Accountability, Internet, Telecommunications and VPN

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. The Russia-linked APT group Sandworm (UAC-0165) has compromised eleven telecommunication service providers in Ukraine between May and September 2023, reported the Ukraine’s Computer Emergency Response Team (CERT-UA).

Telecommunications

Telecommunications Authentication Data collection Passwords

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. The employee phishing page bofaticket[.]com. Image: urlscan.io. ” SPEAR VISHING.

Phishing

Phishing VPN Social Engineering Media

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers.

Telecommunications

Telecommunications Authentication Passwords Accountability

The War in Technology: A Digital Iron Curtain Goes Up

SecureWorld News

MARCH 10, 2022

Many threats that have until now been theoretical—like creation of a "Ru-net" as an alternative to the Internet—are becoming a reality. Cutting off Internet access to a country the size of Texas is not as simple as cutting a few cables or bombing a few cell towers. There are many tech angles to the war in Ukraine.

Technology

Technology Internet Internet Telecommunications

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

The Chinese APT is known to be focused on telecommunications companies operating across Asia, Europe and Africa. PingPull, was first spotted by Unit 42 in June 2022, the researchers defined the RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications.

Malware

Malware Telecommunications Government VPN

The Best Ways to Secure Communication Channels in The Enterprise Environment

CyberSecurity Insiders

DECEMBER 12, 2021

The upcoming updates on SharePass will also allow you to send account credentials, QR codes, JSON structured data and other types of information. There are several services on the internet that allow you to send emails that are encrypted with a password. Using a VPN gives you lots of benefits. This server is run by the VPN host.

VPN

VPN Passwords Encryption Mobile

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

FEBRUARY 18, 2019

This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers. federal civilian agencies to secure the login credentials for their Internet domain records. That changed on Jan.

DNS

DNS Internet Internet Government

Hacktivists Use Telegram, Signal, Dark Web to Assist Protestors in Iran

SecureWorld News

SEPTEMBER 30, 2022

Check Point has also observed the sharing of open VPN servers for the purpose of bypassing censorship, as Iran has limited the use of internet and social media. Check Point Research reports that key activities include leaking and selling government officials' phone numbers and emails, as well as maps of "sensitive locations.".

Government

Government Telecommunications Encryption Internet

What is a Managed Security Service Provider? MSSPs Explained

eSecurity Planet

AUGUST 22, 2023

Expanding attack surfaces require additional skills to secure, maintain, and monitor an ever-expanding environment of assets such as mobile, cloud, and the internet of things (IoT). Telecommunications MSSPs such as Verizon satisfy these needs and provide the financial security of a large corporate partner for equally large customers.

Telecommunications

Telecommunications Firewall Penetration Testing Cybersecurity

It’s official, Lapsus$ gang compromised a Microsoft employee’s account

Security Affairs

MARCH 23, 2022

Microsoft has now confirmed that the attackers have compromised the account of one of its employees gaining limited access to source code repositories. Our investigation has found a single account had been compromised, granting limited access. No customer code or data was involved in the observed activities.

Accountability

Accountability VPN Social Engineering Hacking

Reassessing cyberwarfare. Lessons learned in 2022

SecureList

DECEMBER 14, 2022

For instance, according to the New York Times, in 2003, the United States made plans for a huge cyberattack to freeze billions of dollars in Saddam Hussein’s bank accounts and cripple his government before the invasion of Iraq. However, the plan was not approved because the government feared collateral damage.

DDOS

DDOS Ransomware Government Energy and Utilities

What Is Encryption? Definition, How it Works, & Examples

eSecurity Planet

DECEMBER 7, 2023

AES encryption can be commonly found in communication protocols, virtual private network (VPN) encryption, full-disk encryption, and Wi-Fi transmission protocols. ECC is used for email encryption, cryptocurrency digital signatures, and internet communication protocols.

Encryption

Encryption Passwords IoT Firewall

DDoS attacks in Q1 2021

SecureList

MAY 10, 2021

To prevent attacks via RDP, it is recommended to hide RDP servers behind a VPN or disable UDP port 3389. That said, a VPN is no panacea if it too is vulnerable to amplification attacks. In Q1 2021, for instance, attackers went after Powerhouse VPN servers. Linux botnets continued to account for almost all DDoS traffic (99.90%).

DDOS

DDOS Cryptocurrency Media Marketing

Ransomware world in 2021: who, how and why

SecureList

MAY 12, 2021

Botmasters and account resellers are tasked with providing initial access inside the victim’s network. They interact with each other through internet handles, paying for services with cryptocurrency. A more detailed account of the technical capabilities of REvil is available in our private and public reports.

Ransomware

Ransomware Encryption Malware Cybercrime

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Abnormal Security Cloud email security 2019 Private Sqreen Application security 2019 Acquired: Datadog Demisto SOAR 2018 Acquired by PAN Skyhigh Cloud security 2012 Acquired: McAfee OpenDNS Internet security 2009 Acquired: Cisco Palo Alto Networks Cloud and network security 2006 NYSE: PANW. Insight Partners.

Cybersecurity

Cybersecurity Technology Marketing Healthcare

Cyber Security Informer

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Voice Phishers Targeting Corporate VPNs

Trending Sources

China-linked threat actors have breached telcos and network service providers

The War in Technology: A Digital Iron Curtain Goes Up

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

The Best Ways to Secure Communication Channels in The Enterprise Environment

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Hacktivists Use Telegram, Signal, Dark Web to Assist Protestors in Iran

What is a Managed Security Service Provider? MSSPs Explained

It’s official, Lapsus$ gang compromised a Microsoft employee’s account

Reassessing cyberwarfare. Lessons learned in 2022

What Is Encryption? Definition, How it Works, & Examples

DDoS attacks in Q1 2021

Ransomware world in 2021: who, how and why

Top VC Firms in Cybersecurity of 2022

Stay Connected