Hacking, Information Security and Telecommunications

European Telecommunications Standards Institute (ETSI) suffered a data breach

Security Affairs

OCTOBER 2, 2023

The European Telecommunications Standards Institute (ETSI) disclosed a data breach, threat actors had access to a database of its users. Threat actors stole a database containing the list of users of the portal of the European Telecommunications Standards Institute ( ETSI ).

Telecommunications

Telecommunications Data breaches Technology Cybersecurity

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. According to public sources, the threat actors targeted ICS of at least 11 Ukrainian telecommunications providers leading to the disruption of their services. ” reads the advisory.

Telecommunications

Telecommunications Authentication Data collection Passwords

Ukrainian telecommunications operators hit by DarkCrystal RAT malware

Security Affairs

JUNE 27, 2022

The Ukrainian CERT-UA warns of attacks against Ukrainian telecommunications operators involving the DarkCrystal RAT. The Governmental Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a malware campaign targeting Ukrainian telecommunications operators with the DarkCrystal RAT. SecurityAffairs – hacking, RAT).

Telecommunications

Telecommunications Malware Media Passwords

China-linked hackers target telecommunication providers in the Middle East

Security Affairs

MARCH 24, 2023

Researchers reported that China-linked hackers targeted telecommunication providers in the Middle East in the first quarter of 2023. In the first quarter of 2023, SentinelLabs researchers spotted the initial phases of attacks against telecommunication providers in the Middle East. ” reads the report published by SentinelLabs.

Telecommunications

Telecommunications Malware Mobile Internet

NCSC: New UK law bans default passwords on smart devices

Security Affairs

APRIL 30, 2024

The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will be effective on April 29, 2024. Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, smart device manufacturers) ” reads the announcement published by NCSC.

Passwords

Passwords Manufacturing Telecommunications Cyber Attacks

China-linked LightBasin group accessed calling records from telcos worldwide

Security Affairs

OCTOBER 20, 2021

China-linked cyberespionage group LightBasin hacked mobile telephone networks around the world and used specialized tools to access calling records. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019. ” reads the report published by Crowdstrike.

Telecommunications

Telecommunications Mobile Hacking Architecture

IT Army of Ukraine disrupted internet providers in territories occupied by Russia

Security Affairs

OCTOBER 29, 2023

After the invasion of the Crimea and the eastern Ukraine, Ukrainian telecommunications infrastructure was disable by Russian soldiers. Telecommunication infrastructure and internet services are critical infrastructure and were targeted by both Russian and Ukrainian threat actors. reads the advisory published by the CERT-UA.

Internet

Internet Internet Telecommunications DDOS

Lapsus$ gang claims to have hacked Microsoft source code repositories

Security Affairs

MARCH 21, 2022

Microsoft is investigating claims that the Lapsus$ hacking group breached its internal Azure DevOps source code repositories. Their scope of interests includes – major telecommunications companies such as Claro, Telefonica and AT&T. SecurityAffairs – hacking, Microsoft). Pierluigi Paganini.

Hacking

Hacking Telecommunications InfoSec Cybercrime

AT&T is notifying millions of customers of data breach after a third-party vendor hack

Security Affairs

MARCH 10, 2023

AT&T is warning some of its customers that some of their information was exposed after the hack of a third-party vendor’s system. AT&T is notifying millions of customers that some of their information was exposed after a third-party vendor was hacked. Social Security Number, account passwords).

Data breaches

Data breaches Hacking Wireless Telecommunications

The FCC imposes $200 million in fines on four US carriers for unlawfully sharing user location data

Security Affairs

APRIL 29, 2024

The Communications Act mandates that telecommunications carriers safeguard the confidentiality of specific customer data, including location information, about telecommunications services. All four carriers condemned the FCC’s decision and announced they would appeal it.

Wireless

Wireless Telecommunications Insurance Mobile

AT&T confirmed that a data breach impacted 73 million customers

Security Affairs

MARCH 30, 2024

In August 2021, the ShinyHunters group claimed to have a database containing private information on roughly 70 million AT&T customers, but the company denied that they had been stolen from its systems. ” reads a statement published by the telecommunication giant.

Data breaches

Data breaches Telecommunications Cybercrime Hacking

China-linked APT41 group targets telecommunications companies with new backdoor

Security Affairs

OCTOBER 31, 2019

China-linked APT41 group is targeting telecommunications companies with a new piece of malware used to spy on text messages of highly targeted individuals. The experts found the MessageTap backdoor installed on a Linux-based Short Message Service Center (SMSC) server belonging to an unnamed telecommunications company.

Telecommunications

Telecommunications Malware Mobile Advertising

230K individuals impacted by a data breach suffered by Telco provider Tangerine

Security Affairs

FEBRUARY 23, 2024

Australian telecommunications provider Tangerine disclosed a data breach that impacted roughly 230,000 individuals. Tangerine suffered a data breach that exposed the personal information of roughly 230,000 individuals. The telco notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. 

Data breaches

Data breaches Telecommunications Banking Mobile

SFO discloses data breach following the hack of 2 of its websites

Security Affairs

APRIL 11, 2020

San Francisco International Airport (SFO) disclosed a data breach, its websites SFOConnect.com and SFOConstruction.com were hacked last month. SecurityAffairs – hacking, data breach). The post SFO discloses data breach following the hack of 2 of its websites appeared first on Security Affairs. Pierluigi Paganini.

Data breaches

Data breaches Hacking Telecommunications Passwords

6 out of 11 EU agencies running Solarwinds Orion software were hacked

Security Affairs

APRIL 16, 2021

European Commissioner for Budget and Administration Johannes Hahn confirmed the hack of some EU agencies as result of the SolarWinds supply chain attack in a response to a question filed by an EU Parliament member in February 2021. The hack allowed the threat actors to spy on the internal email traffic. Pierluigi Paganini.

Hacking

Hacking Software Telecommunications Cyber Attacks

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

Security Affairs

DECEMBER 14, 2020

Nation-state actors, allegedly Russia-linked hacked, have compromised the networks of several US government agencies, including the US Treasury, the Commerce Department’s National Telecommunications and Information Administration (NTIA). The hack allowed the threat actors to spy on the internal email traffic.

Software

Software Hacking Telecommunications Government

AT&T states that the data breach impacted 51 million former and current customers

Security Affairs

APRIL 10, 2024

In August 2021, the ShinyHunters group claimed to have a database containing private information on roughly 70 million AT&T customers, but the company denied that they had been stolen from its systems. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, data breach)

Data breaches

Data breaches Telecommunications Identity Theft Hacking

Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug

Security Affairs

OCTOBER 16, 2022

Some webshell paths that @Volexity identified were used in targeted (likely #APT ) exploitation of key organizations in government, telecommunications, and IT, predominantly in Asia; others were used in massive worldwide #exploitation. SecurityAffairs – hacking, Zimbra). #volexintel 1/4 — Volexity (@Volexity) October 13, 2022.

Hacking

Hacking Antivirus Telecommunications Engineering

New GTPDOOR backdoor is designed to target telecom carrier networks

Security Affairs

MARCH 4, 2024

LightBasin targeted and compromised mobile telephone networks around the globe and used specialized tools to access calling records and text messages from telecommunications companies. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019.

Telecommunications

Telecommunications Firewall Mobile Malware

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. SecurityAffairs – hacking, Log4Shell).

Malware

Malware Telecommunications DNS Hacking

Telstra Telecom discloses data breach impacting former and current employees

Security Affairs

OCTOBER 5, 2022

Bad news for the Australian telecommunications industry, the largest company in the country Telstra suffered a data breach. Australia’s largest telecommunications company Telstra disclosed a data breach through a third-party supplier. It seems that the security breach also impacted other companies. Pierluigi Paganini.

Data breaches

Data breaches Telecommunications Accountability Information Security

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Security Affairs

OCTOBER 22, 2023

The group targeted organizations in multiple sectors, including defense, government, electronics, telecommunication, technology, media, telecommunication industries. At the end of August, Microsoft linked the Chinese APT Flax Typhoon (aka Ethereal Panda) to a cyber espionage campaign that targeted dozens of organizations in Taiwan.

Telecommunications

Telecommunications Technology Government Firmware

FCC adds Kaspersky to Covered List due to unacceptable risks to national security

Security Affairs

MARCH 26, 2022

Below is the list of Covered Equipment or Services added on March 25, 2022: Information security products, solutions, and services supplied, directly or indirectly, by AO Kaspersky Lab or any of its predecessors, successors, parents, subsidiaries, or affiliates. Telecommunications services provided by China Telecom (Americas) Corp.

Risk

Risk Telecommunications Mobile Antivirus

U.S. gov adds more Chinese Telecom firms to the Covered List

Security Affairs

SEPTEMBER 21, 2022

This action demonstrates our whole-of-government effort to protect network security and privacy.”. national security. International telecommunications services provided by China Mobile International USA Inc. International telecommunications services provided by China Mobile International USA Inc. Pierluigi Paganini.

Telecommunications

Telecommunications Mobile Government Risk

Sandman APT targets telcos with LuaDream backdoor

Security Affairs

SEPTEMBER 22, 2023

A previously undocumented APT dubbed Sandman targets telecommunication service providers in the Middle East, Western Europe, and South Asia. LuaDream stands as a compelling illustration of the continuous innovation and advancement efforts that cyber espionage threat actors pour into their ever-evolving malware arsenal.”

Telecommunications

Telecommunications Malware Hacking Risk

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

Security Affairs

JUNE 11, 2022

Iran-linked Lyceum APT group uses a new.NET-based DNS backdoor to target organizations in the energy and telecommunication sectors. The Iran-linked Lyceum APT group, aka Hexane or Spilrin, used a new.NET-based DNS backdoor in a campaign aimed at companies in the energy and telecommunication sectors, ZScaler researchers warn.

DNS

DNS Telecommunications Malware Phishing

A powerful DDoS attack hit Hungarian banks and telecoms services

Security Affairs

SEPTEMBER 26, 2020

Hungarian financial institutions and telecommunications infrastructure were hit by a powerful DDoS attack originating from servers in Russia, China and Vietnam. A powerful DDoS attack hit some Hungarian banking and telecommunication services that briefly disrupted them. SecurityAffairs – hacking, Hungary). Pierluigi Paganini.

DDOS

DDOS Banking Telecommunications Advertising

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

Security Affairs

DECEMBER 30, 2020

T-Mobile discovered that the attackers had access to the CPNI (Customer Proprietary Network Information). Customer proprietary network information (CPNI) is the data collected by telecommunications companies about a consumer’s telephone calls. The telecommunication giant is in the process of notifying impacted customers.

Data breaches

Data breaches Mobile Telecommunications Wireless

ShroudedSnooper threat actors target telecom companies in the Middle East

Security Affairs

SEPTEMBER 19, 2023

ShroudedSnooper threat actors are targeting telecommunication service providers in the Middle East with a backdoor called HTTPSnoop. Cisco Talos researchers recently discovered a new stealthy implant dubbed HTTPSnoop that was employed in attacks against telecommunications providers in the Middle East.

Telecommunications

Telecommunications Internet Internet Malware

Caketap, a new Unix rootkit used to siphon ATM banking data

Security Affairs

MARCH 18, 2022

The China-linked hacking group has been active since at least 2016, according to the CrowdStrike researchers it is using a very sophisticated toolset. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by the group since 2019. SecurityAffairs – hacking, Caketap). Pierluigi Paganini.

Banking

Banking Telecommunications System Administration Hacking

Lapsus$ ransomware gang hits Impresa, Portugal’s largest media conglomerate

Security Affairs

JANUARY 2, 2022

The gang also targeted the South American telecommunication providers Claro and Embratel. SecurityAffairs – hacking, Lapsus$ ransomware). The post Lapsus$ ransomware gang hits Impresa, Portugal’s largest media conglomerate appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

Media

Media Ransomware Telecommunications Accountability

WIP19, a new Chinese APT targets IT Service Providers and Telcos

Security Affairs

OCTOBER 14, 2022

Chinese-speaking threat actor, tracked as WIP19, is targeting telecommunications and IT service providers in the Middle East and Asia. SentinelOne researchers uncovered a new threat cluster, tracked as WIP19, which has been targeting telecommunications and IT service providers in the Middle East and Asia. Pierluigi Paganini.

Telecommunications

Telecommunications Malware Hacking Information Security

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. Pierluigi Paganini.

Government

Government Malware Telecommunications Cybercrime

China-linked APT BlackTech was spotted hiding in Cisco router firmware

Security Affairs

SEPTEMBER 27, 2023

US and Japanese authorities warn that a China-linked APT BlackTech planted backdoor in Cisco router firmware to hack the businesses in both countries. The group targeted organizations in multiple sectors, including defense, government, electronics, telecommunication, technology, media, telecommunication industries.

Firmware

Firmware Telecommunications System Administration Malware

Security Affairs newsletter Round 440 by Pierluigi Paganini – International edition

Security Affairs

OCTOBER 8, 2023

Belgian intelligence service VSSE accused Alibaba of ‘possible espionage’ at European hub in Liege A WhatsApp zero-day exploit can cost several million dollars CISA adds JetBrains TeamCity and Windows flaws to its Known Exploited Vulnerabilities catalog NATO is investigating a new cyber attack claimed by the SiegedSec group Global CRM Provider Exposed (..)

Data breaches

Data breaches Cybercrime Ransomware Hacking

US FCC bans China Unicom Americas telecom over national security risks

Security Affairs

JANUARY 29, 2022

The Chinese telecom company was banned from providing telecommunication services within the United States. ” Yesterday we took a critical step to protect our communications networks from foreign national security threats. .” SecurityAffairs – hacking, China). ” reads the order. ” reads the order.

Risk

Risk Telecommunications Government Mobile

France will not ban Huawei from its upcoming 5G networks

Security Affairs

SEPTEMBER 1, 2020

French President Emmanuel Macron announced that France won’t ban the Chinese giant Huawei from its upcoming 5G telecommunication networks. French President Emmanuel Macron announced that his government will not exclude Chinese telecom giant Huawei from the building of the upcoming 5G telecommunication networks.

Telecommunications

Telecommunications Advertising Technology Manufacturing

Massive DDoS attack brought down 25% Iranian Internet connectivity

Security Affairs

FEBRUARY 9, 2020

“Network data from the NetBlocks internet observatory confirm extensive disruption to telecommunication networks in Iran on the morning of Saturday, 8 February 2020 lasting several hours.” SecurityAffairs – Iran, hacking). ” reads a post published by NetBlocks. Pierluigi Paganini.

DDOS

DDOS Internet Internet Telecommunications

Google fixed a new Chrome Zero-Day actively exploited in the wild

Security Affairs

AUGUST 17, 2022

Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. SecurityAffairs – hacking, Chrome). on 2022-06-18 [$7000][1345042] High CVE-2022-2855: Use after free in ANGLE. Pierluigi Paganini.

Telecommunications

Telecommunications Mobile Engineering Hacking

Cuttlefish malware targets enterprise-grade SOHO routers

Security Affairs

MAY 1, 2024

The experts noticed that the infection chain was distinct, with 99% of infections originating in Turkey, primarily from two major telecommunications providers. ” Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, malware)

Malware

Malware DNS Authentication Telecommunications

TELEGRAM LATENCY IN BELARUS: HOW THE NATIONAL PROVIDER CONTROLS THE TRAFFIC

Security Affairs

NOVEMBER 5, 2020

Beltelecom, the national telecommunications company in Belarus, fully owned by the Government of Belarus and operated by the Ministry of Telecommunications, controls the traffic of Telegram, generating latency for the messenger platform in Belarus. SecurityAffairs – hacking, Belarus). Pierluigi Paganini.

Telecommunications

Telecommunications Media Advertising Government

‘Ransomed.vc’ in the Spotlight – What is Known About the Ransomware Group Targeting Sony and NTT Docomo

Security Affairs

SEPTEMBER 27, 2023

group claimed the hack of the Japanese giant NTT Docomo. announced a new victim today in face of the largest Japanese telecommunication giant NTT Docomo. Following the recently announced data leak from Sony, Ransomed.vc Following the recently announced data leak from Sony , the notorious ransomware syndicate Ransomed.vc

Ransomware

Ransomware Telecommunications Data breaches Government

RedFoxtrot operations linked to China’s PLA Unit 69010 due to bad opsec

Security Affairs

JUNE 19, 2021

“RedFoxtrot has primarily targeted aerospace and defense, government, telecommunications, mining, and research organizations in Afghanistan, India, Kazakhstan, Kyrgyzstan, Pakistan, Tajikistan, and Uzbekistan. SecurityAffairs – hacking, Unit 69010). ” continues the report. . located in Wuhan.” Pierluigi Paganini.

Telecommunications

Telecommunications Government Hacking Malware

Threat actor claims to be selling data of more than 100 million T-Mobile customers

Security Affairs

AUGUST 15, 2021

New problems for T-Mobile, the company is investigating a possible data breach after that a threat actor has published a post on a hacking forum claiming to be in possession of the personal data of its customers. We do not have any additional information to share at this time.” SecurityAffairs – hacking, data breach).

Mobile

Mobile Data breaches Telecommunications Hacking

European Telecommunications Standards Institute (ETSI) suffered a data breach

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Trending Sources

Ukrainian telecommunications operators hit by DarkCrystal RAT malware

China-linked hackers target telecommunication providers in the Middle East

NCSC: New UK law bans default passwords on smart devices

China-linked LightBasin group accessed calling records from telcos worldwide

IT Army of Ukraine disrupted internet providers in territories occupied by Russia

Lapsus$ gang claims to have hacked Microsoft source code repositories

AT&T is notifying millions of customers of data breach after a third-party vendor hack

The FCC imposes $200 million in fines on four US carriers for unlawfully sharing user location data

AT&T confirmed that a data breach impacted 73 million customers

China-linked APT41 group targets telecommunications companies with new backdoor

230K individuals impacted by a data breach suffered by Telco provider Tangerine

SFO discloses data breach following the hack of 2 of its websites

6 out of 11 EU agencies running Solarwinds Orion software were hacked

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software

AT&T states that the data breach impacted 51 million former and current customers

Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug

New GTPDOOR backdoor is designed to target telecom carrier networks

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Telstra Telecom discloses data breach impacting former and current employees

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

FCC adds Kaspersky to Covered List due to unacceptable risks to national security

U.S. gov adds more Chinese Telecom firms to the Covered List

Sandman APT targets telcos with LuaDream backdoor

Iran-linked Lyceum APT adds a new.NET DNS Backdoor to its arsenal

A powerful DDoS attack hit Hungarian banks and telecoms services

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

ShroudedSnooper threat actors target telecom companies in the Middle East

Caketap, a new Unix rootkit used to siphon ATM banking data

Lapsus$ ransomware gang hits Impresa, Portugal’s largest media conglomerate

WIP19, a new Chinese APT targets IT Service Providers and Telcos

Raspberry Robin malware used in attacks against Telecom and Governments

China-linked APT BlackTech was spotted hiding in Cisco router firmware

Security Affairs newsletter Round 440 by Pierluigi Paganini – International edition

US FCC bans China Unicom Americas telecom over national security risks

France will not ban Huawei from its upcoming 5G networks

Massive DDoS attack brought down 25% Iranian Internet connectivity

Google fixed a new Chrome Zero-Day actively exploited in the wild

Cuttlefish malware targets enterprise-grade SOHO routers

TELEGRAM LATENCY IN BELARUS: HOW THE NATIONAL PROVIDER CONTROLS THE TRAFFIC

‘Ransomed.vc’ in the Spotlight – What is Known About the Ransomware Group Targeting Sony and NTT Docomo

RedFoxtrot operations linked to China’s PLA Unit 69010 due to bad opsec

Threat actor claims to be selling data of more than 100 million T-Mobile customers

Stay Connected