Security Affairs

JUNE 14, 2021

We call on all states to urgently identify and disrupt ransomware criminal networks operating from within their borders, and hold those networks accountable for their actions,” reads the statement. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, ransomware).

Ransomware 103

Ransomware Cybercrime Telecommunications Accountability 103

Security Affairs

JANUARY 2, 2022

The Lapsus$ ransomware group defaced all the sites publishing a ransom note that claims that they had access to Impresa’s Amazon Web Services account. The gang also targeted the South American telecommunication providers Claro and Embratel. Source TheRecord. At this time the websites of the company are in maintenance mode.

Media 141

Media Ransomware Telecommunications Accountability 141

Security Affairs

FEBRUARY 22, 2022

The cybercrime unit of the Ukrainian police has arrested a group of cybercriminals who managed to steal payment card data from at least 70,000 people by setting up mobile fake top-up services. Once obtained the data, crooks used it to empty their victims’ bank accounts. 190 (Fraud) of the Criminal Code of Ukraine.

Phishing 84

Phishing Banking Mobile Telecommunications 84

Security Affairs

MARCH 18, 2022

Mandiant researchers discovered a new Unix rootkit named Caketap, which is used to steal ATM banking data, while investigating the activity of the LightBasin cybercrime group (aka UNC1945 ). CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by the group since 2019.

Banking 129

Banking Telecommunications System Administration Hacking 129

Security Affairs

MARCH 10, 2023

AT&T is notifying millions of customers that some of their information was exposed after a third-party vendor was hacked. CPNI is information related to the telecommunications services purchased by the customers, including the number of lines for each account or the wireless plan to which customers are subscribed.

Data breaches 91

Data breaches Hacking Wireless Telecommunications 91

Security Affairs

OCTOBER 6, 2022

.” The arrest is the result of Operation Guardian led by AFP which became aware of a number of text messages demanding some Optus customers transfer $2000 to a bank account or face their personal information being used for financial crimes. The database belonging to the company was leaked on a cybercrime forum.

Data breaches 72

Data breaches Scams Telecommunications Financial Services 72

Security Affairs

APRIL 19, 2024

The group also relies on valid accounts and leverage strong operational security, which combined, allows for long-term undiscovered persistence. A Chinese Foreign Ministry spokesperson recently stated that the Volt Typhoon activity is not associated with Beijing, but linked it to a cybercrime operation. In fact, the U.S.

Energy and Utilities 99

Energy and Utilities Telecommunications Technology VPN 99

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe.

Government 52

Government Malware Telecommunications Cybercrime 52

Security Affairs

AUGUST 18, 2021

million current postpaid customer accounts, as well as more than 40 million records of former and prospective customers. Importantly, no phone numbers, account numbers, PINs, passwords, or financial information were compromised in any of these files of customers or prospective customers.” Pierluigi Paganini.

Data breaches 100

Data breaches Mobile Telecommunications Wireless 100

Security Affairs

FEBRUARY 10, 2022

. “The Federal Bureau of Investigation is issuing this announcement to inform mobile carriers and the public of the increasing use of Subscriber Identity Module (SIM) swapping by criminals to steal money from fiat and virtual currency accounts.” Use a variation of unique passwords to access online accounts.

Mobile 92

Mobile Cryptocurrency Authentication Accountability 92

Security Affairs

APRIL 23, 2022

Telecommunication giant T-Mobile confirmed the LAPSUS$ extortion group gained access to its networks in March. The popular investigator and journalist Brian Krebs first surmised that the LAPSUS$ gang has breached T-Mobile after he reviewed a copy of the private chat messages between members of the cybercrime group. ” wrote Krebs.

Mobile 97

Mobile VPN Social Engineering Telecommunications 97

Security Affairs

SEPTEMBER 24, 2023

0-days exploited by commercial surveillance vendor in Egypt PREDATOR IN THE WIRES OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes Cybersecurity Apple and Google Are Introducing New Ways to Defeat Cell Site Simulators, But Is it Enough?

Cyber Attacks 84

Cyber Attacks Firewall Data breaches Telecommunications 84

Security Affairs

MARCH 16, 2020

Hackers have stolen O2 customers’ data from a database run by Aerial Direct , one of the largest UK partners of the telecommunications services provider. “We recently became aware that some of our customers’ personal information stored on one of our databases has been accessed without permission. Pierluigi Paganini.

Data breaches 106

Data breaches Telecommunications Passwords Advertising 106

Security Affairs

MARCH 26, 2023

NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sites Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days CISA announced the Pre-Ransomware Notifications initiative China-linked hackers target telecommunication providers in the Middle East City of Toronto is one of the victims hacked by Clop gang using GoAnywhere (..)

Data breaches 79

Data breaches DDOS Backups Ransomware 79

Security Affairs

JANUARY 13, 2023

A Pro-Russian cybercrime group named NoName057 (16) (aka 05716nnm or Nnm05716) is behind a wave of DDoS attacks against organizations in Ukraine and NATO countries, SentinelOne researchers reported. GitHub removed the accounts after SentinelOne reported the abuse to the company. The current C2 server is zig35m48zur14nel40[.]myftp.org

DDOS 70

DDOS Telecommunications DNS Education 70

Security Affairs

JULY 31, 2022

Once obtained the credentials, an attacker can add an administrator account and use it to obtain full access to the device and perform actions such as watching live footage from the camera as shown below. “This information could aid in reconnaissance conducted prior to launching a cyberattack. ” concludes Nozomi.

Surveillance 143

Surveillance Authentication Telecommunications Manufacturing 143

Security Affairs

APRIL 20, 2023

In Q1 2023, threat actors linked to Russia’s military intelligence service focused their phishing campaigns on Ukraine, with the country accounting for over 60% of observed Russian targeting. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Phishing 88

Phishing Education Accountability Telecommunications 88

Security Affairs

MARCH 23, 2022

Yesterday the cybercrime gang leaked 37GB of source code stolen from Microsoft’s Azure DevOps server. Microsoft has now confirmed that the attackers have compromised the account of one of its employees gaining limited access to source code repositories. No customer code or data was involved in the observed activities.

Accountability 100

Accountability VPN Social Engineering Hacking 100

Security Affairs

JANUARY 20, 2023

Bad news for T-Mobile, the company disclosed a new data breach that resulted in the theft of data belonging to 37 customer accounts. T-Mobile suffered a new data breach, threat actor stole the personal information of 37 million current postpaid and prepaid customer accounts.

Data breaches 76

Data breaches Mobile Accountability Telecommunications 76

Security Affairs

MAY 1, 2023

The carrier states that personal financial account information and call records were not affected by the security breach. In January, T-Mobile suffered the first data breach in 2023, threat actors stole the personal information of 37 million current postpaid and prepaid customer accounts.

Data breaches 73

Data breaches Mobile Identity Theft Accountability 73

Security Affairs

NOVEMBER 29, 2019

The most common objective of such attacks is cyberespionage and disruption of major telecommunications companies’ work. The telecommunications sector: Are providers ready for 5G? If they manage to compromise a telecommunications company, they can then also compromise its customers for surveillance or sabotage purposes.

Banking 85

Banking Telecommunications Marketing Internet 85

SecureList

MAY 11, 2023

The second-largest category of cases consisted of compromised accounts and malicious emails. Legitimate code-signing certificates, such as Nvidia’s leaked certificate and Kuwait Telecommunication Company’s certificate were used to sign a malicious driver which was then used in wiper attacks against Albanian organizations.

Ransomware 117

Ransomware Malware Architecture Telecommunications 117

SecureList

MAY 12, 2021

Botmasters and account resellers are tasked with providing initial access inside the victim’s network. There is, of course, a documented porosity between the ransomware ecosystem and other cybercrime domains such as carding or point-of-sale (PoS) hacking. Part II: The darknet shenanigans. Through the market lanes.

Ransomware 124

Ransomware Encryption Malware Cybercrime 124

Security Affairs

NOVEMBER 25, 2020

In the report, the company examines key shifts in the cybercrime world internationally between H2 2019 and H1 2020 and gives forecasts for the coming year. The past year — a harrowing period for the world economy — culminated in the spike of cybercrime. The most severe financial damage has occurred as a result of ransomware activity.

Banking 131

Banking Ransomware Phishing Marketing 131

Security Affairs

OCTOBER 22, 2023

North Korea-linked APT groups actively exploit JetBrains TeamCity flaw Multiple APT groups exploited WinRAR flaw CVE-2023-38831 Californian IT company DNA Micro leaks private mobile phone data Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August A flaw in Synology DiskStation Manager allows admin account (..)

Ransomware 108

Ransomware Telecommunications Data breaches Mobile 108