Accountability, Hacking and Telecommunications

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. According to public sources, the threat actors targeted ICS of at least 11 Ukrainian telecommunications providers leading to the disruption of their services. “Note (!) ” reads the advisory.

Telecommunications

Telecommunications Authentication Data collection Passwords

Former telecom manager admits to doing SIM swaps for $1,000

Bleeping Computer

MARCH 15, 2024

A former manager at a telecommunications company in New Jersey pleaded guilty to conspiracy charges for accepting money to perform unauthorized SIM swaps that enabled an accomplice to hack customer accounts. [.]

Telecommunications

Telecommunications Accountability Hacking

Another Massive Russian Hack of US Government Networks

Schneier on Security

DECEMBER 15, 2020

The press is reporting a massive hack of US government networks by sophisticated Russian hackers. Officials said a hunt was on to determine if other parts of the government had been affected by what looked to be one of the most sophisticated, and perhaps among the largest, attacks on federal systems in the past five years.

Government

Government Hacking Telecommunications Education

AT&T is notifying millions of customers of data breach after a third-party vendor hack

Security Affairs

MARCH 10, 2023

AT&T is warning some of its customers that some of their information was exposed after the hack of a third-party vendor’s system. AT&T is notifying millions of customers that some of their information was exposed after a third-party vendor was hacked. Social Security Number, account passwords).

Data breaches

Data breaches Hacking Wireless Telecommunications

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Krebs on Security

MARCH 5, 2021

In each incident, the intruders have left behind a “web shell,” an easy-to-use, password-protected hacking tool that can be accessed over the Internet from any browser. By all accounts, rooting out these intruders is going to require an unprecedented and urgent nationwide clean-up effort.

Hacking

Hacking Software Government Internet

230K individuals impacted by a data breach suffered by Telco provider Tangerine

Security Affairs

FEBRUARY 23, 2024

Australian telecommunications provider Tangerine disclosed a data breach that impacted roughly 230,000 individuals. The telecommunications provider pointed out that no financial information (credit or debit card numbers, banking details) has been compromised.

Data breaches

Data breaches Telecommunications Banking Mobile

AT&T confirmed that a data breach impacted 73 million customers

Security Affairs

MARCH 30, 2024

ShinyHunters is a popular hacking crew that is known to have offered for sale data stolen from tens of major organizations, including Tokopedia , Homechef , Chatbooks.com , Microsoft , and Minted. million current AT&T account holders and approximately 65.4 million former account holders.”

Data breaches

Data breaches Telecommunications Cybercrime Hacking

China Says U.S. Hacking Huawei Since 2009

SecureWorld News

SEPTEMBER 28, 2023

In a tale as old as the computer, China has once again pointed fingers at the United States, accusing it of hacking into one of its technology companies. At the forefront of this rivalry stands Huawei, a prominent Chinese telecommunications company. Of course, this comes about a month after the U.S.

Hacking

Hacking Artificial Intelligence Telecommunications Cyber Attacks

AT&T states that the data breach impacted 51 million former and current customers

Security Affairs

APRIL 10, 2024

ShinyHunters is a popular hacking crew that is known to have offered for sale data stolen from tens of major organizations, including Tokopedia , Homechef , Chatbooks.com , Microsoft , and Minted. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, data breach)

Data breaches

Data breaches Telecommunications Identity Theft Hacking

On Executive Order 12333

Schneier on Security

SEPTEMBER 28, 2020

The Article pays particular attention to EO 12333’s designation of the National Security Agency as primarily responsible for conducting signals intelligence, which includes the installation of malware, the analysis of internet traffic traversing the telecommunications backbone, the hacking of U.S.-based

Surveillance

Surveillance Telecommunications Internet Internet

Lapsus$ ransomware gang hits Impresa, Portugal’s largest media conglomerate

Security Affairs

JANUARY 2, 2022

The Lapsus$ ransomware group defaced all the sites publishing a ransom note that claims that they had access to Impresa’s Amazon Web Services account. The gang also targeted the South American telecommunication providers Claro and Embratel. The gang also targeted the South American telecommunication providers Claro and Embratel.

Media

Media Ransomware Telecommunications Accountability

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

Security Affairs

DECEMBER 30, 2020

T-Mobile has disclosed a data breach exposing customers’ account’s information. “We are reaching out to let you know about a security incident we recently identified and quickly shut down that may have impacted some of your T-Mobile account information.” SecurityAffairs – hacking, T-Mobile).

Data breaches

Data breaches Mobile Telecommunications Wireless

Over 1 Billion Individual Data Leaked Due to Alleged Chinese Police Database Hacking

Hacker Combat

JULY 8, 2022

Last week, a user going by the handle “ChinaDan” posted a message on Breach Forums (an online hacking forum in China) offering to sell about 24 terabytes of data, which also includes the data of 1 billion people allegedly stolen from Shanghai police. This vulnerability has since been addressed.

Hacking

Hacking Telecommunications Mobile Government

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Security Affairs

JANUARY 7, 2024

The group targets government entities, Kurdish (political) groups like PKK, telecommunication, ISPs, IT-service providers (including security companies), NGO, and Media & Entertainment sectors; Over the years, the group enhanced its evasion capabilities. Enable 2FA on all externally exposed accounts.

Media

Media Accountability Telecommunications Government

Sprint revealed that hackers compromised some customer accounts via Samsung site

Security Affairs

JULY 16, 2019

US telecommunications company Sprint revealed that hackers compromised an unknown number of customer accounts via the Samsung.com “add a line” website. “On June 22, Sprint was informed of unauthorized access to your Sprint account using your account credentials via the Samsung.com “add a line” website.”

Accountability

Accountability Identity Theft Telecommunications Data breaches

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee accounts for weak passwords. Iranian hackers recently have been blamed for hacking VPN servers around the world in a bid to plant backdoors in large corporate networks.

VPN

VPN Passwords Software Telecommunications

Hackers gained access to T-Mobile customers and employee personal info

Security Affairs

MARCH 5, 2020

A data breach notification published by the telecommunications giant on its website revealed that the security breach impacted both employees and customers. T-Mobile confirmed that some of these accounts accessed by the hackers contained account information for its customers and employees. SecurityAffairs – hacking, T-mobile).

Mobile

Mobile Data breaches Telecommunications Wireless

Telstra Telecom discloses data breach impacting former and current employees

Security Affairs

OCTOBER 5, 2022

Bad news for the Australian telecommunications industry, the largest company in the country Telstra suffered a data breach. Australia’s largest telecommunications company Telstra disclosed a data breach through a third-party supplier. SecurityAffairs – hacking, Telstra Telecom). Pierluigi Paganini.

Data breaches

Data breaches Telecommunications Accountability Information Security

T-Mobile customers were hit with SIM swapping attacks

Security Affairs

FEBRUARY 27, 2021

The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks.

Mobile

Mobile Telecommunications Data breaches Identity Theft

Hackers accessed Mint Mobile subscribers’ data and ported some numbers

Security Affairs

JULY 10, 2021

Mint Mobile discloses a data breach, an unauthorized attacker gained access to subscribers’ account information and ported phone numbers. Mint Mobile is an American telecommunications company which sells mobile phone services and operates as an MVNO on T-Mobile’s cellular network in the United States. Pierluigi Paganini.

Mobile

Mobile Data breaches Telecommunications Passwords

Hundreds of network operators’ credentials found circulating in Dark Web

Security Affairs

JANUARY 30, 2024

As an example of compromised accounts, Resecurity outlined exposed access credentials belonging to a major data center and one of the largest vendors providing international-scale network telephony connectivity to governmental and national telecom providers in Africa.

Engineering

Engineering Passwords Telecommunications Accountability

T-Mobile data breach has impacted 48.6 million customers

Security Affairs

AUGUST 18, 2021

million current postpaid customer accounts, as well as more than 40 million records of former and prospective customers. Importantly, no phone numbers, account numbers, PINs, passwords, or financial information were compromised in any of these files of customers or prospective customers.” SecurityAffairs – hacking, data breach).

Data breaches

Data breaches Mobile Telecommunications Wireless

Why & Where You Should You Plant Your Flag

Krebs on Security

AUGUST 12, 2020

Several stories here have highlighted the importance of creating accounts online tied to your various identity, financial and communications services before identity thieves do it for you. From that story: “The reasoning behind this strategy is as simple as it is alluring: What’s not put online can’t be hacked.

Accountability

Accountability Mobile Banking Passwords

Caketap, a new Unix rootkit used to siphon ATM banking data

Security Affairs

MARCH 18, 2022

The China-linked hacking group has been active since at least 2016, according to the CrowdStrike researchers it is using a very sophisticated toolset. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by the group since 2019. SecurityAffairs – hacking, Caketap). Pierluigi Paganini.

Banking

Banking Telecommunications System Administration Hacking

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers.

Telecommunications

Telecommunications Authentication Passwords Accountability

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. Pierluigi Paganini.

Government

Government Malware Telecommunications Cybercrime

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Security Affairs

JANUARY 5, 2024

The Ukrainian telecommunications company provides communication services and data transmission based on a broad range of fixed and mobile technologies, including 4G (LTE) in Ukraine. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Kyivstar)

Mobile

Mobile Telecommunications Cyber Attacks Internet

A flaw in Dahua IP Cameras allows full take over of the devices

Security Affairs

JULY 31, 2022

Once obtained the credentials, an attacker can add an administrator account and use it to obtain full access to the device and perform actions such as watching live footage from the camera as shown below. SecurityAffairs – hacking, IP Cameras). ” concludes Nozomi. ” Follow me on Twitter: @securityaffairs and Facebook.

Surveillance

Surveillance Authentication Telecommunications Manufacturing

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs

JANUARY 31, 2024

” Sliver is a post-exploitation framework that is gaining notoriety in the hacking underground as an alternative to the Cobalt Strike framework. “ Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, KrustyLoader )

VPN

VPN Malware Authentication Small Business

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

The Chinese APT is known to be focused on telecommunications companies operating across Asia, Europe and Africa. “Alloy Taurus remains an active threat to telecommunications, finance and government organizations across Southeast Asia, Europe and Africa,” Unit 42 concludes.

Malware

Malware Telecommunications Government VPN

Police dismantled a gang that used phishing sites to steal credit cards

Security Affairs

FEBRUARY 22, 2022

Once obtained the data, crooks used it to empty their victims’ bank accounts. “Users entered bank card details on phishing sites in order to top up their mobile account or make a transfer. SecurityAffairs – hacking, phishing). The money mules maintained a percentage of profit for each operation they carried out.

Phishing

Phishing Banking Mobile Telecommunications

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

DECEMBER 7, 2023

ANSSI observed at least three attack techniques employed by APT28 in the attacks against French organizations: searching for zero-day vulnerabilities [T1212, T1587.004]; compromise of routers and personal email accounts [T1584.005, T1586.002]; the use of open source tools and online services [T1588.002, T1583.006].

Government

Government Telecommunications Accountability Phishing

Microsoft Unsure How Chinese Hackers Stole MSA Key to Breach U.S. Agencies

eSecurity Planet

JULY 18, 2023

Microsoft has hardened security following a Chinese hack of U.S. government agency email accounts, but some details remain a mystery. government accounts using a stolen inactive Microsoft account (MSA) consumer signing key. This was made possible by a validation error in Microsoft code. This issue has been corrected.”

Accountability

Accountability Government Authentication Telecommunications

What to do if your company was mentioned on Darknet?

SecureList

DECEMBER 12, 2023

Every year is abundant with major data leaks, biggest data breaches and hacks drawing massive media attention (such as Medibank and Optus data breach, Twitter data breach, and Uber and Rockstar compromise in 2022 and in T-Mobile , MailChimp and OpenAI in 2023). Compromised users accounts from malware logs published on Darknet forums.

Data breaches

Data breaches Accountability Telecommunications Malware

Security Affairs newsletter Round 412 by Pierluigi Paganini – International edition

Security Affairs

MARCH 26, 2023

NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sites Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days CISA announced the Pre-Ransomware Notifications initiative China-linked hackers target telecommunication providers in the Middle East City of Toronto is one of the victims hacked by Clop gang using GoAnywhere (..)

Data breaches

Data breaches DDOS Backups Ransomware

Teen Hackers Behind Notorious Lapsus$ Group Convicted in London

SecureWorld News

AUGUST 28, 2023

Two individuals associated with the notorious Lapsus$ cybercriminal gang have been convicted for their involvement in a string of high-profile hacking incidents, according to the BBC. Arion Kurtaj, an 18-year-old from Oxford, England, is believed to have played a prominent role within the Lapsus$ gang. and Brazil.

Cybercrime

Cybercrime Social Engineering Telecommunications Hacking

Lapsus$ extortion gang claims to have stolen sensitive data from Okta

Security Affairs

MARCH 22, 2022

The gang announced the alleged hack through its Telegram channel and shared a series of screenshots as proof of the hack. ” Todd McKinnon, CEO at Okta, confirmed that in late January 2022, the company detected an attempt to compromise the account of a third party customer support engineer working for one of its subprocessors.

Telecommunications

Telecommunications Data breaches VPN Hacking

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

The group also relies on valid accounts and leverage strong operational security, which combined, allows for long-term undiscovered persistence. Wray confirmed that Volt Typhoon’s campaign is still ongoing and breached numerous American companies in telecommunications, energy, water and other critical sectors. In fact, the U.S.

Energy and Utilities

Energy and Utilities Telecommunications Technology VPN

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

In Q1 2023, threat actors linked to Russia’s military intelligence service focused their phishing campaigns on Ukraine, with the country accounting for over 60% of observed Russian targeting. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Phishing

Phishing Education Accountability Telecommunications

Iran-linked Chafer APT group targets governments in Kuwait and Saudi Arabia

Security Affairs

MAY 21, 2020

The APT group targets telecommunication and travel industries in the Middle East to gather intelligence on Iran’s geopolitical interests. Most of the hacking activity occurs on Friday and Saturday, coinciding with the weekend in the Middle East. SecurityAffairs – Chafer APT, hacking). ” continues the report.

Government

Government Social Engineering Telecommunications Hacking

G7 calls on Russia to dismantle operations of ransomware gangs within its borders

Security Affairs

JUNE 14, 2021

We call on all states to urgently identify and disrupt ransomware criminal networks operating from within their borders, and hold those networks accountable for their actions,” reads the statement. SecurityAffairs – hacking, ransomware). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Ransomware

Ransomware Cybercrime Telecommunications Accountability

Hacker Charged With Extorting Online Psychotherapy Service

Krebs on Security

NOVEMBER 3, 2022

In 2013, Kurittu worked on investigation involving Kivimaki’s use of the Zbot botnet, among other activities Kivimaki engaged in as a member of the hacker group Hack the Planet. A Twitter account by that name was verified by Kivimaki’s attorney as his, and through that account he denied being involved in the Vastaamo extortion.

Data breaches

Data breaches Cybercrime Telecommunications Accountability

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. Pierluigi Paganini.

Government

Government Malware Telecommunications Cybercrime

Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 24, 2023

Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5 NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats 38TB of data accidentally exposed by Microsoft AI researchers Clorox Blames Damaging Cyberattack for Product Shortage MGM losing up to $8.4M

Cyber Attacks

Cyber Attacks Firewall Data breaches Telecommunications

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Former telecom manager admits to doing SIM swaps for $1,000

Trending Sources

Another Massive Russian Hack of US Government Networks

AT&T is notifying millions of customers of data breach after a third-party vendor hack

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

230K individuals impacted by a data breach suffered by Telco provider Tangerine

AT&T confirmed that a data breach impacted 73 million customers

China Says U.S. Hacking Huawei Since 2009

AT&T states that the data breach impacted 51 million former and current customers

On Executive Order 12333

Lapsus$ ransomware gang hits Impresa, Portugal’s largest media conglomerate

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

Over 1 Billion Individual Data Leaked Due to Alleged Chinese Police Database Hacking

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Sprint revealed that hackers compromised some customer accounts via Samsung site

Hackers Were Inside Citrix for Five Months

Hackers gained access to T-Mobile customers and employee personal info

Telstra Telecom discloses data breach impacting former and current employees

T-Mobile customers were hit with SIM swapping attacks

Hackers accessed Mint Mobile subscribers’ data and ported some numbers

Hundreds of network operators’ credentials found circulating in Dark Web

T-Mobile data breach has impacted 48.6 million customers

Why & Where You Should You Plant Your Flag

Caketap, a new Unix rootkit used to siphon ATM banking data

China-linked threat actors have breached telcos and network service providers

Raspberry Robin malware used in attacks against Telecom and Governments

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

A flaw in Dahua IP Cameras allows full take over of the devices

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Police dismantled a gang that used phishing sites to steal credit cards

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Microsoft Unsure How Chinese Hackers Stole MSA Key to Breach U.S. Agencies

What to do if your company was mentioned on Darknet?

Security Affairs newsletter Round 412 by Pierluigi Paganini – International edition

Teen Hackers Behind Notorious Lapsus$ Group Convicted in London

Lapsus$ extortion gang claims to have stolen sensitive data from Okta

FBI chief says China is preparing to attack US critical infrastructure

Google TAG warns of Russia-linked APT groups targeting Ukraine

Iran-linked Chafer APT group targets governments in Kuwait and Saudi Arabia

G7 calls on Russia to dismantle operations of ransomware gangs within its borders

Hacker Charged With Extorting Online Psychotherapy Service

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition

Stay Connected