Krebs on Security

FEBRUARY 19, 2020

The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee accounts for weak passwords. It is perhaps best known for selling virtual private networking (VPN) software that lets users remotely access networks and computers over an encrypted connection.

VPN 363

VPN Passwords Software Telecommunications 363

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. The Russia-linked APT group Sandworm (UAC-0165) has compromised eleven telecommunication service providers in Ukraine between May and September 2023, reported the Ukraine’s Computer Emergency Response Team (CERT-UA).

Telecommunications 137

Telecommunications Authentication Data collection Passwords 137

Krebs on Security

AUGUST 19, 2020

But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. The employee phishing page bofaticket[.]com. Image: urlscan.io. ” SPEAR VISHING.

Phishing 364

Phishing VPN Social Engineering Media 364

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. Through forensic analysis of the memory sample, Volexity was able to recreate two proof-of-concept exploits that allowed full unauthenticated command execution on the ICS VPN appliance.

VPN 133

VPN Authentication Small Business Telecommunications 133

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. “Rust payloads detected by Volexity team turn out to be pretty interesting Sliver downloaders as they were executed on Ivanti Connect Secure VPN after the exploitation of CVE-2024-21887 and CVE-2023-46805.

VPN 133

VPN Malware Authentication Small Business 133

Security Affairs

MARCH 23, 2022

Microsoft has now confirmed that the attackers have compromised the account of one of its employees gaining limited access to source code repositories. Our investigation has found a single account had been compromised, granting limited access. No customer code or data was involved in the observed activities.

Accountability 106

Accountability VPN Hacking Social Engineering 106

Security Affairs

DECEMBER 6, 2021

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. The Nobelium cyberspies is using a new custom downloader tracked by the researchers as CEELOADER.

Malware 137

Malware VPN Telecommunications Accountability 137

Security Affairs

JUNE 8, 2022

China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers.

Telecommunications 101

Telecommunications Authentication Passwords Accountability 101

Security Affairs

APRIL 23, 2022

Telecommunication giant T-Mobile confirmed the LAPSUS$ extortion group gained access to its networks in March. In most cases, this involved social engineering employees at the targeted firm into adding one of their computers or mobiles to the list of devices allowed to authenticate with the company’s virtual private network (VPN).”

Mobile 104

Mobile VPN Social Engineering Telecommunications 104

Krebs on Security

FEBRUARY 18, 2019

webmail.finance.gov.lb), which allowed them to decrypt the intercepted email and VPN credentials and view them in plain text. adpvpn.adpolice.gov.ae: VPN service for the Abu Dhabi Police. mail.cyta.com.cy: Cyta telecommunications and Internet provider, Cyprus. Review accounts with registrars and other providers.

DNS 279

DNS Internet Internet Government 279

Digital Shadows

OCTOBER 23, 2024

The attacker gained initial access to two employee accounts by carrying out social engineering attacks on the organization’s help desk twice. Scattered Spider previously targeted telecommunications firms, likely to support its SIM-swapping activities that facilitate account takeovers.

Social Engineering 122

Social Engineering Accountability Engineering Backups 122

Security Affairs

MARCH 22, 2022

” Todd McKinnon, CEO at Okta, confirmed that in late January 2022, the company detected an attempt to compromise the account of a third party customer support engineer working for one of its subprocessors. Their scope of interests includes – major telecommunications companies such as Claro, Telefonica and AT&T.

Telecommunications 98

Telecommunications Data breaches Hacking VPN 98

SecureList

DECEMBER 12, 2023

To find out, in 2022 we created a list of 700 companies worldwide from different industries: industrial, telecommunication, financial, retail, and others. According to the source of origin, we divide all compromised accounts into three categories: Public leakages that are freely distributed within cybercriminal society.

Data breaches 123

Data breaches Accountability Telecommunications Malware 123

CyberSecurity Insiders

DECEMBER 12, 2021

The upcoming updates on SharePass will also allow you to send account credentials, QR codes, JSON structured data and other types of information. VPNs or Virtual Private Networks give you a secure platform where you can get a secure tunnel to send and receive information. Using a VPN gives you lots of benefits.

VPN 107

VPN Passwords Encryption Telecommunications 107

Security Affairs

APRIL 26, 2023

The Chinese APT is known to be focused on telecommunications companies operating across Asia, Europe and Africa. Alloy Taurus is known for leveraging the SoftEther VPN service to facilitate access and maintain persistence to their targeted network.

Malware 98

Malware Telecommunications Government VPN 98

SecureWorld News

MARCH 10, 2022

We know that war has impacts on telecommunications, but what we've seen in Ukraine is on a different level.". These documents outlined a series of measures the Kremlin wants state-owned websites and online portals to implement by the end of this week in order to "coordinate actions to defend telecommunication services on the internet.".

Technology 98

Technology Internet Internet Telecommunications 98

Security Affairs

APRIL 19, 2024

In December 2023, Microsoft first noticed that to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware. The group also relies on customized versions of open-source tools for C2 communications and to stay under the radar.

Energy and Utilities 137

Energy and Utilities Telecommunications Technology Government 137

eSecurity Planet

AUGUST 22, 2023

History of MSSPs As internet service providers (ISPs) and telecommunications companies (telecoms) began offering commercial access to the internet in the late 1990s, they began to also offer firewall appliances and associated managed services. Outsourcing U.S. companies may trust U.S.

Telecommunications 97

Telecommunications Firewall Penetration Testing Cybersecurity 97

eSecurity Planet

FEBRUARY 9, 2022

According to Jay McBain, an analyst at Forrester Research, spending on IT and telecommunications will be worth about $7 trillion by 2030. Malwarebytes endpoint security includes a dashboard that lets partners centrally manage customer accounts and access policies and request support when needed. Competition is fierce.

Backups 139

Backups Firewall DDOS Antivirus 139

Pen Test Partners

MAY 26, 2025

Azerbijans Arabian Ghost The annual climate change conference that nearly didnt happen The hacker group “Arabian Ghost” claimed responsibility for cyberattacks targeting several Azerbaijani government websites and telecommunication sites (Critical National Infrastructure). PTP were flown in and worked over 3 weeks straight.

Banking 64

Banking VPN Ransomware Scams 64

Digital Shadows

OCTOBER 23, 2024

The attacker gained initial access to two employee accounts by carrying out social engineering attacks on the organization’s help desk twice. Scattered Spider previously targeted telecommunications firms, likely to support its SIM-swapping activities that facilitate account takeovers.

Social Engineering 52

Social Engineering Accountability Engineering Backups 52

SecureList

MARCH 30, 2021

The actor leveraged vulnerabilities in Pulse Connect Secure in order to hijack VPN sessions, or took advantage of system credentials that were stolen in previous operations. Log of the hijacking VPN session from DESKTOP-A41UVJV. Uses vulnerabilities in Pulse Connect Secure to hijack a VPN session. Valid Accounts.

Malware 145

Malware Encryption VPN Telecommunications 145

eSecurity Planet

DECEMBER 7, 2023

AES encryption can be commonly found in communication protocols, virtual private network (VPN) encryption, full-disk encryption, and Wi-Fi transmission protocols. For example, The Health Insurance Portability and Accountability Act (HIPAA) requires security features such as encryption to protect patients’ health information.

Encryption 112

Encryption Passwords IoT Firewall 112

SecureList

MAY 12, 2021

Botmasters and account resellers are tasked with providing initial access inside the victim’s network. Hackers who are on the lookout for publicly disclosed vulnerabilities (1-days) in internet facing software, such as VPN appliances or email gateways. Access sellers.

Ransomware 145

Ransomware Encryption Malware Cybercrime 145

Security Boulevard

APRIL 22, 2025

In this years DBIR, vulnerabilities in Virtual Private Networks (VPNs) and edge devices were particular areas of concern, accounting for 22% of the CVE-related breaches in this years report, almost eight times the amount of 3% found in the 2024 report. CVE-2023-36846 Juniper Networks Junos OS Missing Authentication Vulnerability 5.3

Energy and Utilities 58

Energy and Utilities Authentication Data breaches VPN 58

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Perimeter81 VPN and zero trust 2020 Private Wiz Cloud security 2020 Private OneTrust Privacy management 2019 Private Darktrace AI network security 2017 Private Recorded Future Threat intelligence 2017 Acquired: Insight Thycotic Access management 2015 Private Checkmarx Application security 2015 Acquired: P.E.

Cybersecurity 128

Cybersecurity Technology Marketing Healthcare 128

Security Affairs

NOVEMBER 25, 2020

Group-IB’s report Hi-Tech Crime Trends 2020/2021 examines various aspects of cybercrime industry operations and predicts changes to the threat landscape for various sectors, namely the financial industry, telecommunications, retail, manufacturing, and the energy sector. downloaders), and new types of botnets (brute-force botnets).

Banking 144

Banking Ransomware Phishing Manufacturing 144

SecureWorld News

SEPTEMBER 30, 2022

Check Point has also observed the sharing of open VPN servers for the purpose of bypassing censorship, as Iran has limited the use of internet and social media. Check Point Research reports that key activities include leaking and selling government officials' phone numbers and emails, as well as maps of "sensitive locations.".

Government 98

Government Telecommunications Encryption Internet 98

Security Boulevard

MARCH 15, 2022

It was the Expresso Twitter account that the hackers used to bait the organization to demonstrate their control over the company's IT infrastructure. Other targets include Brazil’s Ministry of Health (MoH) and Brazilian telecommunications operator Claro. Impresa owns the country's largest TV channel and newspaper, SIC and Expresso.

Ransomware 127

Ransomware Telecommunications Firmware Media 127

SecureList

DECEMBER 14, 2022

For instance, according to the New York Times, in 2003, the United States made plans for a huge cyberattack to freeze billions of dollars in Saddam Hussein’s bank accounts and cripple his government before the invasion of Iraq. However, the plan was not approved because the government feared collateral damage.

DDOS 145

DDOS Ransomware Government Energy and Utilities 145

SecureList

MAY 10, 2021

To prevent attacks via RDP, it is recommended to hide RDP servers behind a VPN or disable UDP port 3389. That said, a VPN is no panacea if it too is vulnerable to amplification attacks. In Q1 2021, for instance, attackers went after Powerhouse VPN servers. Linux botnets continued to account for almost all DDoS traffic (99.90%).

DDOS 138

DDOS Cryptocurrency Media Marketing 138