Information Security, Internet and Telecommunications

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. The Russia-linked APT group Sandworm (UAC-0165) has compromised eleven telecommunication service providers in Ukraine between May and September 2023, reported the Ukraine’s Computer Emergency Response Team (CERT-UA).

Telecommunications

Telecommunications Authentication Data collection Passwords

Massive DDoS attack brought down 25% Iranian Internet connectivity

Security Affairs

FEBRUARY 9, 2020

Iran comes under cyber-attack again, a massive offensive brought down a large portion of the Iranian access to the Internet. Iran infrastructures are under attack, a massive cyberattack brought down a large portion of the Iranian access to the Internet, according to the experts the national connectivity fell to 75%.

DDOS

DDOS Internet Internet Telecommunications

IT Army of Ukraine disrupted internet providers in territories occupied by Russia

Security Affairs

OCTOBER 29, 2023

IT Army of Ukraine hacktivists have temporarily disrupted internet services in some of the territories that have been occupied by Russia. Ukrainian hacktivists belonging to the IT Army of Ukraine group have temporarily disabled internet services in some of the territories that have been occupied by the Russian army.

Internet

Internet Internet Telecommunications DDOS

China-linked hackers target telecommunication providers in the Middle East

Security Affairs

MARCH 24, 2023

Researchers reported that China-linked hackers targeted telecommunication providers in the Middle East in the first quarter of 2023. In the first quarter of 2023, SentinelLabs researchers spotted the initial phases of attacks against telecommunication providers in the Middle East. ” reads the report published by SentinelLabs.

Telecommunications

Telecommunications Malware Mobile Internet

Major IPS in New Zealand hit by massive DDoS, Internet outages reported

Security Affairs

SEPTEMBER 5, 2021

A massive DDoS hit New Zealand ‘s third-largest internet operator isolating parts of the country from the Internet. A massive DDoS hit Vocus ISP, New Zealand ‘s third-largest internet operator, isolating parts of the country from the Internet. “This afternoon our network was impacted by a DDoS attack.

DDOS

DDOS Internet Internet Telecommunications

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Security Affairs

SEPTEMBER 26, 2024

internet service providers (ISPs) as part of a cyber espionage campaign code-named Salt Typhoon. internet service providers in recent months as part of a cyber espionage campaign code-named Salt Typhoon. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.”

Internet

Internet Internet DNS Telecommunications

INTERNET BLOCKING IN MYANMAR – SECRET BLOCK LIST AND NO MEANS TO APPEAL

Security Affairs

AUGUST 10, 2020

In March 2020, The Ministry of Telecommunications (MoTC) issued a directive to all operators in Myanmar with a secret list of 230 sites to be blocked due to the nature of the content; adult content and fake news. There are several aspects of the Internet blocking in Myanmar that raise questions. Circumvention of Internet blocking.

Internet

Internet Internet Telecommunications DNS

Why CISA is Warning CISOs About a Breach at Sisense

Krebs on Security

APRIL 11, 2024

New York City based Sisense has more than 1,000 customers across a range of industry verticals, including financial services, telecommunications, healthcare and higher education. ” “We are taking this matter seriously and promptly commenced an investigation,” Dash continued.

CISO

CISO Encryption Telecommunications Financial Services

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. is a French telecommunications company, subsidiary of Iliad S.A. that provides voice, video, data, and Internet telecommunications to consumers in France. Free S.A.S.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

China-linked LightBasin group accessed calling records from telcos worldwide

Security Affairs

OCTOBER 20, 2021

A China-linked hacking group, tracked as LightBasin (aka UNC1945 ), hacked mobile telephone networks around the globe and used specialized tools to access calling records and text messages from telecommunications companies. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019.

Telecommunications

Telecommunications Mobile Hacking Architecture

Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure

Security Affairs

MARCH 28, 2022

Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure. On March 29, 2022, a massive cyber attack caused a major internet disruption across Ukraine on national provider Ukrtelecom. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Internet

Internet Internet Mobile Cyber Attacks

Metador, a never-before-seen APT targeted ISPs and telco for about 2 years

Security Affairs

SEPTEMBER 26, 2022

A previously undetected hacking group, tracked as Metador, has been targeting telecommunications, internet services providers (ISPs), and universities for about two years. SentinelLabs discovered two windows malware platforms, dubbed ‘metaMain’ and ‘Mafalda,’ and evidence of the existence of an additional Linux implant.

Telecommunications

Telecommunications Authentication Malware Internet

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

“The US government’s continued investigation into the People’s Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign.” The Chinese APT focuses on government entities and telecommunications companies in Southeast Asia. and around the globe.”

Mobile

Mobile Telecommunications Data breaches Hacking

SFO discloses data breach following the hack of 2 of its websites

Security Affairs

APRIL 11, 2020

“The attackers inserted malicious computer code on these websites to steal some users’ login credentials,” reads a message posted to both site’s by the SFO’s Airport Information Technology and Telecommunications (ITT) director. Hackers may have accessed the impacted users’ credentials and used them to log on to those personal devices.

Data breaches

Data breaches Hacking Telecommunications Passwords

Lapsus$ ransomware gang hits Impresa, Portugal’s largest media conglomerate

Security Affairs

JANUARY 2, 2022

The attack did not impact radio and cable TV broadcasts, while SIC’s internet streaming transmission was interrupted. The gang also targeted the South American telecommunication providers Claro and Embratel. The post Lapsus$ ransomware gang hits Impresa, Portugal’s largest media conglomerate appeared first on Security Affairs.

Media

Media Ransomware Telecommunications Accountability

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

. “The US government’s continued investigation into the People’s Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign.” ” reads the joint statement issued by CISA and FBI. law enforcement requests pursuant to court orders.

Government

Government Telecommunications Surveillance Risk

NCSC: New UK law bans default passwords on smart devices

Security Affairs

APRIL 30, 2024

The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will be effective on April 29, 2024. “From 29 April 2024, manufacturers of consumer ‘smart’ devices must comply with new UK law.” ” reads the announcement published by NCSC. ” The U.K.

Passwords

Passwords Manufacturing Telecommunications Cyber Attacks

AT&T confirmed that a data breach impacted 73 million customers

Security Affairs

MARCH 30, 2024

AT&T initially denied any data breach, below is the statement from the telecomunication giant : “Based on our investigation Thursday, the information that appeared in an internet chat room does not appear to have come from our systems,” On Saturday, the telecommunications company retracted its initial denial and confirmed the data breach.

Data breaches

Data breaches Telecommunications Cybercrime Hacking

ShroudedSnooper threat actors target telecom companies in the Middle East

Security Affairs

SEPTEMBER 19, 2023

ShroudedSnooper threat actors are targeting telecommunication service providers in the Middle East with a backdoor called HTTPSnoop. Cisco Talos researchers recently discovered a new stealthy implant dubbed HTTPSnoop that was employed in attacks against telecommunications providers in the Middle East. ” continues the report.

Telecommunications

Telecommunications Internet Internet Malware

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

The number of internet-facing cameras in the world is growing exponentially. Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. New research by Cybernews shows an exponential rise in the uptake of internet-facing cameras. Surge in internet-facing cameras. Most insecure brands.

Surveillance

Surveillance Manufacturing Passwords Internet

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

“Do NOT conduct CFPB work using mobile voice calls or text messages,” reads the email sent to the employees referencing a recent government statement acknowledging the telecommunications infrastructure attack. internet service providers in recent months as part of a cyber espionage campaign code-named Salt Typhoon.

Hacking

Hacking Internet Internet Mobile

Telstra Telecom discloses data breach impacting former and current employees

Security Affairs

OCTOBER 5, 2022

Bad news for the Australian telecommunications industry, the largest company in the country Telstra suffered a data breach. Australia’s largest telecommunications company Telstra disclosed a data breach through a third-party supplier. It seems that the security breach also impacted other companies.

Data breaches

Data breaches Telecommunications Accountability Information Security

Social media partially disrupted in Cuba amid anti-government protests

Security Affairs

JULY 13, 2021

. / AS27725) including Cubacel, the cellular network operated by Cuba’s sole telecommunications company.” VPN services have yet to be blocked in the country, allowing citizens to bypass internet censorship. NetBlocks reported that similar partial disruption was observed last year during the San Isidro protests in Havana.

Media

Media Government Internet Internet

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Security Affairs

JANUARY 5, 2024

The Ukrainian telecommunications company provides communication services and data transmission based on a broad range of fixed and mobile technologies, including 4G (LTE) in Ukraine. The Kyivstar mobile network serves about 26 million mobile customers and more than 1 million broadband fixed internet customers in the country.

Mobile

Mobile Telecommunications Cyber Attacks Internet

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Security Affairs

JANUARY 7, 2024

The group targets government entities, Kurdish (political) groups like PKK, telecommunication, ISPs, IT-service providers (including security companies), NGO, and Media & Entertainment sectors; Over the years, the group enhanced its evasion capabilities. Reduce the number of systems that can be reached over internet using SSH.

Media

Media Accountability Telecommunications Government

Russian spies are attempting to tap transatlantic undersea cables

Security Affairs

MARCH 1, 2020

Ireland is a strategic place for intercontinental communications because it represents the place where undersea cables which carry internet traffic connect to Europe. This has raised concerns that Russian agents are checking the cables for weak points, with a view to tapping or even damaging them in the future.” Source [link].

Wireless

Wireless Surveillance Telecommunications Advertising

AT&T states that the data breach impacted 51 million former and current customers

Security Affairs

APRIL 10, 2024

AT&T initially denied any data breach, below is the statement from the telecomunication giant : “Based on our investigation Thursday, the information that appeared in an internet chat room does not appear to have come from our systems,” Later, the telecommunications company retracted its initial denial and confirmed the data breach.

Data breaches

Data breaches Telecommunications Identity Theft Hacking

US officials meet UK peers to remark the urgency to ban Huawei 5G tech

Security Affairs

JANUARY 13, 2020

officials responsible for national security and telecommunications were meeting their peers in Britain ahead of the final decision on Huawei 5G technology. officials responsible for national security and telecommunications were meeting their peers in Britain in the attempt to convince U.K. According to U.K.

Telecommunications

Telecommunications Government Advertising Architecture

BackdoorDiplomacy APT targets diplomats from Africa and the Middle East

Security Affairs

JUNE 13, 2021

The group also targeted a smaller subset of telecommunications firms in Africa and at least one charity organization in the Middle East. The attack chain starts with exploits for vulnerable internet-exposed systems such as web servers and management interfaces for networking equipment. ” concludes ESET.

Telecommunications

Telecommunications Hacking Media Encryption

Iran denies successful cyber attacks hit infrastructures of its oil sector

Security Affairs

SEPTEMBER 21, 2019

Despite the statement, security experts believe that a cyber offensive against Iranian infrastructure is onoing. According to NetBlocks , an organization that tracks internet outages, the country suffered limited intermittent disruptions of internet connectivity.

Cyber Attacks

Cyber Attacks Media Telecommunications Government

Scanning for Flaws, Scoring for Security

Krebs on Security

DECEMBER 12, 2018

Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices? It took Equifax two weeks to fix that expired cert. ARE YOU EXPERIANSED?

Cyber Risk

Cyber Risk Energy and Utilities Risk Marketing

Kyivstar, Ukraine’s largest mobile carrier brought down by a cyber attack

Security Affairs

DECEMBER 12, 2023

The Ukrainian telecommunications company provides communication services and data transmission based on a broad range of fixed and mobile technologies, including 4G (LTE) in Ukraine. The Kyivstar mobile network serves about 26 million mobile customers and more than 1 million broadband fixed internet customers in the country.

Cyber Attacks

Cyber Attacks Mobile Internet Internet

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Security Affairs

JULY 19, 2021

Below the list of info stolen by the threat actor and available for sale: – Project Specification:[ Electrical, Power System, Architectural, Chief Engineering, Civil, Construction Mgnt, Environmental, Instrument & Control, Interface Mgnt, Machinery – Rotating, Mechanical – Vessels, Piping, Project Engineering, Safety Engineering, Telecommunications (..)

Engineering

Engineering Telecommunications Data breaches Wireless

Microsoft has taken legal and technical action to dismantle the Zloader botnet

Security Affairs

APRIL 13, 2022

Microsoft dismantled the C2 infrastructure used by the ZLoader trojan with the help of telecommunications providers around the world and cybersecurity firms. Microsoft’s Digital Crimes Unit (DCU) announced to have shut down dozens C2 servers used by the infamous ZLoader botnet. ” reads the report published by Microsoft.

Banking

Banking Malware Telecommunications Antivirus

Cloudflare mitigated the largest ever volumetric DDoS attack to date

Security Affairs

AUGUST 20, 2021

These DDoS attacks attempt to consume the bandwidth either within the target network/service, or between the target network/service and the rest of the Internet. One of the targets of the attacks was a major APAC-based Internet services, telecommunications and hosting provider. ” reads a post published by the company.

DDOS

DDOS Telecommunications Internet Internet

Cuttlefish malware targets enterprise-grade SOHO routers

Security Affairs

MAY 1, 2024

Researchers at Lumen’s Black Lotus Labs discovered a new malware family, named Cuttlefish, which targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data from internet traffic. The recent campaign spanned from October 2023 to April 2024. ” concludes the report.

Malware

Malware DNS Authentication Telecommunications

GALLIUM APT used a new PingPull RAT in recent campaigns

Security Affairs

JUNE 13, 2022

Researchers from Palo Alto Networks defined the PingPull RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Telecommunications

Telecommunications Government Internet Internet

GALLIUM Threat Group targets global telcos, Microsoft warns

Security Affairs

DECEMBER 12, 2019

The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. ” reads the warning published by Microsoft.

Telecommunications

Telecommunications DNS Malware Advertising

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

The new “ Hi-Tech Crime Trends 2019/2020 ” report describes attacks on various industries and critical infrastructure facilities, as well as campaigns aimed at destabilization of the Internet in certain countries. Internet destabilization at state level. The telecommunications sector: Are providers ready for 5G?

Banking

Banking Telecommunications Marketing Internet

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers.

Telecommunications

Telecommunications Authentication Passwords Accountability

Maze ransomware operators claim to have breached LG Electronics

Security Affairs

JUNE 25, 2020

Just after the WorldNet Telecommunications, the LG electronics fall as a victim of the Maze ransomware operators.” . “As part of our regular darkweb monitoring, our researchers came across the data leak of LG Electronics been published by the Maze ransomware operators. ” reads the post published by Cyble.

Computers and Electronics

Computers and Electronics Ransomware Mobile Telecommunications

The Russian Government blocked ProtonMail and ProtonVPN

Security Affairs

FEBRUARY 2, 2020

The Russian government asks all Internet service providers and VPN providers operating in the country to provide information about their users. Information about the administrators of the mailboxes used to send threats has not been p rovided.” ” continues the Russian Watchdog.

Government

Government VPN Telecommunications Advertising

Hundreds of network operators’ credentials found circulating in Dark Web

Security Affairs

JANUARY 30, 2024

Other identified victims were associated with significant organizations, including: Scientific research organization from Iran; Major financial organization from Kenya; One of the largest IT consulting firms in Azerbaijan, known for offering services like telecommunications, integrated network, and cloud solutions to enterprises and government entities; (..)

Engineering

Engineering Passwords Telecommunications Accountability

Russia-linked Energetic Bear APT behind San Francisco airport attacks

Security Affairs

APRIL 15, 2020

“The attackers inserted malicious computer code on these websites to steal some users’ login credentials,” reads a message posted to both site’s by the SFO’s Airport Information Technology and Telecommunications (ITT) director. Hackers may have accessed the impacted users’ credentials and used them to log on to those personal devices.

Data breaches

Data breaches Passwords Advertising Telecommunications

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Massive DDoS attack brought down 25% Iranian Internet connectivity

Trending Sources

IT Army of Ukraine disrupted internet providers in territories occupied by Russia

China-linked hackers target telecommunication providers in the Middle East

Major IPS in New Zealand hit by massive DDoS, Internet outages reported

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

INTERNET BLOCKING IN MYANMAR – SECRET BLOCK LIST AND NO MEANS TO APPEAL

Why CISA is Warning CISOs About a Breach at Sisense

France’s second-largest telecoms provider Free suffered a cyber attack

China-linked LightBasin group accessed calling records from telcos worldwide

Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure

Metador, a never-before-seen APT targeted ISPs and telco for about 2 years

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

SFO discloses data breach following the hack of 2 of its websites

Lapsus$ ransomware gang hits Impresa, Portugal’s largest media conglomerate

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

NCSC: New UK law bans default passwords on smart devices

AT&T confirmed that a data breach impacted 73 million customers

ShroudedSnooper threat actors target telecom companies in the Middle East

3.5m IP cameras exposed, with US in the lead

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Telstra Telecom discloses data breach impacting former and current employees

Social media partially disrupted in Cuba amid anti-government protests

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Russian spies are attempting to tap transatlantic undersea cables

AT&T states that the data breach impacted 51 million former and current customers

US officials meet UK peers to remark the urgency to ban Huawei 5G tech

BackdoorDiplomacy APT targets diplomats from Africa and the Middle East

Iran denies successful cyber attacks hit infrastructures of its oil sector

Scanning for Flaws, Scoring for Security

Kyivstar, Ukraine’s largest mobile carrier brought down by a cyber attack

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Microsoft has taken legal and technical action to dismantle the Zloader botnet

Cloudflare mitigated the largest ever volumetric DDoS attack to date

Cuttlefish malware targets enterprise-grade SOHO routers

GALLIUM APT used a new PingPull RAT in recent campaigns

GALLIUM Threat Group targets global telcos, Microsoft warns

Group-IB presents its annual report on global threats to stability in cyberspace

China-linked threat actors have breached telcos and network service providers

Maze ransomware operators claim to have breached LG Electronics

The Russian Government blocked ProtonMail and ProtonVPN

Hundreds of network operators’ credentials found circulating in Dark Web

Russia-linked Energetic Bear APT behind San Francisco airport attacks

Stay Connected