Accountability, Information Security, Telecommunications and VPN

Accountability

Information Security

Telecommunications

VPN

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. The Russia-linked APT group Sandworm (UAC-0165) has compromised eleven telecommunication service providers in Ukraine between May and September 2023, reported the Ukraine’s Computer Emergency Response Team (CERT-UA).

Telecommunications

Telecommunications Authentication Data collection Passwords

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. The experts published the Yara rule for the detection of similar KrustyLoader samples. KrustyLoader – as I dubbed it – performs specific checks in order to run only if conditions are met.”

VPN

VPN Malware Authentication Small Business

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. Through forensic analysis of the memory sample, Volexity was able to recreate two proof-of-concept exploits that allowed full unauthenticated command execution on the ICS VPN appliance.

VPN

VPN Authentication Small Business Telecommunications

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers.

Telecommunications

Telecommunications Authentication Passwords Accountability

T-Mobile confirms Lapsus$ had access its systems

Security Affairs

APRIL 23, 2022

Telecommunication giant T-Mobile confirmed the LAPSUS$ extortion group gained access to its networks in March. In most cases, this involved social engineering employees at the targeted firm into adding one of their computers or mobiles to the list of devices allowed to authenticate with the company’s virtual private network (VPN).”

Mobile

Mobile VPN Social Engineering Telecommunications

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

The Chinese APT is known to be focused on telecommunications companies operating across Asia, Europe and Africa. Alloy Taurus is known for leveraging the SoftEther VPN service to facilitate access and maintain persistence to their targeted network.

Malware

Malware Telecommunications Government VPN

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In December 2023, Microsoft first noticed that to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware. The group also relies on customized versions of open-source tools for C2 communications and to stay under the radar.

Energy and Utilities

Energy and Utilities Telecommunications Technology VPN

What to do if your company was mentioned on Darknet?

SecureList

DECEMBER 12, 2023

To find out, in 2022 we created a list of 700 companies worldwide from different industries: industrial, telecommunication, financial, retail, and others. According to the source of origin, we divide all compromised accounts into three categories: Public leakages that are freely distributed within cybercriminal society.

Data breaches

Data breaches Accountability Telecommunications Malware

The Best Ways to Secure Communication Channels in The Enterprise Environment

CyberSecurity Insiders

DECEMBER 12, 2021

The upcoming updates on SharePass will also allow you to send account credentials, QR codes, JSON structured data and other types of information. ProtonMail comes with PGP fully integrated, thus allowing you to send sensitive information securely without any extra effort. Using a VPN gives you lots of benefits.

VPN

VPN Passwords Encryption Mobile

Lapsus$ extortion gang claims to have stolen sensitive data from Okta

Security Affairs

MARCH 22, 2022

. “We will provide updates as more information becomes available.” ” Todd McKinnon, CEO at Okta, confirmed that in late January 2022, the company detected an attempt to compromise the account of a third party customer support engineer working for one of its subprocessors.

Telecommunications

Telecommunications Data breaches VPN Hacking

It’s official, Lapsus$ gang compromised a Microsoft employee’s account

Security Affairs

MARCH 23, 2022

Microsoft has now confirmed that the attackers have compromised the account of one of its employees gaining limited access to source code repositories. Our investigation has found a single account had been compromised, granting limited access. No customer code or data was involved in the observed activities.

Accountability

Accountability VPN Social Engineering Hacking

Nobelium continues to target organizations worldwide with custom malware

Security Affairs

DECEMBER 6, 2021

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. The Nobelium cyberspies is using a new custom downloader tracked by the researchers as CEELOADER.

Malware

Malware VPN Telecommunications Accountability

Ransomware world in 2021: who, how and why

SecureList

MAY 12, 2021

Botmasters and account resellers are tasked with providing initial access inside the victim’s network. Hackers who are on the lookout for publicly disclosed vulnerabilities (1-days) in internet facing software, such as VPN appliances or email gateways. Access sellers.

Ransomware

Ransomware Encryption Malware Cybercrime

Group-IB Hi-Tech Crime Trends 2020/2021 report

Security Affairs

NOVEMBER 25, 2020

Group-IB’s report Hi-Tech Crime Trends 2020/2021 examines various aspects of cybercrime industry operations and predicts changes to the threat landscape for various sectors, namely the financial industry, telecommunications, retail, manufacturing, and the energy sector. downloaders), and new types of botnets (brute-force botnets).

Banking

Banking Ransomware Phishing Marketing

Cyber Security Informer

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Webinars

Trending Sources

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Webinars

China-linked threat actors have breached telcos and network service providers

T-Mobile confirms Lapsus$ had access its systems

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

FBI chief says China is preparing to attack US critical infrastructure

What to do if your company was mentioned on Darknet?

The Best Ways to Secure Communication Channels in The Enterprise Environment

Lapsus$ extortion gang claims to have stolen sensitive data from Okta

It’s official, Lapsus$ gang compromised a Microsoft employee’s account

Nobelium continues to target organizations worldwide with custom malware

Ransomware world in 2021: who, how and why

Group-IB Hi-Tech Crime Trends 2020/2021 report

Stay Connected