SecureList

OCTOBER 15, 2024

The malware uses different strings to load libraries and functions required for execution. q=0" Icon File Name : %systemroot%System32moricons.dll Machine ID : desktop-84bs21b Downloader module The RTF exploits and LNK files execute the same JavaScript malware. In particular, Avast and AVG solutions are of interest to the malware.

Malware 143

Malware Encryption Architecture Phishing 143

Security Boulevard

MARCH 24, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. but given the Salt Typhoon breach and the apparent lackluster security practices and culture at just about every American telecommunications company, this was too interesting to ignore. They also have appeared to partner with Proton.

Surveillance 75

Surveillance Telecommunications Data breaches Malware 75

The Last Watchdog

AUGUST 20, 2019

And, increasingly, they come riddled with some of the most invasive types of malware. These devices are not safe to do anything on, and they impact everything they touch,” says Ronan Cremin, chief technology officer at Afilias Technologies , a Dublin-based tech vendor that has a unique view of mobile device usage patterns.

Malware 185

Malware Mobile Manufacturing Marketing 185

SecureList

MARCH 10, 2025

We continued to monitor the group throughout the rest of the year, observing intense activity that included updates to SideWinder’s toolset and the creation of a massive new infrastructure to spread malware and control compromised systems. Additionally, they change the names and paths of their malicious files.

Energy and Utilities 108

Energy and Utilities Malware Government Phishing 108

Security Affairs

AUGUST 25, 2022

Russia-linked APT group Nobelium is behind a new sophisticated post-exploitation malware tracked by Microsoft as MagicWeb. Microsoft security researchers discovered a post-compromise malware, tracked as MagicWeb, which is used by the Russia-linked NOBELIUM APT group to maintain persistent access to compromised environments.

Malware 134

Malware Authentication Telecommunications Government 134

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. net” and “ett[.]hopto[.]org”

Malware 104

Malware Telecommunications DNS Hacking 104

Security Affairs

SEPTEMBER 5, 2024

The group focuses on government departments that are involved in foreign affairs, technology, and telecommunications. The malware is highly obfuscated and disguises itself as system utilities, allowing attackers to perform tasks like file manipulation, command execution, and remote port scanning.

Malware 119

Malware Telecommunications Encryption Hacking 119

Security Affairs

SEPTEMBER 8, 2024

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. The researchers observed threat actors exploiting CVE-2024-36401 in attacks aimed at IT service providers in India, technology companies in the U.S.,

Malware 134

Malware Telecommunications Encryption DDOS 134

Security Affairs

FEBRUARY 13, 2025

Seashell Blizzard (aka Sandworm , BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRUs Main Center for Special Technologies (GTsST). On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications 107

Telecommunications DNS Passwords Hacking 107

Security Affairs

DECEMBER 6, 2021

Russia-linked Nobelium APT group is using a new custom malware dubbed Ceeloader in attacks against organizations worldwide. NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers.

Malware 133

Malware VPN Accountability Telecommunications 133

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. exe, and rundll32.exe.

Government 98

Government Malware Telecommunications Cybercrime 98

Krebs on Security

APRIL 2, 2019

Canadian police last week raided the residence of a Toronto software developer behind “ Orcus RAT ,” a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. An advertisement for Orcus RAT. In an “official press release” posted to pastebin.com on Mar.

Advertising 255

Advertising Malware Software Marketing 255

Security Affairs

SEPTEMBER 19, 2023

China-linked threat actor Earth Lusca used a new Linux malware dubbed SprySOCKS in a recent cyber espionage campaign. The experts noticed that the threat actors have rewritten many functions of the malware to run on Linux systems. Additional analysis led to the discovery of a previously unknown Linux backdoor tracked as SprySOCKS.

Malware 126

Malware Encryption Telecommunications Authentication 126

Security Affairs

JANUARY 31, 2024

Researchers from cybersecurity firm Synacktiv published a technical analysis of a Rust malware, named KrustyLoader, that was delivered by threat actors exploiting the above vulnerabilities. The flaw CVE-2023-46805 (CVSS score 8.2) is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x,

VPN 127

VPN Malware Authentication Small Business 127

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware 125

Malware Hacking Government Telecommunications 125

Adam Levin

FEBRUARY 8, 2019

The attackers then enumerated access and conducted privilege escalation on the victim networks, utilizing DLL sideloading techniques documented in a US-CERT alert on APT10 to deliver malware,” stated the report. and European-based technology firms, such as the cyberattack on Airbus earlier this year. government officials worried.

Telecommunications 146

Telecommunications Government Technology Hacking 146

Security Affairs

OCTOBER 22, 2023

“If you’re working today at the cutting edge of technology then geopolitics is interested in you, even if you’re not interested in geopolitics.” ” Commercial businesses in the technology sector of any size, especially small companies and start-ups and researchers, are more exposed to Chinese espionage. .

Telecommunications 144

Telecommunications Technology Government Firmware 144

Security Affairs

FEBRUARY 15, 2025

custody in exchange for Marc Fogel North Korea-linked APT Emerald Sleet is using a new tactic U.S.

Spyware 69

Spyware Firewall Artificial Intelligence Malware 69

Approachable Cyber Threats

MARCH 9, 2023

Category Awareness, News, Case Study As one of the world’s fastest-growing industries, telecommunication has become a highly vulnerable target for cybersecurity threats. The Industry Information technology's ability to connect and communicate has become integral to our society here in the digital age. Read more of the ACT

Telecommunications 52

Telecommunications IoT Firewall Encryption 52

Security Affairs

JUNE 29, 2020

According to the experts, the malware was developed by the Russian cybercrime crew known as Evil Corp , which was behind the Dridex Trojan , and multiple ransomware like Locky , Bart, Jaff , and BitPaymer. Most of the victims belong to the manufacturing industry, followed by IT and media and telecommunications sectors.

Ransomware 123

Ransomware Telecommunications Manufacturing Advertising 123

Security Affairs

OCTOBER 25, 2021

The NOBELIUM APT ( APT29 , Cozy Bear , and The Dukes) is the threat actor that conducted supply chain attack against SolarWinds, which involved multiple families of implants, including the SUNBURST backdoor , TEARDROP malware , GoldMax malware , Sibot , and GoldFinder backdoors. ” states Microsoft.

Telecommunications 128

Telecommunications Technology Hacking Malware 128

Security Affairs

DECEMBER 1, 2024

CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog Thai police arrested Chinese hackers involved in SMS blaster attacks Zyxel firewalls targeted in recent ransomware attacks Malware campaign abused flawed Avast Anti-Rootkit driver Russia-linked APT TAG-110 uses targets Europe and Asia Russia-linked threat (..)

Cybercrime 71

Cybercrime Firewall Social Engineering Ransomware 71

SecureList

DECEMBER 22, 2022

Around the same time, we identified ransomware and wiper malware samples resembling those used in the first wave, though with a few interesting modifications that likely allowed evasion of security controls and better attack speeds. Below, we compare and discuss the differences between the wave 1 and wave 2 ransomware and wiper malware.

Ransomware 132

Ransomware Telecommunications Malware Encryption 132

Security Affairs

MARCH 25, 2020

The group hit entities in several industries, including the gaming, healthcare, high-tech, higher education, telecommunications, and travel services industries. Unlike other China-based actors, the group used custom malware in cyber espionage operations, experts observed 46 different malware families and tools in APT41 campaigns.

Telecommunications 145

Telecommunications Healthcare Education Advertising 145

Security Affairs

OCTOBER 18, 2020

Since August, FIN11 started targeting organizations in many industries, including defense, energy, finance, healthcare, legal, pharmaceutical, telecommunications, technology, and transportation. Researchers from FireEye’s Mandiant observed FIN11 hackers using spear-phishing messages distributing a malware downloader dubbed FRIENDSPEAK.

Ransomware 140

Ransomware Malware Telecommunications Advertising 140

Security Affairs

JUNE 19, 2021

. “RedFoxtrot has primarily targeted aerospace and defense, government, telecommunications, mining, and research organizations in Afghanistan, India, Kazakhstan, Kyrgyzstan, Pakistan, Tajikistan, and Uzbekistan. The threat actors behind the RedFoxtrot operations employed both custom malware and publicly available malicious code.

Telecommunications 135

Telecommunications Government Hacking Malware 135

Security Affairs

SEPTEMBER 1, 2020

French President Emmanuel Macron announced that France won’t ban the Chinese giant Huawei from its upcoming 5G telecommunication networks. French President Emmanuel Macron announced that his government will not exclude Chinese telecom giant Huawei from the building of the upcoming 5G telecommunication networks.

Telecommunications 141

Telecommunications Advertising Technology Manufacturing 141

Security Affairs

APRIL 11, 2020

The attackers may have gained access to some users’ login credentials after deploying malware on both websites. The attackers inserted malicious computer code on these websites to steal some users’ login credentials,” reads a message posted to both site’s by the SFO’s Airport Information Technology and Telecommunications (ITT) director.

Data breaches 145

Data breaches Hacking Telecommunications Advertising 145

The Last Watchdog

APRIL 13, 2022

The Russian government, military, and intelligence service may wish to achieve some operational effect, for example, disrupting the power grid or interfering with telecommunications infrastructure, which may be part of a larger war plan. Educate your employees on threats and risks such as phishing and malware.

Cybersecurity 214

Cybersecurity Cybercrime Education Government 214

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. and Tykelab Srl, the latter is a telecommunications solutions company suspected to be operating as a front company. ” reads the analysis published by Lookout.

Spyware 105

Spyware Surveillance Telecommunications Mobile 105

Security Affairs

SEPTEMBER 27, 2023

The group targeted organizations in multiple sectors, including defense, government, electronics, telecommunication, technology, media, telecommunication industries. The nation-state actors employed multiple custom malware families targeting Windows, Linux, and FreeBSD operating systems.

Firmware 136

Firmware Telecommunications System Administration Malware 136

Security Affairs

DECEMBER 1, 2020

UK officials proposed to stop installing new Huawei equipment in the 5G network within the year, they also plan to speed up the replacement of Chinese technology that has been already deployed. The UK intelligence analysis believe that US ban on Chinese 5G technology will force Huawei to use untrusted technology. allegations.

Wireless 141

Wireless Government Marketing Telecommunications 141

Security Affairs

NOVEMBER 28, 2022

While the malware written in.NET is new, its deployment is similar to previous attacks attributed to #Sandworm. Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Ransomware 138

Ransomware Encryption Telecommunications Malware 138

Heimadal Security

MARCH 17, 2021

A cyber-espionage campaign is targeting telecom companies around the world with attacks using malicious downloads in an effort to steal sensitive data – including information about 5G technology – from compromised victims. The post Telecom Companies Are Targeted by Hackers appeared first on Heimdal Security Blog.

Telecommunications 98

Telecommunications Technology Cybersecurity Malware 98

Security Affairs

OCTOBER 4, 2022

The malicious installer was used to infect organizations in multiple sectors, including the industrial, healthcare, technology, manufacturing, insurance and telecommunications sectors in North America and Europe. “Malware is delivered via a signed Comm100 installer that was downloadable from the company’s website.

Telecommunications 133

Telecommunications Insurance Manufacturing Healthcare 133

Security Affairs

JULY 5, 2020

UK officials are drawing up proposals to stop installing new Huawei equipment in the 5G network within the year, they also plan to speed up the replacement of Chinese technology that has been already deployed. The UK intelligence analysis believe that US ban on Chinese 5G technology will force Huawei to use untrusted technology.

Technology 142

Technology Telecommunications Risk Manufacturing 142

SecureList

SEPTEMBER 16, 2021

We are currently seeing attempts to exploit the CVE-2021-40444 vulnerability targeting companies in the research and development sector, the energy sector and large industrial sectors, banking and medical technology development sectors, as well as telecommunications and the IT sector. Mitigations.

Engineering 138

Engineering Telecommunications Internet Internet 138