Hacking, Information Security, Technology and Telecommunications

European Telecommunications Standards Institute (ETSI) suffered a data breach

Security Affairs

OCTOBER 2, 2023

The European Telecommunications Standards Institute (ETSI) disclosed a data breach, threat actors had access to a database of its users. Threat actors stole a database containing the list of users of the portal of the European Telecommunications Standards Institute ( ETSI ).

Telecommunications

Telecommunications Data breaches Technology Cybersecurity

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. According to public sources, the threat actors targeted ICS of at least 11 Ukrainian telecommunications providers leading to the disruption of their services. ” reads the advisory.

Telecommunications

Telecommunications Authentication Data collection Passwords

Lapsus$ gang claims to have hacked Microsoft source code repositories

Security Affairs

MARCH 21, 2022

Microsoft is investigating claims that the Lapsus$ hacking group breached its internal Azure DevOps source code repositories. On Thursday, March 10, Lapsus$ ransomware gang announced they’re starting to recruit insiders employed within major technology giants and ISPs, such companies include Microsoft, Apple, EA Games and IBM.

Hacking

Hacking Telecommunications InfoSec Cybercrime

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Security Affairs

OCTOBER 22, 2023

“If you’re working today at the cutting edge of technology then geopolitics is interested in you, even if you’re not interested in geopolitics.” ” Commercial businesses in the technology sector of any size, especially small companies and start-ups and researchers, are more exposed to Chinese espionage. .

Telecommunications

Telecommunications Technology Government Firmware

SFO discloses data breach following the hack of 2 of its websites

Security Affairs

APRIL 11, 2020

San Francisco International Airport (SFO) disclosed a data breach, its websites SFOConnect.com and SFOConstruction.com were hacked last month. SecurityAffairs – hacking, data breach). The post SFO discloses data breach following the hack of 2 of its websites appeared first on Security Affairs. Pierluigi Paganini.

Data breaches

Data breaches Hacking Telecommunications Passwords

U.S. gov adds more Chinese Telecom firms to the Covered List

Security Affairs

SEPTEMBER 21, 2022

This action demonstrates our whole-of-government effort to protect network security and privacy.”. national security. International telecommunications services provided by China Mobile International USA Inc. International telecommunications services provided by China Mobile International USA Inc. Pierluigi Paganini.

Telecommunications

Telecommunications Mobile Government Risk

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. ” reads the report published by Recorded Future.

Malware

Malware Telecommunications DNS Hacking

France will not ban Huawei from its upcoming 5G networks

Security Affairs

SEPTEMBER 1, 2020

French President Emmanuel Macron announced that France won’t ban the Chinese giant Huawei from its upcoming 5G telecommunication networks. French President Emmanuel Macron announced that his government will not exclude Chinese telecom giant Huawei from the building of the upcoming 5G telecommunication networks.

Telecommunications

Telecommunications Advertising Technology Manufacturing

China-linked APT BlackTech was spotted hiding in Cisco router firmware

Security Affairs

SEPTEMBER 27, 2023

US and Japanese authorities warn that a China-linked APT BlackTech planted backdoor in Cisco router firmware to hack the businesses in both countries. The group targeted organizations in multiple sectors, including defense, government, electronics, telecommunication, technology, media, telecommunication industries.

Firmware

Firmware Telecommunications System Administration Malware

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Security Affairs

JANUARY 5, 2024

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). In December, Kyivstar , the largest Ukraine service provider went down after a major cyber attack.

Mobile

Mobile Telecommunications Cyber Attacks Internet

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Security Affairs

OCTOBER 25, 2021

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. SecurityAffairs – hacking, cyber security). ” states Microsoft. Follow me on Twitter: @securityaffairs and Facebook.

Telecommunications

Telecommunications Technology Hacking Malware

Telecom giant Lumen suffered a ransomware attack and disclose a second incident

Security Affairs

MARCH 28, 2023

Telecommunications giant Lumen Technologies discovered two cybersecurity incidents, including a ransomware attack. In a filing to the Securities and Exchange Commission, on March 27, 2023, Lumen announced two cybersecurity incidents. ” continues the form.

Ransomware

Ransomware Telecommunications Technology Cybersecurity

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Energy and Utilities

Energy and Utilities Telecommunications Technology VPN

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. Pierluigi Paganini.

Government

Government Malware Telecommunications Cybercrime

Lapsus$ Ransomware Group is hiring, it announced recruitment of insiders

Security Affairs

MARCH 11, 2022

Lapsus$ Ransomware gang is looking for insiders willing to sell remote access to major technology corporations and ISPs. Thursday, March 10, Lapsus$ ransomware gang announced they’re starting to recruit insiders employed within major technology giants and ISPs, such companies include Microsoft, Apple, EA Games and IBM.

Ransomware

Ransomware Telecommunications Technology VPN

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Security Affairs

JANUARY 28, 2023

1/3 pic.twitter.com/pMij9lpU5J — ESET Research (@ESETresearch) January 27, 2023 The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). We attribute this attack to #Sandworm.

Telecommunications

Telecommunications Malware Hacking Technology

RedFoxtrot operations linked to China’s PLA Unit 69010 due to bad opsec

Security Affairs

JUNE 19, 2021

. “RedFoxtrot has primarily targeted aerospace and defense, government, telecommunications, mining, and research organizations in Afghanistan, India, Kazakhstan, Kyrgyzstan, Pakistan, Tajikistan, and Uzbekistan. SecurityAffairs – hacking, Unit 69010). ” continues the report. . located in Wuhan.” Pierluigi Paganini.

Telecommunications

Telecommunications Government Hacking Malware

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs

JANUARY 31, 2024

” Sliver is a post-exploitation framework that is gaining notoriety in the hacking underground as an alternative to the Cobalt Strike framework. “ Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, KrustyLoader )

VPN

VPN Malware Authentication Small Business

Russian Sandworm disrupts power in Ukraine with a new OT attack

Security Affairs

NOVEMBER 9, 2023

Mandiant researchers reported that Russia-linked APT group Sandworm employed new operational technology (OT) attacks that caused power outages while the Russian army was conducting mass missile strikes on critical infrastructure in Ukraine in October.

Telecommunications

Telecommunications Hacking Technology Internet

China-linked APT groups target telecom companies in Southeast Asia

Security Affairs

AUGUST 3, 2021

China linked APT groups have targeted networks of at least five major telecommunications companies operating in Southeast Asia since 2017. initial access team, foothold, telco-technology specialized team, etc.) SecurityAffairs – hacking, China-linked APT). all working together and reporting to the same Chinese threat actor.

Telecommunications

Telecommunications Hacking Technology Information Security

Hundreds of network operators’ credentials found circulating in Dark Web

Security Affairs

JANUARY 30, 2024

Additional information about the investigation conducted by Resecurity are available here : [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Dark web)

Engineering

Engineering Passwords Telecommunications Accountability

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Security Affairs

JUNE 17, 2022

and Tykelab Srl, the latter is a telecommunications solutions company suspected to be operating as a front company. The malware samples analyzed impersonated the applications of telecommunications companies or smartphone manufacturers. “According to its own website , Tykelab provides innocuous technology solutions.

Spyware

Spyware Surveillance Telecommunications Mobile

US officials meet UK peers to remark the urgency to ban Huawei 5G tech

Security Affairs

JANUARY 13, 2020

officials responsible for national security and telecommunications were meeting their peers in Britain ahead of the final decision on Huawei 5G technology. officials responsible for national security and telecommunications were meeting their peers in Britain in the attempt to convince U.K. According to U.K.

Telecommunications

Telecommunications Government Advertising Architecture

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Security Affairs

NOVEMBER 28, 2022

Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). In September 2022, Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Pierluigi Paganini.

Ransomware

Ransomware Encryption Telecommunications Malware

Lapsus$ extortion gang claims to have stolen sensitive data from Okta

Security Affairs

MARCH 22, 2022

The gang announced the alleged hack through its Telegram channel and shared a series of screenshots as proof of the hack. On Thursday, March 10, the group announced they’re starting to recruit insiders employed within major technology giants and ISPs, such companies include Microsoft, Apple, EA Games and IBM. Pierluigi Paganini.

Telecommunications

Telecommunications Data breaches VPN Hacking

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

All too often, this gives them a false sense of security: when in fact, threat actors can not only access and watch your camera feed but exploit the unsecured device to hack into your network. SecurityAffairs – hacking, IP cameras). IP cameras exposed, with US in the lead</strong> appeared first on Security Affairs.

Surveillance

Surveillance Manufacturing Passwords Internet

Kyivstar, Ukraine’s largest mobile carrier brought down by a cyber attack

Security Affairs

DECEMBER 12, 2023

The Ukrainian telecommunications company provides communication services and data transmission based on a broad range of fixed and mobile technologies, including 4G (LTE) in Ukraine. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Kyivstar)

Cyber Attacks

Cyber Attacks Mobile Telecommunications Internet

Ubisoft suffered a cyber security incident that caused a temporary disruption

Security Affairs

MARCH 12, 2022

Video game company Ubisoft has suffered a ‘cyber security incident’ that had a severe impact on games, systems, and services. The rumors of a cyber attack against Ubisoft circulated online in the last few days, while data extortion group LAPSUS$ claimed to have hacked the company. SecurityAffairs – hacking, Ubisoft).

Data breaches

Data breaches Telecommunications Hacking Cyber Attacks

Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 24, 2023

NSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake Threats 38TB of data accidentally exposed by Microsoft AI researchers Clorox Blames Damaging Cyberattack for Product Shortage MGM losing up to $8.4M Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5

Cyber Attacks

Cyber Attacks Firewall Data breaches Telecommunications

Millions of travelers of several airlines impacted by SITA data breach

Security Affairs

MARCH 5, 2021

SITA is a multinational information technology company providing IT and telecommunication services to the air transport industry. Around the world, nearly every passenger flight relies on SITA technology. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini.

Data breaches

Data breaches Telecommunications Technology Hacking

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. Pierluigi Paganini.

Government

Government Malware Telecommunications Cybercrime

Lapsus$ extortion gang leaked the source code for some Microsoft projects

Security Affairs

MARCH 22, 2022

The Lapsus$ extortion group claims to have hacked Microsoft ‘s internal Azure DevOps server and leaked the source code for some projects. On Thursday, March 10, the group announced they’re starting to recruit insiders employed within major technology giants and ISPs, such companies include Microsoft, Apple, EA Games and IBM.

Cybercrime

Cybercrime Telecommunications VPN Hacking

Symantec uncovered a previously unknown nation-state actor, named Harvester, that targeted telcos

Security Affairs

OCTOBER 19, 2021

Symantec spotted a previously unknown nation-state actor, tracked as Harvester, that is targeting telecommunication providers and IT firms in South Asia. Sectors targeted include telecommunications, government, and information technology (IT). SecurityAffairs – hacking, Harvester). Pierluigi Paganini.

Telecommunications

Telecommunications Government Malware Encryption

Trojanized Comm100 Live Chat app installer distributed a JavaScript backdoor

Security Affairs

OCTOBER 4, 2022

The malicious installer was used to infect organizations in multiple sectors, including the industrial, healthcare, technology, manufacturing, insurance and telecommunications sectors in North America and Europe. SecurityAffairs – hacking, Comm100). ” The report includes Indicators of Compromise (IoCs) for this attack.

Telecommunications

Telecommunications Insurance Manufacturing Healthcare

Huawei faces 5G ban from British’s 5G network within months

Security Affairs

JULY 5, 2020

UK officials are drawing up proposals to stop installing new Huawei equipment in the 5G network within the year, they also plan to speed up the replacement of Chinese technology that has been already deployed. The decision comes after a new UK intelligence agency GCHQ’s report raised new security concerns over Huawei 5G equipment.

Technology

Technology Telecommunications Risk Manufacturing

Sandworm APT group hit Ukrainian news agency with five data wipers

Security Affairs

JANUARY 30, 2023

The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications

Telecommunications Malware Hacking Technology

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

DECEMBER 7, 2023

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, APT28)

Government

Government Telecommunications Accountability Phishing

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Security Affairs

JANUARY 16, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Ivanti Connect Secure VPN flaws) modification – GIFTEDVISITOR” section of Volexity’s recent blog post. Volexity has also observed suspected exploitation attempt from another threat actor tracked as UTA0188.

VPN

VPN Authentication Small Business Telecommunications

Nobelium APT uses new Post-Compromise malware MagicWeb

Security Affairs

AUGUST 25, 2022

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. SecurityAffairs – hacking, MagicWeb). ” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Malware

Malware Authentication Telecommunications Government

G7 calls on Russia to dismantle operations of ransomware gangs within its borders

Security Affairs

JUNE 14, 2021

The G7 members highlights the importance to collaborate to increase the security of supply chains, the statement also recognizes the foundational role that telecommunications infrastructure, including 5G and future communication technologies, plays and will play in underpinning our wider digital and ICT infrastructure.

Ransomware

Ransomware Cybercrime Telecommunications Accountability

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

NOVEMBER 11, 2022

Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The researchers observed C2 infrastructure relying on dynamic DNS domains masquerading as Ukrainian telecommunication service providers. Pierluigi Paganini.

Ransomware

Ransomware Telecommunications DNS Hacking

Earth Lusca expands its arsenal with SprySOCKS Linux malware

Security Affairs

SEPTEMBER 19, 2023

The group focuses on government departments that are involved in foreign affairs, technology, and telecommunications. The Earth Lusca group remained active during the first half of 2023, it primarily targeted organizations in Southeast Asia, Central Asia, and the Balkans.

Malware

Malware Encryption Telecommunications Authentication

Nobelium APT targets French orgs, French ANSSI agency warns

Security Affairs

DECEMBER 6, 2021

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. SecurityAffairs – hacking, Nobelium). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Phishing

Phishing Telecommunications Government Accountability

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

Across the years, the researchers found analyzed multiple backdoors and hacking tools composing the arsenal of the cyberespionage group. Researchers at company firm Symantec reportedly linked the CIA hacking tools to a number of cyber attacks launched in recent years by a threat actor the company identified as the Longhorn group.

Malware

Malware Hacking Government Telecommunications

European Telecommunications Standards Institute (ETSI) suffered a data breach

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Trending Sources

Lapsus$ gang claims to have hacked Microsoft source code repositories

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

SFO discloses data breach following the hack of 2 of its websites

U.S. gov adds more Chinese Telecom firms to the Covered List

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

France will not ban Huawei from its upcoming 5G networks

China-linked APT BlackTech was spotted hiding in Cisco router firmware

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Telecom giant Lumen suffered a ransomware attack and disclose a second incident

FBI chief says China is preparing to attack US critical infrastructure

Raspberry Robin malware used in attacks against Telecom and Governments

Lapsus$ Ransomware Group is hiring, it announced recruitment of insiders

Sandworm APT targets Ukraine with new SwiftSlicer wiper

RedFoxtrot operations linked to China’s PLA Unit 69010 due to bad opsec

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Russian Sandworm disrupts power in Ukraine with a new OT attack

China-linked APT groups target telecom companies in Southeast Asia

Hundreds of network operators’ credentials found circulating in Dark Web

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

US officials meet UK peers to remark the urgency to ban Huawei 5G tech

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Lapsus$ extortion gang claims to have stolen sensitive data from Okta

3.5m IP cameras exposed, with US in the lead

Kyivstar, Ukraine’s largest mobile carrier brought down by a cyber attack

Ubisoft suffered a cyber security incident that caused a temporary disruption

Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition

Millions of travelers of several airlines impacted by SITA data breach

Raspberry Robin malware used in attacks against Telecom and Governments

Lapsus$ extortion gang leaked the source code for some Microsoft projects

Symantec uncovered a previously unknown nation-state actor, named Harvester, that targeted telcos

Trojanized Comm100 Live Chat app installer distributed a JavaScript backdoor

Huawei faces 5G ban from British’s 5G network within months

Sandworm APT group hit Ukrainian news agency with five data wipers

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Nobelium APT uses new Post-Compromise malware MagicWeb

G7 calls on Russia to dismantle operations of ransomware gangs within its borders

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Earth Lusca expands its arsenal with SprySOCKS Linux malware

Nobelium APT targets French orgs, French ANSSI agency warns

Purple Lambert, a new malware of CIA-linked Lambert APT group

Stay Connected