Security Affairs

MARCH 23, 2022

Microsoft has now confirmed that the attackers have compromised the account of one of its employees gaining limited access to source code repositories. Our investigation has found a single account had been compromised, granting limited access. No customer code or data was involved in the observed activities. Pierluigi Paganini.

Accountability 105

Accountability VPN Hacking Social Engineering 105

Digital Shadows

OCTOBER 23, 2024

The attacker gained initial access to two employee accounts by carrying out social engineering attacks on the organization’s help desk twice. Scattered Spider previously targeted telecommunications firms, likely to support its SIM-swapping activities that facilitate account takeovers.

Social Engineering 122

Social Engineering Accountability Engineering Backups 122

Security Affairs

DECEMBER 1, 2024

Soldier Major cybercrime operation nets 1,006 suspects UK hospital network postpones procedures after cyberattack Tether Has Become a Massive Money Laundering Tool for Mexican Drug Traffickers, Feds Say Florida Telecommunications and Information Technology Worker Sentenced for Conspiring to Act as Agent of Chinese Government Rockstar 2FA: A Driving (..)

Cybercrime 74

Cybercrime Firewall Social Engineering Phishing 74

SecureList

OCTOBER 23, 2024

List of in-the-wild 0-days caught and reported by Kaspersky over the past 10 years Social activity What never ceases to impress us is how much effort Lazarus APT puts into their social engineering campaigns. Is that really all this game has to offer?

Engineering 145

Engineering Social Engineering Accountability Cryptocurrency 145

Security Affairs

MARCH 25, 2024

The campaign targeted Israeli employees of large multinational organizations with a pay-related social engineering lure. sender account. “Additionally, this campaign is the first time Proofpoint has observed TA450 using a sender email account that matches the lure content.

Phishing 140

Phishing Social Engineering Telecommunications Accountability 140

Krebs on Security

DECEMBER 29, 2022

Internal Revenue Service website for months: Anyone seeking to create an account to view their tax records online would soon be required to provide biometric data to a private company in Virginia — ID.me. banks are stiffing account takeover victims. A single bitcoin is trading at around $45,000. A report commissioned by Sen.

Cryptocurrency 309

Cryptocurrency Cybercrime Computers and Electronics Scams 309

Security Affairs

MAY 21, 2020

The APT group targets telecommunication and travel industries in the Middle East to gather intelligence on Iran’s geopolitical interests. The Chafer APT group has distributed data stealer malware since at least mid-2014, it was focused on surveillance operations and the tracking of individuals. ” continues the report.

Government 130

Government Social Engineering Hacking Telecommunications 130

Malwarebytes

NOVEMBER 6, 2023

The intruder used this to access some of the employee’s accounts, including LinkedIn, as well as their work account. In 2022, Octo Tempest began selling SIM swaps to other criminals and performing account takeovers of high-net-worth individuals in order to steal their cryptocurrency. We also notified federal law enforcement.

Ransomware 126

Ransomware Backups Accountability Social Engineering 126

Security Affairs

AUGUST 27, 2019

reported that Hexane is targeting organizations in the oil and gas industry and telecommunication providers. Lyceum was observed using password spraying and brute-force attacks to compromise email accounts of targeted individuals. Security experts at Dragos Inc. ” reads the report published by SecureWork.

DNS 107

DNS Penetration Testing Passwords Social Engineering 107

Security Affairs

APRIL 23, 2022

Telecommunication giant T-Mobile confirmed the LAPSUS$ extortion group gained access to its networks in March. In most cases, this involved social engineering employees at the targeted firm into adding one of their computers or mobiles to the list of devices allowed to authenticate with the company’s virtual private network (VPN).”

Mobile 103

Mobile VPN Social Engineering Telecommunications 103

Malwarebytes

JUNE 16, 2022

It involved 76 countries taking social engineers and telecommunications fraudsters to task, with multiple wins for those involved. Multiple national call centres suspected of telecommunications fraud were also raided. A large-scale Interpol operation has resulted in arrested and ill-gotten gains seizures galore.

Scams 85

Scams Telecommunications Banking Media 85

IT Security Guru

DECEMBER 1, 2022

Speaking of training and taking into account humans’ perceptions, cybersecurity awareness training is by far the best place to start. Ultimately, our cyber secure future is a matter of personal accountability and proper human risk management. The importance of cybersecurity awareness training. He is also a writer for Bora.

Cyber threats 128

Cyber threats Cybersecurity Risk Education 128

SecureWorld News

AUGUST 28, 2023

Their techniques included SIM swapping, prompt bombing attacks, and social engineering, which allowed them to infiltrate well-defended organizations. The group's activities extended from 2021 to 2022 and involved individuals from both the U.K. and Brazil.

Cybercrime 98

Cybercrime Social Engineering Telecommunications Hacking 98

Digital Shadows

OCTOBER 23, 2024

The attacker gained initial access to two employee accounts by carrying out social engineering attacks on the organization’s help desk twice. Scattered Spider previously targeted telecommunications firms, likely to support its SIM-swapping activities that facilitate account takeovers.

Social Engineering 52

Social Engineering Accountability Engineering Backups 52

Malwarebytes

APRIL 1, 2022

When LAPSUS first grabbed the attention of the cybersecurity community, they had already compromised companies like Impresa, the largest media conglomerate in Brazil; Claro, one of Brazil’s telecommunications operators; and Brazil’s Ministry of Health. Notably, their use of Spanish and Portuguese was akin to native speakers.

Hacking 110

Hacking Social Engineering Telecommunications Ransomware 110

Security Boulevard

JUNE 26, 2023

Unfortunately, the increasing reliance on digital systems and capabilities has also attracted an ever-growing number of malicious actors seeking to defraud businesses through phishing , social engineering , or ransomware attacks. A lack of security features to upgrade or downgrade a user may result in mismanagement of user accounts.

Data breaches 52

Data breaches Healthcare Telecommunications Financial Services 52

Security Boulevard

JANUARY 24, 2023

However, while T-Mobile has provided some information related to this API breach, including specific account data, they have provided no technical details. The recent API breach at Australian telecommunications provider Optus (who has set aside $140 million to cover costs from the incident) falls under this category.

Mobile 59

Mobile Social Engineering Engineering Government 59

SecureList

NOVEMBER 14, 2023

Using a malicious script, the attackers redirected their targets’ incoming email to an email address controlled by the attackers, gathering data from the compromised accounts. It determined that the injection point was situated within the connection between two Egyptian telecommunication providers. Drone hacking!

Hacking 141

Hacking Energy and Utilities Malware Media 141

Pen Test Partners

MAY 26, 2025

Our analysis proved theyd been socially engineered using deepfake voice calls and spoofed emails, exonerating the staff member and aiding in Interpols ongoing investigation. The Forgotten Laptop HR Leak An ex-employees account was left active for five months after termination. PTP were flown in and worked over 3 weeks straight.

Banking 64

Banking VPN Ransomware Scams 64

Spinone

DECEMBER 26, 2018

Social engineering attacks , including phishing, spam, and viruses introduced via clickable links within e-mail affected 80% of the banking institutions in 2016. In the event of the Ransomware assault, the G Suite administrator will receive a notification about the incident either via e-mail or by Slack.

Security Awareness 40

Security Awareness Risk Cyber threats Cyber Risk 40

Digital Shadows

NOVEMBER 1, 2022

Influence operations (IO) have also been utilized as a weapon during the conflict, by targeting Russian telecommunications providers, utilities, and private companies. In October 2022, the IT Army of Ukraine were reported as having targeted Russian company FTNET stealing 240GB of data and posting it online.

Cyber threats 52

Cyber threats Ransomware Data breaches Media 52

Krebs on Security

FEBRUARY 28, 2023

This means that stealing someone’s phone number often can let cybercriminals hijack the target’s entire digital life in short order — including access to any financial, email and social media accounts tied to that phone number. One of the groups that reliably posted “Tmo up!

Mobile 340

Mobile Phishing Authentication Advertising 340

Security Affairs

NOVEMBER 25, 2020

Group-IB’s report Hi-Tech Crime Trends 2020/2021 examines various aspects of cybercrime industry operations and predicts changes to the threat landscape for various sectors, namely the financial industry, telecommunications, retail, manufacturing, and the energy sector. Threat actors have also set a new record in DDoS attack power: 2.3

Banking 144

Banking Ransomware Phishing Manufacturing 144

SecureList

JANUARY 29, 2025

Therefore, many countries are looking for their way into the new technological order, investing in promising research and development in a variety of areas: AI and machine learning, quantum computing, optical electronics, new materials, energy sources and types of engines, satellites and telecommunications, genetics, biotechnology and medicine.

Technology 94

Technology Computers and Electronics Energy and Utilities Risk 94