Hacking, Technology, Telecommunications and VPN

Hacking

Technology

Telecommunications

VPN

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. According to public sources, the threat actors targeted ICS of at least 11 Ukrainian telecommunications providers leading to the disruption of their services. “Note (!) ” reads the advisory.

Telecommunications

Telecommunications Authentication Data collection Passwords

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Security Affairs

JANUARY 31, 2024

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. ” Sliver is a post-exploitation framework that is gaining notoriety in the hacking underground as an alternative to the Cobalt Strike framework. ” concludes the report.

VPN

VPN Malware Authentication Small Business

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Security Affairs

JANUARY 16, 2024

Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. Through forensic analysis of the memory sample, Volexity was able to recreate two proof-of-concept exploits that allowed full unauthenticated command execution on the ICS VPN appliance.

VPN

VPN Authentication Small Business Telecommunications

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Lapsus$ gang claims to have hacked Microsoft source code repositories

Security Affairs

MARCH 21, 2022

Microsoft is investigating claims that the Lapsus$ hacking group breached its internal Azure DevOps source code repositories. On Thursday, March 10, Lapsus$ ransomware gang announced they’re starting to recruit insiders employed within major technology giants and ISPs, such companies include Microsoft, Apple, EA Games and IBM.

Hacking

Hacking Telecommunications InfoSec Cybercrime

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. SCHOOL OF HACKS. The employee phishing page bofaticket[.]com. Image: urlscan.io.

Phishing

Phishing VPN Social Engineering Media

Lapsus$ Ransomware Group is hiring, it announced recruitment of insiders

Security Affairs

MARCH 11, 2022

Lapsus$ Ransomware gang is looking for insiders willing to sell remote access to major technology corporations and ISPs. Thursday, March 10, Lapsus$ ransomware gang announced they’re starting to recruit insiders employed within major technology giants and ISPs, such companies include Microsoft, Apple, EA Games and IBM.

Ransomware

Ransomware Telecommunications Technology VPN

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Energy and Utilities

Energy and Utilities Telecommunications Technology VPN

Lapsus$ extortion gang claims to have stolen sensitive data from Okta

Security Affairs

MARCH 22, 2022

The gang announced the alleged hack through its Telegram channel and shared a series of screenshots as proof of the hack. On Thursday, March 10, the group announced they’re starting to recruit insiders employed within major technology giants and ISPs, such companies include Microsoft, Apple, EA Games and IBM. Pierluigi Paganini.

Telecommunications

Telecommunications Data breaches VPN Hacking

Lapsus$ extortion gang leaked the source code for some Microsoft projects

Security Affairs

MARCH 22, 2022

The Lapsus$ extortion group claims to have hacked Microsoft ‘s internal Azure DevOps server and leaked the source code for some projects. On Thursday, March 10, the group announced they’re starting to recruit insiders employed within major technology giants and ISPs, such companies include Microsoft, Apple, EA Games and IBM.

Cybercrime

Cybercrime Telecommunications VPN Hacking

Russia’s watchdog Roskomnadzor threatens to fine Twitter and Facebook

Security Affairs

FEBRUARY 2, 2020

Russia’s telecommunications watchdog Roskomnadzor has instituted administrative proceedings against Facebook and Twitter after they refused to store data of Russian users on servers located in the country. This week the Russian government has blocked the ProtonMail end-to-end encrypted email service and ProtonVPN VPN service.

Telecommunications

Telecommunications VPN Advertising Government

Reassessing cyberwarfare. Lessons learned in 2022

SecureList

DECEMBER 14, 2022

According to the same article, another such attack took place in the late 1990s when the American military attacked a Serbian telecommunications network. Following these activities, the international hacking collective known as “Anonymous” declared cyber war against Killnet on May 23. Hack and leak. Key insights.

DDOS

DDOS Ransomware Government Energy and Utilities

It’s official, Lapsus$ gang compromised a Microsoft employee’s account

Security Affairs

MARCH 23, 2022

Microsoft confirmed that Lapsus$ extortion group has hacked one of its employees to access and steal the source code of some projects. Microsoft confirmed that Lapsus$ extortion group has hacked one of its employees to access and steal the source code of some projects. SecurityAffairs – hacking, Microsoft). Pierluigi Paganini.

Accountability

Accountability VPN Social Engineering Hacking

Nobelium continues to target organizations worldwide with custom malware

Security Affairs

DECEMBER 6, 2021

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. SecurityAffairs – hacking, NOBELIUM). The Nobelium cyberspies is using a new custom downloader tracked by the researchers as CEELOADER.

Malware

Malware VPN Telecommunications Accountability

APT trends report Q1 2021

SecureList

APRIL 27, 2021

It was first publicly documented in 2014, in the aftermath of the Gamma Group hacking incident. The attackers used vulnerabilities in an SSL-VPN product to deploy a multi-layered loader we dubbed Ecipekac (aka DESLoader, SigLoader and HEAVYHAND). This server was disabled a day after our discovery last December.

Malware

Malware Spyware Government Social Engineering

Group-IB Hi-Tech Crime Trends 2020/2021 report

Security Affairs

NOVEMBER 25, 2020

Group-IB’s report Hi-Tech Crime Trends 2020/2021 examines various aspects of cybercrime industry operations and predicts changes to the threat landscape for various sectors, namely the financial industry, telecommunications, retail, manufacturing, and the energy sector. SecurityAffairs – hacking, crime trends). Pierluigi Paganini.

Banking

Banking Ransomware Phishing Marketing

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

From a different angle, reporting from The Intercept revealed mobile surveillance capabilities available to Iran for the purposes of domestic investigations that leverage direct access to (and cooperation of) local telecommunication companies. One glaring example is Iran, which faced a series of spectacular hacks and sabotages.

Firmware

Firmware Surveillance Mobile Telecommunications

Cyber Security Informer

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

Webinars

Trending Sources

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

Webinars

Lapsus$ gang claims to have hacked Microsoft source code repositories

Voice Phishers Targeting Corporate VPNs

Lapsus$ Ransomware Group is hiring, it announced recruitment of insiders

FBI chief says China is preparing to attack US critical infrastructure

Lapsus$ extortion gang claims to have stolen sensitive data from Okta

Lapsus$ extortion gang leaked the source code for some Microsoft projects

Russia’s watchdog Roskomnadzor threatens to fine Twitter and Facebook

Reassessing cyberwarfare. Lessons learned in 2022

It’s official, Lapsus$ gang compromised a Microsoft employee’s account

Nobelium continues to target organizations worldwide with custom malware

APT trends report Q1 2021

Group-IB Hi-Tech Crime Trends 2020/2021 report

Advanced threat predictions for 2023

Stay Connected