Security Affairs

NOVEMBER 25, 2024

These attacks aim at spreading malware by including malicious links that infect devices, phish information by tricking users into sharing personal or financial data, and causing disruptions by overwhelming networks or targeting individuals with spam. The equipment sent nearly 1 million fraudulent messages in 3 days.

Mobile 123

Mobile Scams Technology Telecommunications 123

Security Boulevard

MARCH 24, 2025

but given the Salt Typhoon breach and the apparent lackluster security practices and culture at just about every American telecommunications company, this was too interesting to ignore. Cape is a mobile carrier startup claiming to provide a more secure and private service alternative to traditional telecommunications services.

Surveillance 75

Surveillance Telecommunications Data breaches Malware 75

SecureList

OCTOBER 15, 2024

SideWinder’s most recent campaign schema Infection vectors The SideWinder attack chain typically starts with a spear-phishing email with an attachment, usually a Microsoft OOXML document (DOCX or XLSX) or a ZIP archive, which in turn contains a malicious LNK file. In particular, Avast and AVG solutions are of interest to the malware.

Malware 143

Malware Encryption Architecture Phishing 143

SecureList

NOVEMBER 1, 2021

million redirects to phishing pages. Note too that QR codes from questionable sources can carry other threats, for example, spreading malware or debiting money in favor of the scammers. Even in official mobile app stores, malware can sometimes sneak in. Our solutions detected 35,958,888 pieces of malware, over 1.7

Phishing 130

Phishing Scams Accountability Computers and Electronics 130

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. net” and “ett[.]hopto[.]org”

Malware 103

Malware Telecommunications DNS Hacking 103

Security Affairs

MAY 28, 2021

The NOBELIUM APT is the threat actor that conducted supply chain attack against SolarWinds which involved multiple families of implants, including the SUNBURST backdoor , TEARDROP malware , GoldMax malware , Sibot , and GoldFinder backdoors. ” continues the report. Follow me on Twitter: @securityaffairs and Facebook.

Phishing 110

Phishing Threat Detection Telecommunications Malware 110

Security Affairs

DECEMBER 1, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime 70

Cybercrime Firewall Social Engineering Ransomware 70

Security Affairs

JUNE 11, 2022

Iran-linked Lyceum APT group uses a new.NET-based DNS backdoor to target organizations in the energy and telecommunication sectors. The Iran-linked Lyceum APT group, aka Hexane or Spilrin, used a new.NET-based DNS backdoor in a campaign aimed at companies in the energy and telecommunication sectors, ZScaler researchers warn.

DNS 145

DNS Telecommunications Malware Phishing 145

Security Affairs

FEBRUARY 22, 2022

The Ukrainian police arrested a gang specialized in the sale of stolen payment card data through phishing attacks. The police arrested five that created and administered more than 40 phishing sites used to harvest bank card data of unaware citizens. SecurityAffairs – hacking, phishing). ” concludes the announcement.

Phishing 102

Phishing Banking Mobile Telecommunications 102

Security Affairs

OCTOBER 18, 2020

Since August, FIN11 started targeting organizations in many industries, including defense, energy, finance, healthcare, legal, pharmaceutical, telecommunications, technology, and transportation. Researchers from FireEye’s Mandiant observed FIN11 hackers using spear-phishing messages distributing a malware downloader dubbed FRIENDSPEAK.

Ransomware 140

Ransomware Malware Telecommunications Advertising 140

Security Affairs

FEBRUARY 15, 2025

custody in exchange for Marc Fogel North Korea-linked APT Emerald Sleet is using a new tactic U.S.

Spyware 68

Spyware Firewall Artificial Intelligence Malware 68

Malwarebytes

MARCH 29, 2022

The spear phishing emails are warning people that use websites, social networks, instant messengers and VPN services that have been banned by the Russian Government and that criminal charges will be laid. Spear phishing as the main initial infection vector. Spear phishing as the main initial infection vector. Victimology.

Phishing 89

Phishing Education Telecommunications Technology 89

Security Affairs

SEPTEMBER 23, 2024

The threat actor used spear-phishing emails and exploited the recently patched GeoServer vulnerability CVE-2024-36401. Earth Baxia primarily targeted government agencies, telecommunication businesses, and the energy industry in the Philippines, South Korea, Vietnam, Taiwan, and Thailand. ” reads the report.

DNS 139

DNS Government Phishing Telecommunications 139

Security Affairs

NOVEMBER 3, 2023

Iran-linked cyberespionage group MuddyWater is targeting Israeli entities in a new spear-phishing campaign. Iran-linked APT group MuddyWater (aka SeedWorm , TEMP.Zagros , and Static Kitten ) is targeting Israeli entities in a new spear-phishing campaign, Deep Instinct’s Threat Research team reported.

Telecommunications 131

Telecommunications Phishing Government Hacking 131

Security Affairs

JUNE 9, 2024

New York Times source code compromised via exposed GitHub token SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform Pandabuy was extorted twice by the same threat actor UAC-0020 threat actor used the SPECTR Malware to target Ukraine’s defense forces Chinese threat actor exploits old ThinkPHP flaws since October 2023 A new Linux (..)

Data breaches 125

Data breaches Banking Hacking Malware 125

Security Affairs

MARCH 27, 2019

The campaign was discovered in early March 2019, threat actors behind the LUCKY ELEPHANT campaign use doppelganger webpages to mimic legitimate entities such as foreign governments, telecommunications, and military. Phishing and credential theft are commonly observed with Indian targeting in-region.”

Government 111

Government Telecommunications Phishing Advertising 111

Security Affairs

MARCH 25, 2024

Proofpoint researchers observed the Iran-linked APT group MuddyWater (aka SeedWorm , TEMP.Zagros , TA450, and Static Kitten ) was behind a new phishing campaign in March 2024 that attempted to drop a legitimate Remote Monitoring and Management (RMM) solution called Atera on the target systems.

Phishing 137

Phishing Social Engineering Telecommunications Accountability 137

Security Affairs

DECEMBER 6, 2021

The NOBELIUM APT ( APT29 , Cozy Bear , and The Dukes) is the threat actor that conducted supply chain attack against SolarWinds, which involved multiple families of implants, including the SUNBURST backdoor , TEARDROP malware , GoldMax malware , Sibot , and GoldFinder backdoors.

Phishing 112

Phishing Telecommunications Government Accountability 112

Security Affairs

DECEMBER 15, 2021

Researchers uncovered a new Seedworm campaign targeting telecommunication and IT service providers in the Middle East and Asia. The threat actors don’t use custom malware and instead rely on legitimate tools, publicly available malware, and living-off-the-land tactics. [REDACTED][ ]com/ews.

Telecommunications 112

Telecommunications Passwords Phishing Hacking 112

Security Affairs

OCTOBER 8, 2023

Belgian intelligence service VSSE accused Alibaba of ‘possible espionage’ at European hub in Liege A WhatsApp zero-day exploit can cost several million dollars CISA adds JetBrains TeamCity and Windows flaws to its Known Exploited Vulnerabilities catalog NATO is investigating a new cyber attack claimed by the SiegedSec group Global CRM Provider Exposed (..)

Data breaches 127

Data breaches Ransomware Hacking Cybercrime 127

Security Affairs

OCTOBER 25, 2021

The NOBELIUM APT ( APT29 , Cozy Bear , and The Dukes) is the threat actor that conducted supply chain attack against SolarWinds, which involved multiple families of implants, including the SUNBURST backdoor , TEARDROP malware , GoldMax malware , Sibot , and GoldFinder backdoors.

Telecommunications 128

Telecommunications Technology Hacking Malware 128

eSecurity Planet

JULY 29, 2021

Social engineering can manifest itself across a wide range of cybersecurity attacks: Phishing Smishing Vishing Whaling Pharming Baiting Pretexting Scareware Deepfakes. Phishing is a broad category of social engineering attacks that specifically target most businesses’ primary mode of communication: email.

Social Engineering 128

Social Engineering Engineering Phishing DNS 128

The Last Watchdog

APRIL 13, 2022

The Russian government, military, and intelligence service may wish to achieve some operational effect, for example, disrupting the power grid or interfering with telecommunications infrastructure, which may be part of a larger war plan. Educate your employees on threats and risks such as phishing and malware.

Cybersecurity 214

Cybersecurity Cybercrime Education Government 214

Security Affairs

DECEMBER 6, 2018

Ukraine’s security service SBU announced to have blocked a cyber attack launched by Russian intelligence aimed at breaching information and telecommunications systems used by the country’s judiciary. Attackers launched a spear phishing attack using messages purporting to deliver accounting documents.

Telecommunications 107

Telecommunications Malware Advertising Government 107

Security Affairs

AUGUST 21, 2019

The group hit entities in several industries, including the gaming, healthcare, high-tech, higher education, telecommunications, and travel services industries. Unlike other China-based actors, the group used custom malware in cyber espionage operations, experts observed 46 different malware families and tools in APT41 campaigns.

Malware 109

Malware Telecommunications Advertising Healthcare 109

SecureList

OCTOBER 7, 2022

Using LOLBINS, common legitimate pentesting tools, and fileless malware; misleading security researchers by placing false flags—these and other anti-forensic tricks often make threat attribution a matter of luck. The malware spreads through spear-phishing emails with a malicious Microsoft Office document as attachment.

Malware 145

Malware Computers and Electronics Telecommunications Encryption 145

Security Affairs

APRIL 20, 2023

The researchers from Google TAG are warning of Russia-linked threat actors targeting Ukraine with phishing campaigns. Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine to gather intelligence and aimed at spreading disinformation, states Google’s Threat Analysis Group (TAG).

Phishing 98

Phishing Education Accountability Malware 98

Malwarebytes

MAY 24, 2022

An unknown Advanced Persistent Threat (APT) group has targeted Russian government entities with at least four separate spear phishing campaigns since late February, 2022. In this campaign the threat actor packaged its custom malware in a tar file called Patch_Log4j.tar.gz , a fake fix for December’s high-profile Log4j vulnerability.

Malware 145

Malware Phishing Government Accountability 145

Security Affairs

JULY 6, 2021

According to Group-IB’s Threat Intelligence team, the suspect, dubbed Dr HeX by Group-IB based on one of the nicknames that he used, has been active since at least 2009 and is responsible for a number of cybercrimes, including phishing, defacing, malware development, fraud, and carding that resulted in thousands of unsuspecting victims.

Cybercrime 103

Cybercrime Phishing Banking Telecommunications 103

Security Affairs

JANUARY 30, 2019

Most of the victims belong to the telecommunications and travel industries, cyber spies also targeted high-tech industry and government. “APT39 has prioritized the telecommunications sector, with additional targeting of the travel industry and IT firms that support it and the high-tech industry.” and South Korea.

Telecommunications 108

Telecommunications Advertising Malware Phishing 108

Security Affairs

OCTOBER 28, 2018

Back to September 2013, Belgacom (now Proximus), the largest telecommunications company in Belgium and primarily state-owned, announced its IT infrastructure had suffered a malware-based attack. The investigation revealed that the malware-based attack was powered by GCHQ and code-named Operation Socialist.

Hacking 110

Hacking Spyware Malware Telecommunications 110

Krebs on Security

DECEMBER 29, 2022

This bold about-face dumbfounded many longtime Norton users because antivirus firms had spent years broadly classifying all cryptomining programs as malware. Food delivery service DoorDash discloses that a “sophisticated phishing attack” on a third-party vendor allowed attackers to gain access to some of DoorDash’s internal company tools.

Cryptocurrency 292

Cryptocurrency Cybercrime Computers and Electronics Scams 292

Malwarebytes

FEBRUARY 25, 2022

MuddyWater, also known as Earth Vetala, MERCURY, Seedworm, Static Kitten, and TEMP.Zargos, has its eyes set on the telecommunications, defense, local government, and oil and natural gas sectors—among others—in Africa, Asia, Europe, and North America. ” The full advisory can be read in this CISA web page.

Government 108

Government Telecommunications Antivirus Phishing 108

Malwarebytes

MARCH 30, 2022

But this could have easily led to nefarious payloads, like malware, and some have already classed this as a smishing (or “SMS phishing”) attempt. Interestingly, Welch said, the texts appear to be targeting users of Verizon Wireless, one of the biggest telecommunication companies in the US.

Wireless 105

Wireless Telecommunications Mobile Media 105

Krebs on Security

DECEMBER 12, 2018

A week later, I found another expired certificate on the credit freeze Web portal for the National Consumer Telecommunications and Utilities Exchange — a consumer credit bureau operated by Experian. It took Equifax two weeks to fix that expired cert. ARE YOU EXPERIANSED?

Cyber Risk 243

Cyber Risk Energy and Utilities Risk Marketing 243

Security Affairs

NOVEMBER 29, 2019

The group’s distinctive features are the high quality of their phishing attacks and the use of legitimate services, which makes it very difficult to detect its malicious activity in companies’ infrastructures. The most common objective of such attacks is cyberespionage and disruption of major telecommunications companies’ work.

Banking 123

Banking Telecommunications Marketing Internet 123

Security Affairs

MAY 21, 2020

The Chafer APT group has distributed data stealer malware since at least mid-2014, it was focused on surveillance operations and the tracking of individuals. The APT group targets telecommunication and travel industries in the Middle East to gather intelligence on Iran’s geopolitical interests. ” continues the report.

Government 125

Government Social Engineering Hacking Advertising 125