Security Affairs

DECEMBER 12, 2019

The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. SecurityAffairs – GALLIUM, hacking). Pierluigi Paganini.

Telecommunications 67

Telecommunications DNS Malware Advertising 67

Security Affairs

NOVEMBER 11, 2022

The APT hacking group is believed to have been behind numerous attacks this year, including an attack on Ukrainian energy infrastructure and the deployment of a persistent botnet called “ Cyclops Blink ” dismantled by the US government in April. SecurityAffairs – hacking, Prestige ransomware). Pierluigi Paganini.

Ransomware 85

Ransomware Telecommunications DNS Hacking 85

Security Affairs

JANUARY 13, 2023

The C2 infrastructure used by the group was primarily hosted on the Bulgarian telecommunications company Neterra. Experts observed threat actors also using No-IP Dynamic DNS services. SecurityAffairs – hacking, NoName057(16) ). GitHub removed the accounts after SentinelOne reported the abuse to the company. Pierluigi Paganini.

DDOS 70

DDOS Telecommunications DNS Education 70

Security Affairs

AUGUST 10, 2020

In March 2020, The Ministry of Telecommunications (MoTC) issued a directive to all operators in Myanmar with a secret list of 230 sites to be blocked due to the nature of the content; adult content and fake news. Our findings show that both Telenor and MPT block websites using DNS tampering. SecurityAffairs – hacking, Myanmar).

Internet 74

Internet Internet Telecommunications DNS 74

Security Affairs

JULY 13, 2019

The campaign uncovered by Avast aimed at silently modifying the Brazilian users’ Domain Name System (DNS) settings to redirect victims to malicious websites mimicking legitimate ones. In some cases the router is reconfigured to use rogue DNS servers, which redirect victims to phishing pages that closely look like real online banking sites.

DNS 73

DNS Passwords Advertising Banking 73

Security Boulevard

JANUARY 12, 2022

MuddyWater (also known as TEMP.Zagros, Static Kitten, Seedworm, and Mercury) is a threat group that primarily targets telecommunications, government, oil, defense, and finance sectors in the Middle East, Europe, and North America. By utilizing the Google Update service, goopdate.dll conceals communications with C2 servers.

Telecommunications 113

Telecommunications DNS Malware Government 113

Security Affairs

AUGUST 27, 2019

reported that Hexane is targeting organizations in the oil and gas industry and telecommunication providers. The malware uses DNS and HTTP-based communication mechanisms. Experts pointed out that Lyceum does not use sophisticated hacking techniques. SecurityAffairs – Lyceum, hacking). Security experts at Dragos Inc.

DNS 82

DNS Penetration Testing Passwords Social Engineering 82

Security Affairs

JULY 6, 2021

According to the DNS data analysis, this name was used to register at least two domains, which were created using the email from the phishing kit. SecurityAffairs – hacking, Operation Lyrebird). ” said Dmitry Volkov Group-IB CTO and Head of Threat Hunting Intelligence. Original post at [link]. Pierluigi Paganini.

Cybercrime 96

Cybercrime Phishing Banking Telecommunications 96

Krebs on Security

APRIL 2, 2019

31, 2019, Rezvesz said his company recently was the subject of an international search warrant executed jointly by the Royal Canadian Mounted Police (RCMP) and the Canadian Radio-television and Telecommunications Commission (CRTC). “In In an “official press release” posted to pastebin.com on Mar.

Advertising 211

Advertising Malware Marketing Software 211

Security Affairs

AUGUST 7, 2019

The group has targeted a variety of industries, including financial, government, energy, chemical, and telecommunications, and has largely focused its operations within the Middle East. T1094) mainly developed using DNS resolutions (which is actually one of the main characteristic of the attacker group).

Computers and Electronics 80

Computers and Electronics Penetration Testing DNS Phishing 80

Security Affairs

JANUARY 10, 2019

Security expert uncovered a DNS hijacking campaign targeting organizations in various industries worldwide and suspects Iranian APT groups. It is interesting to note that FireEye confirmed that this campaign is different from other operations carried out by Iranian APT groups due to the use of DNS hijacking at scale.

DNS 81

DNS Telecommunications Government Encryption 81

Security Affairs

FEBRUARY 24, 2019

“The Internet Corporation for Assigned Names and Numbers ( ICANN ) believes that there is an ongoing and significant risk to key parts of the Domain Name System ( DNS ) infrastructure. The notice was issued by the DHS and links the emergency directive Emergency Directive 19-01 titled “Mitigate DNS Infrastructure Tampering.”.

Internet 96

Internet Internet DNS Telecommunications 96

Security Affairs

MAY 2, 2019

Indeed we might observe a File-based command and control (a quite unusual solution) structure, a VBS launcher, a PowerShell Payload and a covert channel over DNS engine. The group conducts operations primarily in the Middle East, targeting financial, government, energy, chemical, telecommunications and other industries.

DNS 86

DNS Computers and Electronics Penetration Testing Government 86

Security Affairs

NOVEMBER 29, 2019

One of the trends related to the active confrontation between attackers has been hacking back, i.e. when attackers become the victims of hacking. The past months have shown that the most dangerous hacks involved DNS hijacking, which helped attackers manipulate DNS records for MITM attacks. Pierluigi Paganini.

Banking 83

Banking Telecommunications Marketing Internet 83

Security Affairs

APRIL 23, 2019

Security expert Marco Ramilli published the findings of a quick analysis of the webmask project standing behind the DNS attacks implemented by APT34 (aka OilRig and HelixKitten ). The group conducts operations primarily in the Middle East, targeting financial, government, energy, chemical, telecommunications and other industries.

DNS 76

DNS Computers and Electronics Penetration Testing Government 76

CyberSecurity Insiders

MARCH 5, 2021

According to CRN news , SolarWinds stated that its customers included 425 of the US Fortune 500, the top ten US telecommunications companies, the top five US accounting firms, all branches of the US Military, the Pentagon, the State Department, as well as hundreds of universities and colleges worldwide. Infected Domains Analysis.

DNS 138

DNS Education Malware Telecommunications 138

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. One of the unique things about how they did this is they judged it in a full spectrum hacking contest. If you look at like the Tesla hack, it was interesting. but they never actually checked that.

InfoSec 52

InfoSec Artificial Intelligence Computers and Electronics Software 52

eSecurity Planet

FEBRUARY 3, 2021

The National Telecommunications and Information Administration (NTIA) offers the concept of a Software Bill of Materials (SBOM) to address this problem. For CrowdStrike , months after the attempted hack, they were first alerted about attempts to read email and abnormal communication between their MS Office licenses and MS cloud APIs.

Software 62

Software Malware Authentication Penetration Testing 62

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. One of the unique things about how they did this is they judged it in a full spectrum hacking contest. If you look at like the Tesla hack, it was interesting. but they never actually checked that.

InfoSec 40

InfoSec Artificial Intelligence Computers and Electronics Software 40

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. One of the unique things about how they did this is they judged it in a full spectrum hacking contest. If you look at like the Tesla hack, it was interesting. but they never actually checked that.

InfoSec 40

InfoSec Artificial Intelligence Computers and Electronics Software 40

SecureList

FEBRUARY 16, 2021

The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent. In October, telecommunications firm Telenor Norway was another to fall victim. Extortionists’ activity regularly made the news throughout 2020.

DDOS 129

DDOS Cryptocurrency Marketing Internet 129

Security Affairs

JANUARY 15, 2020

If so we are facing a state-sponsored group with high capabilities in developing persistence and hidden communication channels (for example over DNS) but without a deep interest in exploiting services. The group’s victims are mainly in the telecommunications, government (IT services), and oil sectors.” Pierluigi Paganini.

Computers and Electronics 79

Computers and Electronics Penetration Testing Malware Government 79

SecureList

APRIL 27, 2021

It was first publicly documented in 2014, in the aftermath of the Gamma Group hacking incident. Although Lyceum still prefers taking advantage of DNS tunneling, it appears to have replaced the previously documented.NET payload with a new C++ backdoor and a PowerShell script that serve the same purpose.

Malware 139

Malware Spyware Government Social Engineering 139