Hacking, Internet and Telecommunications

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. According to public sources, the threat actors targeted ICS of at least 11 Ukrainian telecommunications providers leading to the disruption of their services. ” reads the advisory.

Telecommunications

Telecommunications Authentication Data collection Passwords

IT Army of Ukraine disrupted internet providers in territories occupied by Russia

Security Affairs

OCTOBER 29, 2023

IT Army of Ukraine hacktivists have temporarily disrupted internet services in some of the territories that have been occupied by Russia. Ukrainian hacktivists belonging to the IT Army of Ukraine group have temporarily disabled internet services in some of the territories that have been occupied by the Russian army.

Internet

Internet Internet Telecommunications DDOS

China-linked hackers target telecommunication providers in the Middle East

Security Affairs

MARCH 24, 2023

Researchers reported that China-linked hackers targeted telecommunication providers in the Middle East in the first quarter of 2023. In the first quarter of 2023, SentinelLabs researchers spotted the initial phases of attacks against telecommunication providers in the Middle East. ” reads the report published by SentinelLabs.

Telecommunications

Telecommunications Malware Mobile Internet

Massive DDoS attack brought down 25% Iranian Internet connectivity

Security Affairs

FEBRUARY 9, 2020

Iran comes under cyber-attack again, a massive offensive brought down a large portion of the Iranian access to the Internet. Iran infrastructures are under attack, a massive cyberattack brought down a large portion of the Iranian access to the Internet, according to the experts the national connectivity fell to 75%.

DDOS

DDOS Internet Internet Telecommunications

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Krebs on Security

MARCH 5, 2021

On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange. The web shell gives the attackers administrative access to the victim’s computer servers.

Hacking

Hacking Software Government Internet

New hacking group ‘Metador’ lurking in ISP networks for months

Bleeping Computer

SEPTEMBER 25, 2022

A previously unknown threat actor that researchers have named 'Metador' has been breaching telecommunications, internet services providers (ISPs), and universities for about two years. [.].

Telecommunications

Telecommunications Hacking Internet Internet

Major IPS in New Zealand hit by massive DDoS, Internet outages reported

Security Affairs

SEPTEMBER 5, 2021

A massive DDoS hit New Zealand ‘s third-largest internet operator isolating parts of the country from the Internet. A massive DDoS hit Vocus ISP, New Zealand ‘s third-largest internet operator, isolating parts of the country from the Internet. SecurityAffairs – hacking, DDoS). Pierluigi Paganini.

DDOS

DDOS Internet Internet Telecommunications

NCSC: New UK law bans default passwords on smart devices

Security Affairs

APRIL 30, 2024

The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will be effective on April 29, 2024. Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, smart device manufacturers) ” reads the announcement published by NCSC.

Passwords

Passwords Manufacturing Telecommunications Cyber Attacks

SFO discloses data breach following the hack of 2 of its websites

Security Affairs

APRIL 11, 2020

San Francisco International Airport (SFO) disclosed a data breach, its websites SFOConnect.com and SFOConstruction.com were hacked last month. The SFO ITT urges anyone who even visited either website using the Internet Explorer web browser to change the device’s password. SecurityAffairs – hacking, data breach).

Data breaches

Data breaches Hacking Telecommunications Passwords

AT&T confirmed that a data breach impacted 73 million customers

Security Affairs

MARCH 30, 2024

ShinyHunters is a popular hacking crew that is known to have offered for sale data stolen from tens of major organizations, including Tokopedia , Homechef , Chatbooks.com , Microsoft , and Minted. ” reads a statement published by the telecommunication giant.

Data breaches

Data breaches Telecommunications Cybercrime Hacking

China-linked LightBasin group accessed calling records from telcos worldwide

Security Affairs

OCTOBER 20, 2021

China-linked cyberespionage group LightBasin hacked mobile telephone networks around the world and used specialized tools to access calling records. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019. ” reads the report published by Crowdstrike.

Telecommunications

Telecommunications Mobile Hacking Architecture

Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure

Security Affairs

MARCH 28, 2022

Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure. On March 29, 2022, a massive cyber attack caused a major internet disruption across Ukraine on national provider Ukrtelecom. SecurityAffairs – hacking, Ukraine). Pierluigi Paganini.

Internet

Internet Internet Mobile Cyber Attacks

On Executive Order 12333

Schneier on Security

SEPTEMBER 28, 2020

The Article pays particular attention to EO 12333’s designation of the National Security Agency as primarily responsible for conducting signals intelligence, which includes the installation of malware, the analysis of internet traffic traversing the telecommunications backbone, the hacking of U.S.-based

Surveillance

Surveillance Telecommunications Internet Internet

Microsoft Exposes Evasive Chinese Tarrask Malware Attacking Windows Computers

The Hacker News

APRIL 13, 2022

The Chinese-backed Hafnium hacking group has been linked to a piece of a new malware that's used to maintain persistence on compromised Windows environments.

Malware

Malware Telecommunications Internet Internet

AT&T states that the data breach impacted 51 million former and current customers

Security Affairs

APRIL 10, 2024

ShinyHunters is a popular hacking crew that is known to have offered for sale data stolen from tens of major organizations, including Tokopedia , Homechef , Chatbooks.com , Microsoft , and Minted. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, data breach)

Data breaches

Data breaches Telecommunications Identity Theft Hacking

INTERNET BLOCKING IN MYANMAR – SECRET BLOCK LIST AND NO MEANS TO APPEAL

Security Affairs

AUGUST 10, 2020

In March 2020, The Ministry of Telecommunications (MoTC) issued a directive to all operators in Myanmar with a secret list of 230 sites to be blocked due to the nature of the content; adult content and fake news. There are several aspects of the Internet blocking in Myanmar that raise questions. Circumvention of Internet blocking.

Internet

Internet Internet Telecommunications DNS

US Cyber Command and Microsoft Are Both Disrupting TrickBot

Schneier on Security

OCTOBER 15, 2020

The crooks running the Trickbot botnet typically use these config files to pass new instructions to their fleet of infected PCs, such as the Internet address where hacked systems should download new updates to the malware. To execute this action, Microsoft formed an international group of industry and telecommunications providers.

Telecommunications

Telecommunications Internet Internet Malware

ShroudedSnooper threat actors target telecom companies in the Middle East

Security Affairs

SEPTEMBER 19, 2023

ShroudedSnooper threat actors are targeting telecommunication service providers in the Middle East with a backdoor called HTTPSnoop. Cisco Talos researchers recently discovered a new stealthy implant dubbed HTTPSnoop that was employed in attacks against telecommunications providers in the Middle East. ” continues the report.

Telecommunications

Telecommunications Internet Internet Malware

Cuttlefish malware targets enterprise-grade SOHO routers

Security Affairs

MAY 1, 2024

Researchers at Lumen’s Black Lotus Labs discovered a new malware family, named Cuttlefish, which targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data from internet traffic. The recent campaign spanned from October 2023 to April 2024. ” concludes the report.

Malware

Malware DNS Authentication Telecommunications

Lapsus$ ransomware gang hits Impresa, Portugal’s largest media conglomerate

Security Affairs

JANUARY 2, 2022

The attack did not impact radio and cable TV broadcasts, while SIC’s internet streaming transmission was interrupted. The gang also targeted the South American telecommunication providers Claro and Embratel. SecurityAffairs – hacking, Lapsus$ ransomware). Source TheRecord. Follow me on Twitter: @securityaffairs and Facebook.

Media

Media Ransomware Telecommunications Accountability

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Security Affairs

JANUARY 5, 2024

The Ukrainian telecommunications company provides communication services and data transmission based on a broad range of fixed and mobile technologies, including 4G (LTE) in Ukraine. The Kyivstar mobile network serves about 26 million mobile customers and more than 1 million broadband fixed internet customers in the country.

Mobile

Mobile Telecommunications Cyber Attacks Internet

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Security Affairs

JANUARY 7, 2024

The group targets government entities, Kurdish (political) groups like PKK, telecommunication, ISPs, IT-service providers (including security companies), NGO, and Media & Entertainment sectors; Over the years, the group enhanced its evasion capabilities. Reduce the number of systems that can be reached over internet using SSH.

Media

Media Accountability Telecommunications Government

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

The number of internet-facing cameras in the world is growing exponentially. Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. New research by Cybernews shows an exponential rise in the uptake of internet-facing cameras. Surge in internet-facing cameras. Most insecure brands.

Surveillance

Surveillance Manufacturing Passwords Internet

Kyivstar, Ukraine’s largest mobile carrier brought down by a cyber attack

Security Affairs

DECEMBER 12, 2023

The Ukrainian telecommunications company provides communication services and data transmission based on a broad range of fixed and mobile technologies, including 4G (LTE) in Ukraine. The Kyivstar mobile network serves about 26 million mobile customers and more than 1 million broadband fixed internet customers in the country.

Cyber Attacks

Cyber Attacks Mobile Telecommunications Internet

Social media partially disrupted in Cuba amid anti-government protests

Security Affairs

JULY 13, 2021

. / AS27725) including Cubacel, the cellular network operated by Cuba’s sole telecommunications company.” VPN services have yet to be blocked in the country, allowing citizens to bypass internet censorship. SecurityAffairs – hacking, Cuba). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Media

Media Government Internet Internet

Telstra Telecom discloses data breach impacting former and current employees

Security Affairs

OCTOBER 5, 2022

Bad news for the Australian telecommunications industry, the largest company in the country Telstra suffered a data breach. Australia’s largest telecommunications company Telstra disclosed a data breach through a third-party supplier. SecurityAffairs – hacking, Telstra Telecom). Pierluigi Paganini.

Data breaches

Data breaches Telecommunications Accountability Information Security

CISA issues advisory on Chinese Cyber Threat to US Telecoms and ISPs

CyberSecurity Insiders

JUNE 8, 2022

A joint document released by CISA in conjugation with NSA and FBI states that companies operating in telecommunication and internet sector should be extra vigilant about a series of common vulnerabilities and exposures seen in network devices that can be exploited by threat actors.

Cyber threats

Cyber threats Telecommunications Cyber Attacks Software

GALLIUM APT used a new PingPull RAT in recent campaigns

Security Affairs

JUNE 13, 2022

Researchers from Palo Alto Networks defined the PingPull RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications. SecurityAffairs – hacking, APT). Experts also found PingPull variants that use HTTPS and TCP for C2 communications instead of ICMP.

Telecommunications

Telecommunications Government Internet Internet

BackdoorDiplomacy APT targets diplomats from Africa and the Middle East

Security Affairs

JUNE 13, 2021

The group also targeted a smaller subset of telecommunications firms in Africa and at least one charity organization in the Middle East. The attack chain starts with exploits for vulnerable internet-exposed systems such as web servers and management interfaces for networking equipment. .” SecurityAffairs – hacking, APT).

Telecommunications

Telecommunications Hacking Media Encryption

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Security Affairs

JULY 19, 2021

Threat actors that goes online with the moniker ZeroX claim to have stolen 1 TB of sensitive data from the Saudi Arabian petroleum and natural gas giant end it is offering for sale it on multiple hacking forums. SecurityAffairs – hacking, Saudi Aramco). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Engineering

Engineering Telecommunications Wireless Data breaches

Mantis botnet powered the largest HTTPS DDoS attack in June

Security Affairs

JULY 14, 2022

Most of the Mantis attacks targeted organizations in the Internet & Telecommunications industry (36%), followed by News, Media & Publishing industry (15%), Gaming (12%), and Finance (10%). SecurityAffairs – hacking, Mantis). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

DDOS

DDOS Telecommunications Media Internet

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

The Chinese APT is known to be focused on telecommunications companies operating across Asia, Europe and Africa. PingPull, was first spotted by Unit 42 in June 2022, the researchers defined the RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications.

Malware

Malware Telecommunications Government VPN

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers.

Telecommunications

Telecommunications Authentication Passwords Accountability

Hundreds of network operators’ credentials found circulating in Dark Web

Security Affairs

JANUARY 30, 2024

Additional information about the investigation conducted by Resecurity are available here : [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Dark web)

Engineering

Engineering Passwords Telecommunications Accountability

Russian Sandworm disrupts power in Ukraine with a new OT attack

Security Affairs

NOVEMBER 9, 2023

The APT group was first observed in the victim’s environment in June 2022, at the time the attackers deployed the Neo-REGEORG webshell on an internet-facing server. In October, researchers reported that the APT Sandworm has hacked eleven telecommunication service providers in Ukraine between May and September 2023.

Telecommunications

Telecommunications Hacking Technology Internet

A flaw in Dahua IP Cameras allows full take over of the devices

Security Affairs

JULY 31, 2022

The vendor addressed the issue with the release of a patch on June 28, 2022, “In addition to building security, surveillance cameras are used throughout many critical infrastructure sectors such as oil & gas, power grids, telecommunications, etc. SecurityAffairs – hacking, IP Cameras). ” concludes Nozomi.

Surveillance

Surveillance Authentication Telecommunications Manufacturing

US officials meet UK peers to remark the urgency to ban Huawei 5G tech

Security Affairs

JANUARY 13, 2020

officials responsible for national security and telecommunications were meeting their peers in Britain ahead of the final decision on Huawei 5G technology. officials responsible for national security and telecommunications were meeting their peers in Britain in the attempt to convince U.K. Bronze President, hacking).

Telecommunications

Telecommunications Government Advertising Architecture

Microsoft has taken legal and technical action to dismantle the Zloader botnet

Security Affairs

APRIL 13, 2022

Microsoft dismantled the C2 infrastructure used by the ZLoader trojan with the help of telecommunications providers around the world and cybersecurity firms. SecurityAffairs – hacking, ZLoader malware). Microsoft’s Digital Crimes Unit (DCU) announced to have shut down dozens C2 servers used by the infamous ZLoader botnet.

Banking

Banking Malware Telecommunications Antivirus

Cloudflare mitigated the largest ever volumetric DDoS attack to date

Security Affairs

AUGUST 20, 2021

These DDoS attacks attempt to consume the bandwidth either within the target network/service, or between the target network/service and the rest of the Internet. One of the targets of the attacks was a major APAC-based Internet services, telecommunications and hosting provider. SecurityAffairs – hacking, DDoS).

DDOS

DDOS Telecommunications Internet Internet

Iran denies successful cyber attacks hit infrastructures of its oil sector

Security Affairs

SEPTEMBER 21, 2019

According to NetBlocks , an organization that tracks internet outages, the country suffered limited intermittent disruptions of internet connectivity. SecurityAffairs – Iran, hacking). Despite the statement, security experts believe that a cyber offensive against Iranian infrastructure is onoing. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Media Telecommunications Government

Syria-linked APT group SEA targets Android users with COVID19 lures

Security Affairs

APRIL 17, 2020

The experts found 71 malicious Android applications that were connecting to the same C2 server having an IP address linked to the Syrian Telecommunications Establishment (STE). “STE has a history of hosting infrastructure for the Syrian Electronic Army (SEA), a Syrian state-sponsored hacking group. . Pierluigi Paganini.

Surveillance

Surveillance Telecommunications Mobile Advertising

On Chinese "Spy Trains"

Schneier on Security

SEPTEMBER 26, 2019

Like the United States, China is more likely to try to get data from the US communications infrastructure, or from the large Internet companies that already collect data on our every move as part of their business model. If there's any lesson from all of this, it's that everybody spies using the Internet. The United States does it.

Surveillance

Surveillance Wireless Government Internet

GALLIUM Threat Group targets global telcos, Microsoft warns

Security Affairs

DECEMBER 12, 2019

The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. SecurityAffairs – GALLIUM, hacking). Pierluigi Paganini.

Telecommunications

Telecommunications DNS Malware Advertising

19-Year-Old man arrested for misusing leaked record from Optus Breach

Security Affairs

OCTOBER 6, 2022

The authorities determined that data used in this criminal activity were from the 10,200 records stolen from the telecommunications giant last month. SecurityAffairs – hacking, Optus). The database belonging to the company was leaked on a cybercrime forum. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Data breaches

Data breaches Scams Telecommunications Financial Services

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

IT Army of Ukraine disrupted internet providers in territories occupied by Russia

Trending Sources

China-linked hackers target telecommunication providers in the Middle East

Massive DDoS attack brought down 25% Iranian Internet connectivity

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

New hacking group ‘Metador’ lurking in ISP networks for months

Major IPS in New Zealand hit by massive DDoS, Internet outages reported

NCSC: New UK law bans default passwords on smart devices

SFO discloses data breach following the hack of 2 of its websites

AT&T confirmed that a data breach impacted 73 million customers

China-linked LightBasin group accessed calling records from telcos worldwide

Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure

On Executive Order 12333

Microsoft Exposes Evasive Chinese Tarrask Malware Attacking Windows Computers

AT&T states that the data breach impacted 51 million former and current customers

INTERNET BLOCKING IN MYANMAR – SECRET BLOCK LIST AND NO MEANS TO APPEAL

US Cyber Command and Microsoft Are Both Disrupting TrickBot

ShroudedSnooper threat actors target telecom companies in the Middle East

Cuttlefish malware targets enterprise-grade SOHO routers

Lapsus$ ransomware gang hits Impresa, Portugal’s largest media conglomerate

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

3.5m IP cameras exposed, with US in the lead

Kyivstar, Ukraine’s largest mobile carrier brought down by a cyber attack

Social media partially disrupted in Cuba amid anti-government protests

Telstra Telecom discloses data breach impacting former and current employees

CISA issues advisory on Chinese Cyber Threat to US Telecoms and ISPs

GALLIUM APT used a new PingPull RAT in recent campaigns

BackdoorDiplomacy APT targets diplomats from Africa and the Middle East

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Mantis botnet powered the largest HTTPS DDoS attack in June

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

China-linked threat actors have breached telcos and network service providers

Hundreds of network operators’ credentials found circulating in Dark Web

Russian Sandworm disrupts power in Ukraine with a new OT attack

A flaw in Dahua IP Cameras allows full take over of the devices

US officials meet UK peers to remark the urgency to ban Huawei 5G tech

Microsoft has taken legal and technical action to dismantle the Zloader botnet

Cloudflare mitigated the largest ever volumetric DDoS attack to date

Iran denies successful cyber attacks hit infrastructures of its oil sector

Syria-linked APT group SEA targets Android users with COVID19 lures

On Chinese "Spy Trains"

GALLIUM Threat Group targets global telcos, Microsoft warns

19-Year-Old man arrested for misusing leaked record from Optus Breach

Stay Connected