Accountability, Surveillance and Telecommunications

On Executive Order 12333

Schneier on Security

SEPTEMBER 28, 2020

Although electronic surveillance programs authorized by EO 12333 generally target foreign intelligence from foreign targets, its permissive targeting standards allow for the substantial collection of Americans’ communications containing little to no foreign intelligence value.

Surveillance

Surveillance Telecommunications Internet Internet

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Security Affairs

JUNE 24, 2022

Researchers from Google’s Threat Analysis Group (TAG) revealed that the Italian surveillance firm RCS Labs was helped by some Internet service providers (ISPs) in Italy and Kazakhstan to infect Android and iOS users with their spyware. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Surveillance

Surveillance Mobile Spyware Telecommunications

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Security Affairs

JANUARY 7, 2024

The group targets government entities, Kurdish (political) groups like PKK, telecommunication, ISPs, IT-service providers (including security companies), NGO, and Media & Entertainment sectors; Over the years, the group enhanced its evasion capabilities. Enable 2FA on all externally exposed accounts.

Media

Media Accountability Telecommunications Government

A flaw in Dahua IP Cameras allows full take over of the devices

Security Affairs

JULY 31, 2022

. “We’re publishing the details of a new vulnerability (tracked under CVE-2022-30563) affecting the implementation of the Open Network Video Interface Forum (ONVIF) WS-UsernameToken authentication mechanism in some IP cameras developed by Dahua, a very popular manufacturer of IP-based surveillance solutions.”

Surveillance

Surveillance Authentication Telecommunications Manufacturing

ProtonMail denies that it spies on users for government agencies

Security Affairs

JUNE 2, 2019

The popular privacy-focused email service ProtonMail has been accused of offering voluntarily real-time surveillance assistance to law enforcement. The popular privacy-focused email service ProtonMail made the headlines because it has been accused of supporting real-time surveillance carried out by law enforcement. Pierluigi Paganini.

Government

Government Surveillance Telecommunications Advertising

China Says U.S. Hacking Huawei Since 2009

SecureWorld News

SEPTEMBER 28, 2023

These allegations, which were made via China's official WeChat account , claim that the Tailored Access Operations (TAO) unit of the NSA conducted cyberattacks in 2009 and maintained continuous surveillance on Huawei's servers. At the forefront of this rivalry stands Huawei, a prominent Chinese telecommunications company.

Hacking

Hacking Artificial Intelligence Telecommunications Cyber Attacks

Iran-linked Chafer APT group targets governments in Kuwait and Saudi Arabia

Security Affairs

MAY 21, 2020

The Chafer APT group has distributed data stealer malware since at least mid-2014, it was focused on surveillance operations and the tracking of individuals. The APT group targets telecommunication and travel industries in the Middle East to gather intelligence on Iran’s geopolitical interests.

Government

Government Social Engineering Telecommunications Hacking

Security Affairs newsletter Round 412 by Pierluigi Paganini – International edition

Security Affairs

MARCH 26, 2023

NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sites Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days CISA announced the Pre-Ransomware Notifications initiative China-linked hackers target telecommunication providers in the Middle East City of Toronto is one of the victims hacked by Clop gang using GoAnywhere (..)

Data breaches

Data breaches DDOS Backups Ransomware

Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 24, 2023

0-days exploited by commercial surveillance vendor in Egypt PREDATOR IN THE WIRES OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes Cybersecurity Apple and Google Are Introducing New Ways to Defeat Cell Site Simulators, But Is it Enough?

Cyber Attacks

Cyber Attacks Firewall Data breaches Telecommunications

The War in Technology: A Digital Iron Curtain Goes Up

SecureWorld News

MARCH 10, 2022

We know that war has impacts on telecommunications, but what we've seen in Ukraine is on a different level.". And it might have been prepared for this moment, years ago, as a surveillance tool. It's easy to put surveillance on telecoms if you have a foothold," Kubecka said. Advancing Russian troops need it to communicate.

Technology

Technology Internet Internet Telecommunications

Information risk and security for professional services

Notice Bored

APRIL 20, 2022

Professional services are information-centric: information is the work product , the purpose, the key deliverable. Through assignments, jobs, projects or tasks, professional services clients and providers exchange, generate and utilize information.

Risk

Risk Energy and Utilities Computers and Electronics Telecommunications

Metro Bank is the first bank that disclosed SS7 attacks against its customers

Security Affairs

FEBRUARY 4, 2019

. “This activity was typically only within reach of intelligence agencies or surveillance contractors, but now Motherboard has confirmed that this capability is much more widely available in the hands of financially-driven cybercriminal groups, who are using it to empty bank accounts. ” said the Bank spokesman.

Banking

Banking Telecommunications Authentication Advertising

Episode 167: Made in America? Trade Tensions highlight Supply Chain Risk

The Security Ledger

NOVEMBER 11, 2019

» Related Stories From China with Love: New York Firm sold millions in PRC Surveillance Gear to US Government, Military Episode 165: Oh, Canada! We're joined by Terry Dunlap the co-founder of ReFirm Labs to talk about why software supply chain risks. Read the whole entry. » Terry Dunlap is the co-founder of ReFirm Labs.

Risk

Risk Surveillance Firmware Technology

Metro Bank is the first bank that disclosed SS7 attacks against its customers

Security Affairs

FEBRUARY 4, 2019

. “This activity was typically only within reach of intelligence agencies or surveillance contractors, but now Motherboard has confirmed that this capability is much more widely available in the hands of financially-driven cybercriminal groups, who are using it to empty bank accounts. ” said the Bank spokesman.

Banking

Banking Telecommunications Authentication Advertising

Unknown APT group has targeted Russia repeatedly since Ukraine invasion

Malwarebytes

MAY 24, 2022

The campaigns, discovered by the Malwarebytes Threat Intelligence team , are designed to implant a Remote Access Trojan (RAT) that can be used to surveil the computers it infects, and run commands on them remotely. This email also contains links to fake Instagram and Facebook accounts. The rostec.digital facebook account.

Malware

Malware Phishing Government Accountability

Third-Party Software Security Scanning

Cisco Security

MARCH 1, 2021

As the use of third-party software has become ubiquitous across product development and industry, there has been growing interest in more accurate visibility and accounting of the use of open source and commercial components. Key Components of the Corona Service.

Software

Software Risk Telecommunications Surveillance

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

FEBRUARY 18, 2019

mail.cyta.com.cy: Cyta telecommunications and Internet provider, Cyprus. 14 by KrebsOnSecurity, Netnod CEO Lars Michael Jogbäck confirmed that parts of Netnod’s DNS infrastructure were hijacked in late December 2018 and early January 2019 after the attackers gained access to accounts at Netnod’s domain name registrar.

DNS

DNS Internet Internet Government

Best Facial Recognition Software for Enterprises In 2022

eSecurity Planet

FEBRUARY 11, 2022

With nothing more than an employee’s face needed to gain access, accounts can be set up and access levels changed relatively easily, without the hassle or insecurity of improperly saved passwords. It focuses on emotion, behavior, age, voice, and gender recognition to provide surveillance and security solutions.

Software

Software Technology Authentication Artificial Intelligence

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

The most common objective of such attacks is cyberespionage and disruption of major telecommunications companies’ work. The telecommunications sector: Are providers ready for 5G? If they manage to compromise a telecommunications company, they can then also compromise its customers for surveillance or sabotage purposes.

Banking

Banking Telecommunications Marketing Internet

Iran announced to have foiled a second cyber-attack in a week

Security Affairs

DECEMBER 15, 2019

Iran telecommunications minister announced that for the second time in a week Iran has foiled a cyber attack against its infrastructure. Iran has foiled a new cyber-attack, the country’s telecommunications minister Mohammad Javad Azari- Jahromi says. ” reported the BBC.

Cyber Attacks

Cyber Attacks Telecommunications Government Advertising

Security Affairs newsletter Round 238

Security Affairs

NOVEMBER 3, 2019

Network Solutions data breach – hacker accessed data of more 22 Million accounts. WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies. China-linked APT41 group targets telecommunications companies with new backdoor. Thousands of Xiaomi FURRYTAIL pet feeders exposed to hack.

Data breaches

Data breaches Cyber Attacks Telecommunications Advertising

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

Using a malicious script, the attackers redirected their targets’ incoming email to an email address controlled by the attackers, gathering data from the compromised accounts. It determined that the injection point was situated within the connection between two Egyptian telecommunication providers. Drone hacking!

Hacking

Hacking Energy and Utilities Media Malware

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Though Paladin has a smaller portfolio relative to other top contenders with 75 companies, the company has a substantial stack of strategic investments in technology, telecommunications, and more. VCs are ultimately accountable to the wishes of their GPs and LPs and not afraid to make decisions to their benefit. Sequoia Investments.

Cybersecurity

Cybersecurity Technology Marketing Healthcare

The future of cyberconflicts

SecureList

DECEMBER 18, 2020

While the newer actors are filling the skills gap quickly, the most advanced parties are scaling to obtain global surveillance capabilities through technological supremacy. A list of verticals that should be protected from foreign investments was introduced in French law: energy, water distribution, transportation, health, telecommunications.

Government

Government Technology Malware Software

Cyber Security Informer

On Executive Order 12333

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Trending Sources

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

A flaw in Dahua IP Cameras allows full take over of the devices

ProtonMail denies that it spies on users for government agencies

China Says U.S. Hacking Huawei Since 2009

Iran-linked Chafer APT group targets governments in Kuwait and Saudi Arabia

Security Affairs newsletter Round 412 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition

The War in Technology: A Digital Iron Curtain Goes Up

Information risk and security for professional services

Metro Bank is the first bank that disclosed SS7 attacks against its customers

Episode 167: Made in America? Trade Tensions highlight Supply Chain Risk

Metro Bank is the first bank that disclosed SS7 attacks against its customers

Unknown APT group has targeted Russia repeatedly since Ukraine invasion

Third-Party Software Security Scanning

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Best Facial Recognition Software for Enterprises In 2022

Group-IB presents its annual report on global threats to stability in cyberspace

Iran announced to have foiled a second cyber-attack in a week

Security Affairs newsletter Round 238

Advanced threat predictions for 2024

Top VC Firms in Cybersecurity of 2022

The future of cyberconflicts

Stay Connected