Security Affairs

JANUARY 7, 2024

Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns. The group targets government entities, Kurdish (political) groups like PKK, telecommunication, ISPs, IT-service providers (including security companies), NGO, and Media & Entertainment sectors; Over the years, the group enhanced its evasion capabilities.

Media 128

Media Accountability Telecommunications Government 128

Security Affairs

DECEMBER 12, 2019

The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. SecurityAffairs – GALLIUM, hacking). Pierluigi Paganini.

Telecommunications 83

Telecommunications DNS Malware Advertising 83

Security Affairs

NOVEMBER 11, 2022

The APT hacking group is believed to have been behind numerous attacks this year, including an attack on Ukrainian energy infrastructure and the deployment of a persistent botnet called “ Cyclops Blink ” dismantled by the US government in April. SecurityAffairs – hacking, Prestige ransomware). Pierluigi Paganini.

Ransomware 97

Ransomware Telecommunications DNS Hacking 97

Security Affairs

JANUARY 13, 2023

The C2 infrastructure used by the group was primarily hosted on the Bulgarian telecommunications company Neterra. Experts observed threat actors also using No-IP Dynamic DNS services. SecurityAffairs – hacking, NoName057(16) ). GitHub removed the accounts after SentinelOne reported the abuse to the company. Pierluigi Paganini.

DDOS 86

DDOS Telecommunications DNS Education 86

Security Affairs

AUGUST 10, 2020

In March 2020, The Ministry of Telecommunications (MoTC) issued a directive to all operators in Myanmar with a secret list of 230 sites to be blocked due to the nature of the content; adult content and fake news. Our findings show that both Telenor and MPT block websites using DNS tampering. SecurityAffairs – hacking, Myanmar).

Internet 91

Internet Internet Telecommunications DNS 91

Security Affairs

JULY 13, 2019

The campaign uncovered by Avast aimed at silently modifying the Brazilian users’ Domain Name System (DNS) settings to redirect victims to malicious websites mimicking legitimate ones. In some cases the router is reconfigured to use rogue DNS servers, which redirect victims to phishing pages that closely look like real online banking sites.

DNS 87

DNS Passwords Advertising Banking 87

Security Affairs

AUGUST 27, 2019

reported that Hexane is targeting organizations in the oil and gas industry and telecommunication providers. The malware uses DNS and HTTP-based communication mechanisms. Experts pointed out that Lyceum does not use sophisticated hacking techniques. SecurityAffairs – Lyceum, hacking). Security experts at Dragos Inc.

DNS 90

DNS Passwords Penetration Testing Social Engineering 90

Security Boulevard

JANUARY 12, 2022

MuddyWater (also known as TEMP.Zagros, Static Kitten, Seedworm, and Mercury) is a threat group that primarily targets telecommunications, government, oil, defense, and finance sectors in the Middle East, Europe, and North America. By utilizing the Google Update service, goopdate.dll conceals communications with C2 servers.

Telecommunications 115

Telecommunications DNS Malware Government 115

Security Affairs

JULY 6, 2021

According to the DNS data analysis, this name was used to register at least two domains, which were created using the email from the phishing kit. SecurityAffairs – hacking, Operation Lyrebird). ” said Dmitry Volkov Group-IB CTO and Head of Threat Hunting Intelligence. Original post at [link]. Pierluigi Paganini.

Cybercrime 101

Cybercrime Phishing Banking Telecommunications 101

Krebs on Security

APRIL 2, 2019

31, 2019, Rezvesz said his company recently was the subject of an international search warrant executed jointly by the Royal Canadian Mounted Police (RCMP) and the Canadian Radio-television and Telecommunications Commission (CRTC). “In In an “official press release” posted to pastebin.com on Mar.

Advertising 224

Advertising Malware Marketing Software 224

Security Affairs

JANUARY 10, 2019

Security expert uncovered a DNS hijacking campaign targeting organizations in various industries worldwide and suspects Iranian APT groups. It is interesting to note that FireEye confirmed that this campaign is different from other operations carried out by Iranian APT groups due to the use of DNS hijacking at scale.

DNS 93

DNS Telecommunications Government Encryption 93

Security Affairs

AUGUST 7, 2019

The group has targeted a variety of industries, including financial, government, energy, chemical, and telecommunications, and has largely focused its operations within the Middle East. T1094) mainly developed using DNS resolutions (which is actually one of the main characteristic of the attacker group).

Computers and Electronics 87

Computers and Electronics Penetration Testing DNS Phishing 87

Security Affairs

FEBRUARY 24, 2019

“The Internet Corporation for Assigned Names and Numbers ( ICANN ) believes that there is an ongoing and significant risk to key parts of the Domain Name System ( DNS ) infrastructure. The notice was issued by the DHS and links the emergency directive Emergency Directive 19-01 titled “Mitigate DNS Infrastructure Tampering.”.

Internet 108

Internet Internet DNS Telecommunications 108

Security Affairs

MAY 2, 2019

Indeed we might observe a File-based command and control (a quite unusual solution) structure, a VBS launcher, a PowerShell Payload and a covert channel over DNS engine. The group conducts operations primarily in the Middle East, targeting financial, government, energy, chemical, telecommunications and other industries.

DNS 100

DNS Computers and Electronics Penetration Testing Government 100

Security Affairs

NOVEMBER 29, 2019

One of the trends related to the active confrontation between attackers has been hacking back, i.e. when attackers become the victims of hacking. The past months have shown that the most dangerous hacks involved DNS hijacking, which helped attackers manipulate DNS records for MITM attacks. Pierluigi Paganini.

Banking 91

Banking Telecommunications Marketing Internet 91

Security Affairs

APRIL 23, 2019

Security expert Marco Ramilli published the findings of a quick analysis of the webmask project standing behind the DNS attacks implemented by APT34 (aka OilRig and HelixKitten ). The group conducts operations primarily in the Middle East, targeting financial, government, energy, chemical, telecommunications and other industries.

DNS 90

DNS Computers and Electronics Penetration Testing Government 90

CyberSecurity Insiders

MARCH 5, 2021

According to CRN news , SolarWinds stated that its customers included 425 of the US Fortune 500, the top ten US telecommunications companies, the top five US accounting firms, all branches of the US Military, the Pentagon, the State Department, as well as hundreds of universities and colleges worldwide. Infected Domains Analysis.

DNS 138

DNS Education Malware Telecommunications 138

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. One of the unique things about how they did this is they judged it in a full spectrum hacking contest. If you look at like the Tesla hack, it was interesting. but they never actually checked that.

InfoSec 52

InfoSec Artificial Intelligence Computers and Electronics Software 52

eSecurity Planet

FEBRUARY 3, 2021

The National Telecommunications and Information Administration (NTIA) offers the concept of a Software Bill of Materials (SBOM) to address this problem. For CrowdStrike , months after the attempted hack, they were first alerted about attempts to read email and abnormal communication between their MS Office licenses and MS cloud APIs.

Software 62

Software Malware Authentication Penetration Testing 62

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. One of the unique things about how they did this is they judged it in a full spectrum hacking contest. If you look at like the Tesla hack, it was interesting. but they never actually checked that.

InfoSec 40

InfoSec Artificial Intelligence Computers and Electronics Software 40

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. One of the unique things about how they did this is they judged it in a full spectrum hacking contest. If you look at like the Tesla hack, it was interesting. but they never actually checked that.

InfoSec 40

InfoSec Artificial Intelligence Computers and Electronics Software 40

SecureList

FEBRUARY 16, 2021

The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent. In October, telecommunications firm Telenor Norway was another to fall victim. Extortionists’ activity regularly made the news throughout 2020.

DDOS 134

DDOS Cryptocurrency Marketing Internet 134

Security Affairs

JANUARY 15, 2020

If so we are facing a state-sponsored group with high capabilities in developing persistence and hidden communication channels (for example over DNS) but without a deep interest in exploiting services. The group’s victims are mainly in the telecommunications, government (IT services), and oil sectors.” Pierluigi Paganini.

Computers and Electronics 94

Computers and Electronics Penetration Testing Malware Government 94

SecureList

APRIL 27, 2021

It was first publicly documented in 2014, in the aftermath of the Gamma Group hacking incident. Although Lyceum still prefers taking advantage of DNS tunneling, it appears to have replaced the previously documented.NET payload with a new C++ backdoor and a PowerShell script that serve the same purpose.

Malware 142

Malware Spyware Government Social Engineering 142