Firmware and Telecommunications - Cyber Security Informer

China-linked APT BlackTech was spotted hiding in Cisco router firmware

Security Affairs

SEPTEMBER 27, 2023

US and Japanese authorities warn that a China-linked APT BlackTech planted backdoor in Cisco router firmware to hack the businesses in both countries. The group targeted organizations in multiple sectors, including defense, government, electronics, telecommunication, technology, media, telecommunication industries.

Firmware

Firmware Telecommunications System Administration Malware

Secret Backdoors Found in German-made Auerswald VoIP System

The Hacker News

DECEMBER 21, 2021

Multiple backdoors have been discovered during a penetration test in the firmware of a widely used voice over Internet Protocol (VoIP) appliance from Auerswald, a German telecommunications hardware manufacturer, that could be abused to gain full administrative access to the devices.

Penetration Testing

Penetration Testing Firmware Telecommunications Manufacturing

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Security Affairs

OCTOBER 22, 2023

.” Recently, US and Japanese intelligence, law enforcement and cybersecurity agencies warned of a China-linked APT, tracked as BlackTech (aka Palmerworm, Temp.Overboard, Circuit Panda, and Radio Panda), that planted backdoor in Cisco router firmware to access multinational companies’ networks.

Telecommunications

Telecommunications Technology Government Firmware

Massive Surge in DDoS Attacks Reported in First Quarter of 2023

CyberSecurity Insiders

APRIL 12, 2023

The report stems from a detailed analysis of attacks targeting StormWall’s clientele, which spans various sectors such as finance, e-commerce, telecommunications, entertainment, transportation, education, and logistics. Telecommunications continued to be a popular target, enduring 16% of attacks and a 47% YoY increase.

DDOS

DDOS Telecommunications Data breaches Firmware

Red Balloon Security Introduces Expanded Portfolio of Embedded Security Solutions

CyberSecurity Insiders

APRIL 20, 2021

NEW YORK–(BUSINESS WIRE)–Red Balloon Security, the leader in embedded device security, today announced an expanded and customizable set of offerings for critical infrastructure and a range of industries –– including energy, industrial control systems (ICS), building management systems (BMS), automotive, and telecommunications.

Telecommunications

Telecommunications Firmware Cybersecurity

Lapsus$: The New Name in Ransomware Gangs

Security Boulevard

MARCH 15, 2022

Other targets include Brazil’s Ministry of Health (MoH) and Brazilian telecommunications operator Claro. Since they appear to be succeeding, Lapsus$ announced that they are looking to recruit insiders employed at telecommunications, software and gaming companies, among other technology businesses. But first things first.

Ransomware

Ransomware Telecommunications Firmware Media

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

In November, the US Federal Communications Commission banned authorizations for Chinese telecommunications and video surveillance equipment, saying that Huawei, ZTE, Hytera, Hikvision, and Dahua are “deemed to pose a threat to national security.”. Most insecure brands.

Surveillance

Surveillance Manufacturing Passwords Internet

Android mobile devices from 11 vendors are exposed to AT Commands attacks

Security Affairs

AUGUST 27, 2018

Even if international telecommunications regulators have defined the list of AT commands that all smartphones must implement, many vendors have also added custom AT command sets that could be used to manage some specific features of the devices (i.e. The AT commands can be transmitted via phone lines and control modems. camera control).

Mobile

Mobile Firmware Telecommunications Advertising

Maze ransomware operators claim to have breached LG Electronics

Security Affairs

JUNE 25, 2020

Just after the WorldNet Telecommunications, the LG electronics fall as a victim of the Maze ransomware operators.” “One of the screenshots seems to consist of LG Electronics official firmware or software update releases that assist their hardware products to work more efficiently.” ” continues Cyble.

Computers and Electronics

Computers and Electronics Ransomware Mobile Telecommunications

What is a Managed Security Service Provider? MSSPs Explained

eSecurity Planet

AUGUST 22, 2023

History of MSSPs As internet service providers (ISPs) and telecommunications companies (telecoms) began offering commercial access to the internet in the late 1990s, they began to also offer firewall appliances and associated managed services. and installed software (operating systems, applications, firmware, etc.). Outsourcing U.S.

Telecommunications

Telecommunications Firewall Penetration Testing Cybersecurity

Episode 167: Made in America? Trade Tensions highlight Supply Chain Risk

The Security Ledger

NOVEMBER 11, 2019

Terry is a former NSA employee who specializes in firmware security. Congress has been aggressive in calling out the Chinese threat to domestic businesses. To understand the threat that software and hardware from China poses to organizations here in the U.S. we invited Terry Dunlap of the firm ReFirm Labs back into the Security Ledger studio.

Risk

Risk Surveillance Firmware Technology

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

JULY 13, 2019

. “The password “gvt12345”, for example, suggests that hackers target users with routers from the former Brazilian internet service provider (ISP) GVT, which was acquired by Teleônica Brasil, and is the largest telecommunications company in the country.” ” states the analysis published by Avast. concludes Avast.

DNS

DNS Passwords Advertising Banking

Nvidia, the ransomware breach with some plot twists

Malwarebytes

MARCH 3, 2022

The LAPSUS$ group is a relative newcomer to the ransomware scene, but it has made a name for itself by bringing down big targets like Impresa, the largest media conglomerate in Portugal, Brazil’s Ministry of Health, and Brazilian telecommunications operator Claro.

Ransomware

Ransomware Password Management Passwords Hacking

Sunburst: connecting the dots in the DNS requests

SecureList

DECEMBER 18, 2020

Other advanced threat groups are also known to adopt similar strategies, for instance with hardware or firmware implants, which “sleep” for weeks or months before connecting to their C2 infrastructure. This explains why this attack was so hard to spot. Low-level details. All we need is a.NET decompiler (dnSpy is a good one).

DNS

DNS Telecommunications Malware Encryption

Spotlight: CTIA’s IoT Cybersecurity Certification is a Big Deal. Here’s why.

The Security Ledger

MARCH 13, 2019

But while those bills work their way through Congress, a much more consequential standard is already taking root: this one backed by CTIA , the trade group that represents major telecommunications and Internet providers. Sameer Dixit is the Sr. Director- Security Consulting at Spirent Communications.

IoT

IoT Cybersecurity Internet Internet

APT attacks: Exploring Advanced Persistent Threats and their evasive techniques

Malwarebytes

MAY 18, 2023

Establish Persistence (Tactic ID: TA0003) APT groups use techniques like multiple backdoors, rootkits, and even firmware or hardware-based attacks to maintain access to a network even after detection and remediation efforts. According to the cyber threat group list compiled by MITRE ATT&CK , we're aware of over 100 APT groups worldwide.

Social Engineering

Social Engineering Phishing Malware Software

Maybe don’t call Saul? Over 30,000 VoIP devices identifiable worldwide, some with suspected vulnerabilities

Security Affairs

MAY 12, 2021

Older CVEs are more likely to have been mediated, and newer ones are less so since developers might not yet patch them and, even more frequently, the firmware might not be updated by users. It is imperative that businesses keep their software and firmware of devices connected to the internet up to date. Most devices.

Manufacturing

Manufacturing Internet Internet Firmware

Reassessing cyberwarfare. Lessons learned in 2022

SecureList

DECEMBER 14, 2022

According to the same article, another such attack took place in the late 1990s when the American military attacked a Serbian telecommunications network. It directly affected satellite modems firmwares , but was still to be understood as of mid-March. ViaSat quickly suspected that disruptions could be the result of a cyberattack.

DDOS

DDOS Ransomware Government Energy and Utilities

Key benefits of iSIM technology for enabling secure connectivity

CyberSecurity Insiders

OCTOBER 27, 2021

The iSIM is fully standardised and endorsed by the industry and is recognised by several industry bodies including the European Telecommunications Standards Institute (ETSI), Eurosmart, Trusted Connectivity Allianceand the GSMA. Energy consumption is also reduced thanks to the advanced technology node employed to build the SoC. .

Technology

Technology Manufacturing IoT Mobile

DDoS attacks in Q4 2020

SecureList

FEBRUARY 16, 2021

After the attacks came to light, the manufacturer promptly released a firmware update for configuring verification of incoming requests. In October, telecommunications firm Telenor Norway was another to fall victim. Consequently, the victims received reply packets several times larger in size.

DDOS

DDOS Cryptocurrency Marketing Internet

DDoS attacks in Q1 2021

SecureList

MAY 10, 2021

Vulnerable devices were either misconfigured or missing the latest firmware version with the required settings. In addition to the aforementioned Melita, Austrian provider A1 Telekom (article in German), as well as Belgian telecommunications firm Scarlet , suffered DDoS attacks (albeit without the ransomware component).

DDOS

DDOS Cryptocurrency Media Marketing

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

From a different angle, reporting from The Intercept revealed mobile surveillance capabilities available to Iran for the purposes of domestic investigations that leverage direct access to (and cooperation of) local telecommunication companies. The first one, in January, was MoonBounce ; the other was CosmicStrand in July 2022.

Firmware

Firmware Surveillance Mobile Telecommunications

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

In May, Ars Technica reported that BootGuard private keys had been stolen following a ransomware attack on Micro-Star International (MSI) in March this year (firmware on PCs with Intel chips and BootGuard enabled will only run if it is digitally signed using the appropriate keys).

Hacking

Hacking Energy and Utilities Media Malware

Cyber Security Informer

China-linked APT BlackTech was spotted hiding in Cisco router firmware

Secret Backdoors Found in German-made Auerswald VoIP System

Trending Sources

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Massive Surge in DDoS Attacks Reported in First Quarter of 2023

Red Balloon Security Introduces Expanded Portfolio of Embedded Security Solutions

Lapsus$: The New Name in Ransomware Gangs

3.5m IP cameras exposed, with US in the lead

Android mobile devices from 11 vendors are exposed to AT Commands attacks

Maze ransomware operators claim to have breached LG Electronics

What is a Managed Security Service Provider? MSSPs Explained

Episode 167: Made in America? Trade Tensions highlight Supply Chain Risk

For nearly a year, Brazilian users have been targeted with router attacks

Nvidia, the ransomware breach with some plot twists

Sunburst: connecting the dots in the DNS requests

Spotlight: CTIA’s IoT Cybersecurity Certification is a Big Deal. Here’s why.

APT attacks: Exploring Advanced Persistent Threats and their evasive techniques

Maybe don’t call Saul? Over 30,000 VoIP devices identifiable worldwide, some with suspected vulnerabilities

Reassessing cyberwarfare. Lessons learned in 2022

Key benefits of iSIM technology for enabling secure connectivity

DDoS attacks in Q4 2020

DDoS attacks in Q1 2021

Advanced threat predictions for 2023

Advanced threat predictions for 2024

Stay Connected