DNS, Hacking, Information Security and Telecommunications

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Security Affairs

JUNE 11, 2022

Iran-linked Lyceum APT group uses a new.NET-based DNS backdoor to target organizations in the energy and telecommunication sectors. The Iran-linked Lyceum APT group, aka Hexane or Spilrin, used a new.NET-based DNS backdoor in a campaign aimed at companies in the energy and telecommunication sectors, ZScaler researchers warn.

DNS

DNS Telecommunications Malware Phishing

Cuttlefish malware targets enterprise-grade SOHO routers

Security Affairs

MAY 1, 2024

The malicious code can also perform DNS and HTTP hijacking within private IP spaces. “What makes this malware family so insidious is the ability to perform HTTP and DNS hijacking for connections to private IP addresses. Additionally, it can interact with other devices on the LAN and transfer data or deploy new agents.

Malware

Malware DNS Authentication Telecommunications

China-linked LightBasin group accessed calling records from telcos worldwide

Security Affairs

OCTOBER 20, 2021

China-linked cyberespionage group LightBasin hacked mobile telephone networks around the world and used specialized tools to access calling records. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019. ” reads the report published by Crowdstrike.

Telecommunications

Telecommunications Mobile Hacking Architecture

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. SecurityAffairs – hacking, Log4Shell).

Malware

Malware Telecommunications DNS Hacking

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Security Affairs

JANUARY 7, 2024

Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns. The group targets government entities, Kurdish (political) groups like PKK, telecommunication, ISPs, IT-service providers (including security companies), NGO, and Media & Entertainment sectors; Over the years, the group enhanced its evasion capabilities.

Media

Media Accountability Telecommunications Government

GALLIUM Threat Group targets global telcos, Microsoft warns

Security Affairs

DECEMBER 12, 2019

The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. SecurityAffairs – GALLIUM, hacking). Pierluigi Paganini.

Telecommunications

Telecommunications DNS Malware Advertising

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

NOVEMBER 11, 2022

The APT hacking group is believed to have been behind numerous attacks this year, including an attack on Ukrainian energy infrastructure and the deployment of a persistent botnet called “ Cyclops Blink ” dismantled by the US government in April. SecurityAffairs – hacking, Prestige ransomware). Pierluigi Paganini.

Ransomware

Ransomware Telecommunications DNS Hacking

Pro-Russia group NoName057(16) targets Ukraine and NATO countries

Security Affairs

JANUARY 13, 2023

The C2 infrastructure used by the group was primarily hosted on the Bulgarian telecommunications company Neterra. Experts observed threat actors also using No-IP Dynamic DNS services. SecurityAffairs – hacking, NoName057(16) ). GitHub removed the accounts after SentinelOne reported the abuse to the company. Pierluigi Paganini.

DDOS

DDOS Telecommunications DNS Education

INTERNET BLOCKING IN MYANMAR – SECRET BLOCK LIST AND NO MEANS TO APPEAL

Security Affairs

AUGUST 10, 2020

In March 2020, The Ministry of Telecommunications (MoTC) issued a directive to all operators in Myanmar with a secret list of 230 sites to be blocked due to the nature of the content; adult content and fake news. Our findings show that both Telenor and MPT block websites using DNS tampering. SecurityAffairs – hacking, Myanmar).

Internet

Internet Internet Telecommunications DNS

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

JULY 13, 2019

This year, security experts at Avast have blocked more than 4.6 The campaign uncovered by Avast aimed at silently modifying the Brazilian users’ Domain Name System (DNS) settings to redirect victims to malicious websites mimicking legitimate ones. Most recently, Netflix became a popular domain for DNS hijackers.”

DNS

DNS Passwords Advertising Banking

Lyceum APT made the headlines with attacks in Middle East

Security Affairs

AUGUST 27, 2019

The activity of the Lyceum APT group was first documents earlier of August by researchers at ICS security firm Dragos that tracked it as Hexane. Security experts at Dragos Inc. reported that Hexane is targeting organizations in the oil and gas industry and telecommunication providers. SecurityAffairs – Lyceum, hacking).

DNS

DNS Penetration Testing Passwords Social Engineering

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Security Affairs

JULY 6, 2021

According to the DNS data analysis, this name was used to register at least two domains, which were created using the email from the phishing kit. SecurityAffairs – hacking, Operation Lyrebird). ” said Dmitry Volkov Group-IB CTO and Head of Threat Hunting Intelligence. Original post at [link]. Pierluigi Paganini.

Cybercrime

Cybercrime Phishing Banking Telecommunications

OilRig APT group: the evolution of attack techniques over time

Security Affairs

AUGUST 7, 2019

The group has targeted a variety of industries, including financial, government, energy, chemical, and telecommunications, and has largely focused its operations within the Middle East. T1094) mainly developed using DNS resolutions (which is actually one of the main characteristic of the attacker group).

Computers and Electronics

Computers and Electronics Penetration Testing DNS Phishing

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

One of the trends related to the active confrontation between attackers has been hacking back, i.e. when attackers become the victims of hacking. The past months have shown that the most dangerous hacks involved DNS hijacking, which helped attackers manipulate DNS records for MITM attacks. Pierluigi Paganini.

Banking

Banking Telecommunications Marketing Internet

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. But how exactly will artificial intelligence help bridge the information security skills gap? They won with Mayhem, an assisted intelligence application security testing solution.

InfoSec

InfoSec Artificial Intelligence Computers and Electronics Software

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. But how exactly will artificial intelligence help bridge the information security skills gap? They won with Mayhem, an assisted intelligence application security testing solution.

InfoSec

InfoSec Artificial Intelligence Computers and Electronics Software

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. But how exactly will artificial intelligence help bridge the information security skills gap? They won with Mayhem, an assisted intelligence application security testing solution.

InfoSec

InfoSec Artificial Intelligence Computers and Electronics Software

Cyber Security Informer

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Cuttlefish malware targets enterprise-grade SOHO routers

Trending Sources

China-linked LightBasin group accessed calling records from telcos worldwide

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

GALLIUM Threat Group targets global telcos, Microsoft warns

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Pro-Russia group NoName057(16) targets Ukraine and NATO countries

INTERNET BLOCKING IN MYANMAR – SECRET BLOCK LIST AND NO MEANS TO APPEAL

For nearly a year, Brazilian users have been targeted with router attacks

Lyceum APT made the headlines with attacks in Middle East

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

OilRig APT group: the evolution of attack techniques over time

Group-IB presents its annual report on global threats to stability in cyberspace

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

Stay Connected