommunications

Telecommunications Malware Advertising Mobile

Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug

Security Affairs

OCTOBER 16, 2022

Some webshell paths that @Volexity identified were used in targeted (likely #APT ) exploitation of key organizations in government, telecommunications, and IT, predominantly in Asia; others were used in massive worldwide #exploitation. SecurityAffairs – hacking, Zimbra). #volexintel 1/4 — Volexity (@Volexity) October 13, 2022.

Hacking

Hacking Antivirus Telecommunications Engineering

IT Army of Ukraine disrupted internet providers in territories occupied by Russia

Security Affairs

OCTOBER 29, 2023

After the invasion of the Crimea and the eastern Ukraine, Ukrainian telecommunications infrastructure was disable by Russian soldiers. Telecommunication infrastructure and internet services are critical infrastructure and were targeted by both Russian and Ukrainian threat actors. reads the advisory published by the CERT-UA.

Internet

Internet Internet Telecommunications DDOS

Lapsus$ gang claims to have hacked Microsoft source code repositories

Security Affairs

MARCH 21, 2022

Microsoft is investigating claims that the Lapsus$ hacking group breached its internal Azure DevOps source code repositories. Their scope of interests includes – major telecommunications companies such as Claro, Telefonica and AT&T. SecurityAffairs – hacking, Microsoft). Pierluigi Paganini.

Hacking

Hacking InfoSec Telecommunications Cybercrime

A powerful DDoS attack hit Hungarian banks and telecoms services

Security Affairs

SEPTEMBER 26, 2020

Hungarian financial institutions and telecommunications infrastructure were hit by a powerful DDoS attack originating from servers in Russia, China and Vietnam. A powerful DDoS attack hit some Hungarian banking and telecommunication services that briefly disrupted them. SecurityAffairs – hacking, Hungary). Pierluigi Paganini.

DDOS

DDOS Banking Telecommunications Advertising

Security Affairs newsletter Round 522 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MAY 4, 2025

Every week the best security articles from Security Affairs are free in your email box. Rhysida Ransomware gang claims the hack of the Government of Peru DragonForce group claims the theft of data after Co-op cyberattack U.S. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Cybercrime Cyber Attacks Malware Phishing

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

Security Affairs

DECEMBER 30, 2020

T-Mobile discovered that the attackers had access to the CPNI (Customer Proprietary Network Information). Customer proprietary network information (CPNI) is the data collected by telecommunications companies about a consumer’s telephone calls. The telecommunication giant is in the process of notifying impacted customers.

Data breaches

Data breaches Mobile Telecommunications Accountability

AT&T is notifying millions of customers of data breach after a third-party vendor hack

Security Affairs

MARCH 10, 2023

AT&T is warning some of its customers that some of their information was exposed after the hack of a third-party vendor’s system. AT&T is notifying millions of customers that some of their information was exposed after a third-party vendor was hacked. Social Security Number, account passwords).

Data breaches

Data breaches Hacking Wireless Telecommunications

Metador, a never-before-seen APT targeted ISPs and telco for about 2 years

Security Affairs

SEPTEMBER 26, 2022

A previously undetected hacking group, tracked as Metador, has been targeting telecommunications, internet services providers (ISPs), and universities for about two years. SecurityAffairs – hacking, APT). The post Metador, a never-before-seen APT targeted ISPs and telco for about 2 years appeared first on Security Affairs.

Telecommunications

Telecommunications Authentication Malware Internet

Massive DDoS attack brought down 25% Iranian Internet connectivity

Security Affairs

FEBRUARY 9, 2020

“Network data from the NetBlocks internet observatory confirm extensive disruption to telecommunication networks in Iran on the morning of Saturday, 8 February 2020 lasting several hours.” SecurityAffairs – Iran, hacking). ” reads a post published by NetBlocks. Pierluigi Paganini.

DDOS

DDOS Internet Internet Telecommunications

Russian APT Nomadic Octopus hacked Tajikistani carrier

Security Affairs

MAY 1, 2023

Russian APT group Nomadic Octopus hacked a Tajikistani carrier to spy on government officials and public service infrastructures.

Hacking

Hacking Telecommunications Government Firewall

Chinese APT Weaver Ant infiltrated a telco in Asia for over four years

Security Affairs

MARCH 24, 2025

China-linked APT Weaver Ant infiltrated the network of a telecommunications services provider for over four years. Sygnia attributes its activities to China based on the use of Zyxel routers operated by Southeast Asian telecommunication providers, backdoors linked to Chinese groups, and operations during GMT +8 business hours.

Telecommunications

Telecommunications Encryption Accountability Firewall

Hackers gained access to T-Mobile customers and employee personal info

Security Affairs

MARCH 5, 2020

New problems for the wireless carrier T-Mobile that disclosed a data breach that exposed some of the customers’ personal information. A data breach notification published by the telecommunications giant on its website revealed that the security breach impacted both employees and customers. Pierluigi Paganini.

Mobile

Mobile Data breaches Telecommunications Wireless

A Ransomware infected the network of the cybersecurity firm Prosegur

Security Affairs

NOVEMBER 28, 2019

The Spanish multinational security company Prosegur announced that it was of a ransomware attack that disrupted its telecommunication platform. SecurityAffairs – hacking, ransomware). The post A Ransomware infected the network of the cybersecurity firm Prosegur appeared first on Security Affairs. Pierluigi Paganini.

Ransomware

Ransomware Cybersecurity Telecommunications Advertising

France will not ban Huawei from its upcoming 5G networks

Security Affairs

SEPTEMBER 1, 2020

French President Emmanuel Macron announced that France won’t ban the Chinese giant Huawei from its upcoming 5G telecommunication networks. French President Emmanuel Macron announced that his government will not exclude Chinese telecom giant Huawei from the building of the upcoming 5G telecommunication networks.

Telecommunications

Telecommunications Advertising Technology Manufacturing

230K individuals impacted by a data breach suffered by Telco provider Tangerine

Security Affairs

FEBRUARY 23, 2024

Australian telecommunications provider Tangerine disclosed a data breach that impacted roughly 230,000 individuals. Tangerine suffered a data breach that exposed the personal information of roughly 230,000 individuals. The telco notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. 

Data breaches

Data breaches Telecommunications Banking Mobile

T-Mobile customers were hit with SIM swapping attacks

Security Affairs

FEBRUARY 27, 2021

The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks. Pierluigi Paganini.

Mobile

Mobile Data breaches Telecommunications Accountability

Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Webinars

Trending Sources

RansomHub gang claims the hack of the telecommunications giant Frontier Communications

Webinars

France’s second-largest telecoms provider Free suffered a cyber attack

Ukrainian telecommunications operators hit by DarkCrystal RAT malware

European Telecommunications Standards Institute (ETSI) suffered a data breach

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Black Basta ransomware gang hit BT Group

Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)

Russia warns financial sector organizations of IT service provider LANIT compromise

African multinational telco giant MTN Group disclosed a data breach

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

China-linked hackers target telecommunication providers in the Middle East

TalkTalk confirms data breach involving a third-party platform

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Storm-2372 used the device code phishing technique since August 2024

SFO discloses data breach following the hack of 2 of its websites

Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Thai police arrested Chinese hackers involved in SMS blaster attacks

China-linked LightBasin group accessed calling records from telcos worldwide

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Operation Soft Cell – Multiple telco firms hacked by nation-state actor

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

6 out of 11 EU agencies running Solarwinds Orion software were hacked

China-linked APT41 group targets telecommunications companies with new backdoor

Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug

IT Army of Ukraine disrupted internet providers in territories occupied by Russia

Lapsus$ gang claims to have hacked Microsoft source code repositories

A powerful DDoS attack hit Hungarian banks and telecoms services

Security Affairs newsletter Round 522 by Pierluigi Paganini – INTERNATIONAL EDITION

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

AT&T is notifying millions of customers of data breach after a third-party vendor hack

Metador, a never-before-seen APT targeted ISPs and telco for about 2 years

Massive DDoS attack brought down 25% Iranian Internet connectivity

Russian APT Nomadic Octopus hacked Tajikistani carrier

Chinese APT Weaver Ant infiltrated a telco in Asia for over four years

Hackers gained access to T-Mobile customers and employee personal info

A Ransomware infected the network of the cybersecurity firm Prosegur

France will not ban Huawei from its upcoming 5G networks

230K individuals impacted by a data breach suffered by Telco provider Tangerine

T-Mobile customers were hit with SIM swapping attacks

Stay Connected