Malwarebytes

DECEMBER 11, 2022

Researchers have uncovered a new campaign by hacking group MuddyWater, aka Static Kitten, in which a legitimate remote access tool is sent to targets from a compromised email account. Its most common method is to send targeted phishing emails with links to malware hosted on legitimate services like Dropbox and Onehub.

Accountability 92

Accountability Hacking Telecommunications Government 92

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe.

Government 52

Government Malware Telecommunications Cybercrime 52

Security Affairs

DECEMBER 6, 2021

Russia-linked Nobelium APT group is using a new custom malware dubbed Ceeloader in attacks against organizations worldwide. NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. Pierluigi Paganini.

Malware 102

Malware VPN Telecommunications Accountability 102

Schneier on Security

SEPTEMBER 28, 2020

The Article pays particular attention to EO 12333’s designation of the National Security Agency as primarily responsible for conducting signals intelligence, which includes the installation of malware, the analysis of internet traffic traversing the telecommunications backbone, the hacking of U.S.-based

Surveillance 307

Surveillance Telecommunications Internet Internet 307

Security Affairs

FEBRUARY 23, 2024

Australian telecommunications provider Tangerine disclosed a data breach that impacted roughly 230,000 individuals. The telecommunications provider pointed out that no financial information (credit or debit card numbers, banking details) has been compromised. Access to the affected legacy database has also been closed.”continues

Data breaches 90

Data breaches Telecommunications Banking Mobile 90

Krebs on Security

SEPTEMBER 1, 2023

is overseen by the National Telecommunications and Information Administration (NTIA), an executive branch agency of the U.S. ” Dean Marks is executive director and legal counsel for a group called the Coalition for Online Accountability , which has been critical of the NTIA’s stewardship of.US. US phishing domains.US

Phishing 240

Phishing Telecommunications Government DNS 240

Security Affairs

MARCH 31, 2021

Russian hackers accessed the email accounts of US Department of Homeland Security (DHS) officials as a result of the SolarWinds hack. Russia-linked hackers were able to access email accounts belonging to US Department of Homeland Security (DHS) officials during the SolarWinds supply chain attack. . ” continues the report.

Accountability 79

Accountability Hacking Telecommunications Government 79

Security Affairs

OCTOBER 22, 2023

North Korea-linked APT groups actively exploit JetBrains TeamCity flaw Multiple APT groups exploited WinRAR flaw CVE-2023-38831 Californian IT company DNA Micro leaks private mobile phone data Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August A flaw in Synology DiskStation Manager allows admin account (..)

Ransomware 104

Ransomware Telecommunications Data breaches Mobile 104

Security Affairs

MARCH 25, 2024

sender account. Proofpoint attributes this campaign to TA450 based on the observation of tactics, techniques, and procedures associated with the cyberespionage group, campaign targeting, and malware employed in the attack. For example, this campaign used an email account of salary[@]<compromisedorg>co[.]il,

Phishing 105

Phishing Social Engineering Telecommunications Accountability 105

Security Boulevard

APRIL 16, 2021

Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. Commerce Department that handles telecommunications and Internet policy. The post Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug.

Telecommunications 59

Telecommunications Antivirus Internet Internet 59

The Last Watchdog

AUGUST 20, 2019

And, increasingly, they come riddled with some of the most invasive types of malware. This is putting consumers and companies in harm’s way through yet another attack vector – one which gives professional hacking collectives another means to compromise online accounts and break into company networks.

Malware 185

Malware Mobile Manufacturing Marketing 185

Krebs on Security

OCTOBER 12, 2020

has executed a coordinated legal sneak attack in a bid to disrupt the malware-as-a-service botnet Trickbot , a global menace that has infected millions of computers and is used to spread ransomware. 27, UHS shut down its computer systems at healthcare facilities across the United States in a bid to stop the spread of the malware.

Healthcare 354

Healthcare Internet Internet Ransomware 354

Security Affairs

DECEMBER 30, 2020

T-Mobile has disclosed a data breach exposing customers’ account’s information. “We are reaching out to let you know about a security incident we recently identified and quickly shut down that may have impacted some of your T-Mobile account information.” ” reads the statement published by the company.

Data breaches 131

Data breaches Mobile Telecommunications Wireless 131

SecureList

DECEMBER 22, 2022

Around the same time, we identified ransomware and wiper malware samples resembling those used in the first wave, though with a few interesting modifications that likely allowed evasion of security controls and better attack speeds. Below, we compare and discuss the differences between the wave 1 and wave 2 ransomware and wiper malware.

Ransomware 106

Ransomware Telecommunications Malware Encryption 106

Malwarebytes

NOVEMBER 6, 2023

The intruder used this to access some of the employee’s accounts, including LinkedIn, as well as their work account. In 2022, Octo Tempest began selling SIM swaps to other criminals and performing account takeovers of high-net-worth individuals in order to steal their cryptocurrency. We also notified federal law enforcement.

Ransomware 106

Ransomware Backups Accountability Social Engineering 106

Security Affairs

JANUARY 2, 2022

The Lapsus$ ransomware group defaced all the sites publishing a ransom note that claims that they had access to Impresa’s Amazon Web Services account. The gang also targeted the South American telecommunication providers Claro and Embratel. Source TheRecord. At this time the websites of the company are in maintenance mode.

Media 139

Media Ransomware Telecommunications Accountability 139

Security Affairs

FEBRUARY 27, 2021

The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks.

Mobile 89

Mobile Telecommunications Data breaches Identity Theft 89

Schneier on Security

JANUARY 24, 2020

Motherboard obtained and published the technical report on the hack of Jeff Bezos's phone, which is being attributed to Saudi Arabia, specifically to Crown Prince Mohammed bin Salman.investigators set up a secure lab to examine the phone and its artifacts and spent two days poring over the device but were unable to find any malware on it.

Hacking 311

Hacking Spyware Backups Encryption 311

Krebs on Security

DECEMBER 14, 2023

The malware used in the Target breach included the text string “ Rescator ,” which also was the handle chosen by the cybercriminal who was selling all of the cards stolen from Target customers. For starters, the text string “Rescator” was found in some of the malware used in the Target breach.

Cybercrime 233

Cybercrime Accountability Advertising Computers and Electronics 233

Malwarebytes

APRIL 14, 2022

Zloader or Zbot are common names used to refer to any malware related to the ZeuS family. Zloader has a Domain Generating Algorithm (DGA) embedded within the malware that creates additional domains as a fallback or backup communication channel for the botnet. Legal action. Domain Generating Algorithm. Disruption.

Backups 126

Backups Telecommunications Banking Internet 126

Security Affairs

MARCH 18, 2022

CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by the group since 2019. The group hacked mobile telephone networks around the globe and used specialized tools to access calling records and text messages from telecommunications companies. ” concludes the report.

Banking 124

Banking Telecommunications System Administration Hacking 124

Malwarebytes

OCTOBER 27, 2023

In a security blog about Octo Tempest Microsoft states: “Octo Tempest monetized their intrusions in 2022 by selling SIM swaps to other criminals and performing account takeovers of high-net-worth individuals to steal their cryptocurrency.” Prevent intrusions. Detect intrusions. Don’t get attacked twice.

Social Engineering 100

Social Engineering Engineering Ransomware Backups 100

SecureList

DECEMBER 12, 2023

To find out, in 2022 we created a list of 700 companies worldwide from different industries: industrial, telecommunication, financial, retail, and others. According to the source of origin, we divide all compromised accounts into three categories: Public leakages that are freely distributed within cybercriminal society.

Data breaches 86

Data breaches Accountability Telecommunications Malware 86

Security Affairs

APRIL 20, 2023

In Q1 2023, threat actors linked to Russia’s military intelligence service focused their phishing campaigns on Ukraine, with the country accounting for over 60% of observed Russian targeting. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Phishing 86

Phishing Education Accountability Telecommunications 86

The Last Watchdog

APRIL 13, 2022

The Russian government, military, and intelligence service may wish to achieve some operational effect, for example, disrupting the power grid or interfering with telecommunications infrastructure, which may be part of a larger war plan. Educate your employees on threats and risks such as phishing and malware. Accounting for humans.

Cybersecurity 214

Cybersecurity Cybercrime Education Passwords 214

Security Affairs

JUNE 29, 2020

According to the experts, the malware was developed by the Russian cybercrime crew known as Evil Corp , which was behind the Dridex Trojan , and multiple ransomware like Locky , Bart, Jaff , and BitPaymer. Most of the victims belong to the manufacturing industry, followed by IT and media and telecommunications sectors.

Ransomware 87

Ransomware Telecommunications Manufacturing Malware 87

Security Affairs

MAY 5, 2024

. “The Federal Government’s national attribution procedure regarding this campaign has concluded that, for a relatively long period, the cyber actor APT28 used a critical vulnerability in Microsoft Outlook that remained unidentified at the time to compromise numerous email accounts.”

Government 105

Government Accountability Cyber Attacks Telecommunications 105

Malwarebytes

JUNE 16, 2022

It involved 76 countries taking social engineers and telecommunications fraudsters to task, with multiple wins for those involved. Multiple national call centres suspected of telecommunications fraud were also raided. If you’re really unlucky, you could be sucked into bogus NFT art projects which eventually offer up some malware.

Scams 71

Scams Telecommunications Media Banking 71

Security Affairs

DECEMBER 7, 2023

Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). The vulnerability is a Microsoft Outlook spoofing vulnerability that can lead to an authentication bypass.

Government 105

Government Telecommunications Accountability Phishing 105

Security Affairs

DECEMBER 6, 2021

The NOBELIUM APT ( APT29 , Cozy Bear , and The Dukes) is the threat actor that conducted supply chain attack against SolarWinds, which involved multiple families of implants, including the SUNBURST backdoor , TEARDROP malware , GoldMax malware , Sibot , and GoldFinder backdoors. ” reads the report published by ANSSI.

Phishing 91

Phishing Telecommunications Government Accountability 91

SecureList

OCTOBER 18, 2021

Our investigation into Lyceum has shown that the group has evolved its arsenal over the years and shifted its usage from the previously documented.NET malware to new versions, written in C++. In 2021, we have been able to identify a new cluster of the group’s activity, focused on two entities in Tunisia.

DNS 99

DNS Telecommunications Malware Accountability 99

SecureWorld News

JUNE 18, 2023

According to a recent report , bots accounted for a staggering 47.4% Gaming (58.7%) and telecommunications (47.7%) had the highest bad bot traffic on their websites and applications. These unsolicited messages often contain malware, phishing links, or other deceptive content, intending to deceive unsuspecting recipients.

Passwords 72

Passwords Antivirus Identity Theft Internet 72

Security Affairs

MARCH 26, 2023

NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sites Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days CISA announced the Pre-Ransomware Notifications initiative China-linked hackers target telecommunication providers in the Middle East City of Toronto is one of the victims hacked by Clop gang using GoAnywhere (..)

Data breaches 76

Data breaches DDOS Backups Ransomware 76

Malwarebytes

MAY 24, 2022

The malware uses a number of advanced tricks to hide what it does and how it works, but our analysts have been able to reverse engineer the malware, reveal its inner workings, and uncover some clues about its possible origins. This email also contains links to fake Instagram and Facebook accounts. Interactive map of Ukraine.

Malware 142

Malware Phishing Government Accountability 142

SecureWorld News

JANUARY 27, 2023

According to the DOJ , the HIVE ransomware network had been operating for several years, using the "ransomware-as-a-service" model to target a wide range of businesses and critical infrastructure sectors, including government facilities, telecommunication companies, manufacturing, information technology, and healthcare and public health.

Ransomware 85

Ransomware Cybercrime Cryptocurrency Telecommunications 85

SecureList

OCTOBER 7, 2022

Using LOLBINS, common legitimate pentesting tools, and fileless malware; misleading security researchers by placing false flags—these and other anti-forensic tricks often make threat attribution a matter of luck. The malware spreads through spear-phishing emails with a malicious Microsoft Office document as attachment.

Malware 143

Malware Computers and Electronics Telecommunications Encryption 143

Security Affairs

FEBRUARY 22, 2022

Once obtained the data, crooks used it to empty their victims’ bank accounts. “Users entered bank card details on phishing sites in order to top up their mobile account or make a transfer. The money mules maintained a percentage of profit for each operation they carried out. 190 (Fraud) of the Criminal Code of Ukraine.

Phishing 81

Phishing Banking Mobile Telecommunications 81