Accountability, Authentication, Telecommunications and VPN

Accountability

Authentication

Telecommunications

VPN

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. The Russia-linked APT group Sandworm (UAC-0165) has compromised eleven telecommunication service providers in Ukraine between May and September 2023, reported the Ukraine’s Computer Emergency Response Team (CERT-UA).

Telecommunications

Telecommunications Authentication Data collection Passwords

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x, The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure. x) and Ivanti Policy Secure.

VPN

VPN Malware Authentication Small Business

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x, The flaw CVE-2023-46805 (CVSS score 8.2) x and Ivanti Policy Secure. x) and Ivanti Policy Secure.

VPN

VPN Authentication Small Business Telecommunications

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. The employee phishing page bofaticket[.]com. Image: urlscan.io. ” SPEAR VISHING.

Phishing

Phishing VPN Social Engineering Media

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers.

Telecommunications

Telecommunications Authentication Passwords Accountability

T-Mobile confirms Lapsus$ had access its systems

Security Affairs

APRIL 23, 2022

Telecommunication giant T-Mobile confirmed the LAPSUS$ extortion group gained access to its networks in March. In most cases, this involved social engineering employees at the targeted firm into adding one of their computers or mobiles to the list of devices allowed to authenticate with the company’s virtual private network (VPN).”

Mobile

Mobile VPN Social Engineering Telecommunications

Lapsus$: The New Name in Ransomware Gangs

Security Boulevard

MARCH 15, 2022

It was the Expresso Twitter account that the hackers used to bait the organization to demonstrate their control over the company's IT infrastructure. Other targets include Brazil’s Ministry of Health (MoH) and Brazilian telecommunications operator Claro. Impresa owns the country's largest TV channel and newspaper, SIC and Expresso.

Ransomware

Ransomware Telecommunications Firmware Media

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

FEBRUARY 18, 2019

webmail.finance.gov.lb), which allowed them to decrypt the intercepted email and VPN credentials and view them in plain text. adpvpn.adpolice.gov.ae: VPN service for the Abu Dhabi Police. mail.cyta.com.cy: Cyta telecommunications and Internet provider, Cyprus. mail.asp.gov.al: email for Albanian State Police. Contacted on Feb.

DNS

DNS Internet Internet Government

It’s official, Lapsus$ gang compromised a Microsoft employee’s account

Security Affairs

MARCH 23, 2022

Microsoft has now confirmed that the attackers have compromised the account of one of its employees gaining limited access to source code repositories. Our investigation has found a single account had been compromised, granting limited access. No customer code or data was involved in the observed activities.

Accountability

Accountability VPN Social Engineering Hacking

Nobelium continues to target organizations worldwide with custom malware

Security Affairs

DECEMBER 6, 2021

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. In some campaigns analyzed by Mandiant, the threat actor was using residential IP address ranges to authenticate to target environments.

Malware

Malware VPN Telecommunications Accountability

What Is Encryption? Definition, How it Works, & Examples

eSecurity Planet

DECEMBER 7, 2023

AES encryption can be commonly found in communication protocols, virtual private network (VPN) encryption, full-disk encryption, and Wi-Fi transmission protocols. For example, The Health Insurance Portability and Accountability Act (HIPAA) requires security features such as encryption to protect patients’ health information.

Encryption

Encryption Passwords IoT Firewall

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Perimeter81 VPN and zero trust 2020 Private Wiz Cloud security 2020 Private OneTrust Privacy management 2019 Private Darktrace AI network security 2017 Private Recorded Future Threat intelligence 2017 Acquired: Insight Thycotic Access management 2015 Private Checkmarx Application security 2015 Acquired: P.E.

Cybersecurity

Cybersecurity Technology Marketing Healthcare

Cyber Security Informer

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Trending Sources

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Voice Phishers Targeting Corporate VPNs

China-linked threat actors have breached telcos and network service providers

T-Mobile confirms Lapsus$ had access its systems

Lapsus$: The New Name in Ransomware Gangs

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

It’s official, Lapsus$ gang compromised a Microsoft employee’s account

Nobelium continues to target organizations worldwide with custom malware

What Is Encryption? Definition, How it Works, & Examples

Top VC Firms in Cybersecurity of 2022

Stay Connected