Security Affairs

NOVEMBER 17, 2024

Agency Warns Employees About Phone Use Amid Ongoing China Hack APT Actors Embed Malware within macOS Flutter Applications The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat Iranian “Dream Job” Campaign 11.24

Cryptocurrency 111

Cryptocurrency Malware Hacking Ransomware 111

Security Affairs

NOVEMBER 25, 2024

These attacks aim at spreading malware by including malicious links that infect devices, phish information by tricking users into sharing personal or financial data, and causing disruptions by overwhelming networks or targeting individuals with spam. The equipment sent nearly 1 million fraudulent messages in 3 days.

Mobile 124

Mobile Scams Technology Telecommunications 124

Security Affairs

MAY 4, 2025

CISA adds SonicWall SMA100 and Apache HTTP Server flaws to its Known Exploited Vulnerabilities catalog Pro-Russia hacktivist group NoName057(16) is targeting Dutch organizations FBI shared a list of phishing domains associated with the LabHost PhaaS platform Canadian electric utility Nova Scotia Power and parent company Emera suffered a cyberattack (..)

Cybercrime 72

Cybercrime Cyber Attacks Malware Phishing 72

SecureList

OCTOBER 15, 2024

SideWinder’s most recent campaign schema Infection vectors The SideWinder attack chain typically starts with a spear-phishing email with an attachment, usually a Microsoft OOXML document (DOCX or XLSX) or a ZIP archive, which in turn contains a malicious LNK file. In particular, Avast and AVG solutions are of interest to the malware.

Malware 143

Malware Encryption Architecture Phishing 143

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. net” and “ett[.]hopto[.]org”

Malware 104

Malware Telecommunications DNS Hacking 104

Security Boulevard

MARCH 24, 2025

but given the Salt Typhoon breach and the apparent lackluster security practices and culture at just about every American telecommunications company, this was too interesting to ignore. Cape is a mobile carrier startup claiming to provide a more secure and private service alternative to traditional telecommunications services.

Surveillance 75

Surveillance Telecommunications Malware Data breaches 75

Security Affairs

MAY 28, 2021

The NOBELIUM APT is the threat actor that conducted supply chain attack against SolarWinds which involved multiple families of implants, including the SUNBURST backdoor , TEARDROP malware , GoldMax malware , Sibot , and GoldFinder backdoors. ” continues the report. Follow me on Twitter: @securityaffairs and Facebook.

Phishing 111

Phishing Threat Detection Telecommunications Malware 111

Security Affairs

DECEMBER 1, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime 71

Cybercrime Firewall Social Engineering Ransomware 71

Security Affairs

JUNE 11, 2022

Iran-linked Lyceum APT group uses a new.NET-based DNS backdoor to target organizations in the energy and telecommunication sectors. The Iran-linked Lyceum APT group, aka Hexane or Spilrin, used a new.NET-based DNS backdoor in a campaign aimed at companies in the energy and telecommunication sectors, ZScaler researchers warn.

DNS 145

DNS Telecommunications Malware Phishing 145

Security Affairs

FEBRUARY 22, 2022

The Ukrainian police arrested a gang specialized in the sale of stolen payment card data through phishing attacks. The police arrested five that created and administered more than 40 phishing sites used to harvest bank card data of unaware citizens. SecurityAffairs – hacking, phishing). ” concludes the announcement.

Phishing 102

Phishing Banking Mobile Telecommunications 102

Security Affairs

OCTOBER 18, 2020

Since August, FIN11 started targeting organizations in many industries, including defense, energy, finance, healthcare, legal, pharmaceutical, telecommunications, technology, and transportation. Researchers from FireEye’s Mandiant observed FIN11 hackers using spear-phishing messages distributing a malware downloader dubbed FRIENDSPEAK.

Ransomware 141

Ransomware Malware Telecommunications Advertising 141

Security Affairs

FEBRUARY 15, 2025

custody in exchange for Marc Fogel North Korea-linked APT Emerald Sleet is using a new tactic U.S.

Spyware 70

Spyware Firewall Artificial Intelligence Malware 70

Malwarebytes

MARCH 29, 2022

The spear phishing emails are warning people that use websites, social networks, instant messengers and VPN services that have been banned by the Russian Government and that criminal charges will be laid. Spear phishing as the main initial infection vector. Spear phishing as the main initial infection vector. Victimology.

Phishing 96

Phishing Education Telecommunications Technology 96

Security Affairs

NOVEMBER 3, 2023

Iran-linked cyberespionage group MuddyWater is targeting Israeli entities in a new spear-phishing campaign. Iran-linked APT group MuddyWater (aka SeedWorm , TEMP.Zagros , and Static Kitten ) is targeting Israeli entities in a new spear-phishing campaign, Deep Instinct’s Threat Research team reported.

Telecommunications 132

Telecommunications Phishing Government Hacking 132

Security Affairs

SEPTEMBER 23, 2024

The threat actor used spear-phishing emails and exploited the recently patched GeoServer vulnerability CVE-2024-36401. Earth Baxia primarily targeted government agencies, telecommunication businesses, and the energy industry in the Philippines, South Korea, Vietnam, Taiwan, and Thailand. ” reads the report.

DNS 140

DNS Government Phishing Telecommunications 140

Security Affairs

JUNE 9, 2024

New York Times source code compromised via exposed GitHub token SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform Pandabuy was extorted twice by the same threat actor UAC-0020 threat actor used the SPECTR Malware to target Ukraine’s defense forces Chinese threat actor exploits old ThinkPHP flaws since October 2023 A new Linux (..)

Data breaches 127

Data breaches Banking Hacking Malware 127

Security Affairs

MARCH 27, 2019

The campaign was discovered in early March 2019, threat actors behind the LUCKY ELEPHANT campaign use doppelganger webpages to mimic legitimate entities such as foreign governments, telecommunications, and military. Phishing and credential theft are commonly observed with Indian targeting in-region.”

Government 111

Government Telecommunications Phishing Advertising 111

Security Affairs

MARCH 25, 2024

Proofpoint researchers observed the Iran-linked APT group MuddyWater (aka SeedWorm , TEMP.Zagros , TA450, and Static Kitten ) was behind a new phishing campaign in March 2024 that attempted to drop a legitimate Remote Monitoring and Management (RMM) solution called Atera on the target systems.

Phishing 138

Phishing Social Engineering Telecommunications Accountability 138

Security Affairs

DECEMBER 6, 2021

The NOBELIUM APT ( APT29 , Cozy Bear , and The Dukes) is the threat actor that conducted supply chain attack against SolarWinds, which involved multiple families of implants, including the SUNBURST backdoor , TEARDROP malware , GoldMax malware , Sibot , and GoldFinder backdoors.

Phishing 113

Phishing Telecommunications Government Accountability 113

Security Affairs

DECEMBER 15, 2021

Researchers uncovered a new Seedworm campaign targeting telecommunication and IT service providers in the Middle East and Asia. The threat actors don’t use custom malware and instead rely on legitimate tools, publicly available malware, and living-off-the-land tactics. [REDACTED][ ]com/ews.

Telecommunications 113

Telecommunications Passwords Phishing Hacking 113

Security Affairs

OCTOBER 8, 2023

Belgian intelligence service VSSE accused Alibaba of ‘possible espionage’ at European hub in Liege A WhatsApp zero-day exploit can cost several million dollars CISA adds JetBrains TeamCity and Windows flaws to its Known Exploited Vulnerabilities catalog NATO is investigating a new cyber attack claimed by the SiegedSec group Global CRM Provider Exposed (..)

Ransomware 128

Ransomware Data breaches Hacking Cybercrime 128

Security Affairs

OCTOBER 25, 2021

The NOBELIUM APT ( APT29 , Cozy Bear , and The Dukes) is the threat actor that conducted supply chain attack against SolarWinds, which involved multiple families of implants, including the SUNBURST backdoor , TEARDROP malware , GoldMax malware , Sibot , and GoldFinder backdoors.

Telecommunications 129

Telecommunications Technology Hacking Malware 129

eSecurity Planet

JULY 29, 2021

Social engineering can manifest itself across a wide range of cybersecurity attacks: Phishing Smishing Vishing Whaling Pharming Baiting Pretexting Scareware Deepfakes. Phishing is a broad category of social engineering attacks that specifically target most businesses’ primary mode of communication: email.

Social Engineering 128

Social Engineering Engineering Phishing DNS 128

The Last Watchdog

APRIL 13, 2022

The Russian government, military, and intelligence service may wish to achieve some operational effect, for example, disrupting the power grid or interfering with telecommunications infrastructure, which may be part of a larger war plan. Educate your employees on threats and risks such as phishing and malware.

Cybersecurity 214

Cybersecurity Cybercrime Education Government 214

Security Affairs

DECEMBER 6, 2018

Ukraine’s security service SBU announced to have blocked a cyber attack launched by Russian intelligence aimed at breaching information and telecommunications systems used by the country’s judiciary. Attackers launched a spear phishing attack using messages purporting to deliver accounting documents.

Telecommunications 107

Telecommunications Malware Advertising Government 107

Security Affairs

AUGUST 21, 2019

The group hit entities in several industries, including the gaming, healthcare, high-tech, higher education, telecommunications, and travel services industries. Unlike other China-based actors, the group used custom malware in cyber espionage operations, experts observed 46 different malware families and tools in APT41 campaigns.

Malware 109

Malware Advertising Telecommunications Healthcare 109

SecureList

OCTOBER 7, 2022

Using LOLBINS, common legitimate pentesting tools, and fileless malware; misleading security researchers by placing false flags—these and other anti-forensic tricks often make threat attribution a matter of luck. The malware spreads through spear-phishing emails with a malicious Microsoft Office document as attachment.

Malware 145

Malware Computers and Electronics Telecommunications Encryption 145

Security Affairs

APRIL 20, 2023

The researchers from Google TAG are warning of Russia-linked threat actors targeting Ukraine with phishing campaigns. Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine to gather intelligence and aimed at spreading disinformation, states Google’s Threat Analysis Group (TAG).

Phishing 98

Phishing Education Accountability Malware 98

Security Affairs

JULY 6, 2021

According to Group-IB’s Threat Intelligence team, the suspect, dubbed Dr HeX by Group-IB based on one of the nicknames that he used, has been active since at least 2009 and is responsible for a number of cybercrimes, including phishing, defacing, malware development, fraud, and carding that resulted in thousands of unsuspecting victims.

Cybercrime 104

Cybercrime Phishing Banking Telecommunications 104

Malwarebytes

MAY 24, 2022

An unknown Advanced Persistent Threat (APT) group has targeted Russian government entities with at least four separate spear phishing campaigns since late February, 2022. In this campaign the threat actor packaged its custom malware in a tar file called Patch_Log4j.tar.gz , a fake fix for December’s high-profile Log4j vulnerability.

Malware 145

Malware Phishing Government Accountability 145

Security Affairs

JANUARY 30, 2019

Most of the victims belong to the telecommunications and travel industries, cyber spies also targeted high-tech industry and government. “APT39 has prioritized the telecommunications sector, with additional targeting of the travel industry and IT firms that support it and the high-tech industry.” and South Korea.

Telecommunications 108

Telecommunications Advertising Malware Phishing 108

Malwarebytes

FEBRUARY 25, 2022

MuddyWater, also known as Earth Vetala, MERCURY, Seedworm, Static Kitten, and TEMP.Zargos, has its eyes set on the telecommunications, defense, local government, and oil and natural gas sectors—among others—in Africa, Asia, Europe, and North America. ” The full advisory can be read in this CISA web page.

Government 113

Government Telecommunications Antivirus Phishing 113

Security Affairs

OCTOBER 28, 2018

Back to September 2013, Belgacom (now Proximus), the largest telecommunications company in Belgium and primarily state-owned, announced its IT infrastructure had suffered a malware-based attack. The investigation revealed that the malware-based attack was powered by GCHQ and code-named Operation Socialist.

Hacking 110

Hacking Spyware Malware Advertising 110

Krebs on Security

DECEMBER 29, 2022

This bold about-face dumbfounded many longtime Norton users because antivirus firms had spent years broadly classifying all cryptomining programs as malware. Food delivery service DoorDash discloses that a “sophisticated phishing attack” on a third-party vendor allowed attackers to gain access to some of DoorDash’s internal company tools.

Cryptocurrency 291

Cryptocurrency Cybercrime Computers and Electronics Scams 291

Malwarebytes

MARCH 30, 2022

But this could have easily led to nefarious payloads, like malware, and some have already classed this as a smishing (or “SMS phishing”) attempt. Interestingly, Welch said, the texts appear to be targeting users of Verizon Wireless, one of the biggest telecommunication companies in the US.

Wireless 106

Wireless Telecommunications Mobile Media 106

Krebs on Security

DECEMBER 12, 2018

A week later, I found another expired certificate on the credit freeze Web portal for the National Consumer Telecommunications and Utilities Exchange — a consumer credit bureau operated by Experian. It took Equifax two weeks to fix that expired cert. ARE YOU EXPERIANSED?

Cyber Risk 243

Cyber Risk Energy and Utilities Risk Marketing 243

Security Affairs

NOVEMBER 29, 2019

The group’s distinctive features are the high quality of their phishing attacks and the use of legitimate services, which makes it very difficult to detect its malicious activity in companies’ infrastructures. The most common objective of such attacks is cyberespionage and disruption of major telecommunications companies’ work.

Banking 124

Banking Telecommunications Marketing Internet 124