article thumbnail

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. The Russia-linked APT group Sandworm (UAC-0165) has compromised eleven telecommunication service providers in Ukraine between May and September 2023, reported the Ukraine’s Computer Emergency Response Team (CERT-UA).

article thumbnail

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

Seashell Blizzard (aka Sandworm , BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRUs Main Center for Special Technologies (GTsST). On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

It Might Be Our Data, But It’s Not Our Breach

Krebs on Security

The telecommunications giant stopped short of saying the data wasn’t theirs, but it maintains the records do not appear to have come from its systems and may be tied to a previous data incident at another company. There are very few records in this file with dates of birth after 2000.

Mobile 57
article thumbnail

Google fixed a new Chrome Zero-Day actively exploited in the wild

Security Affairs

Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-06-22 [$2000][ 1345193 ] Medium CVE-2022-2860: Insufficient policy enforcement in Cookies.

article thumbnail

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Security Affairs

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. ” reads the report published by Recorded Future.

Malware 104
article thumbnail

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Security Affairs

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). In December, Kyivstar , the largest Ukraine service provider went down after a major cyber attack.

Mobile 128
article thumbnail

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Security Affairs

Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). In September 2022, Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware.