Krebs on Security

AUGUST 19, 2020

But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. SCHOOL OF HACKS. The employee phishing page bofaticket[.]com. Image: urlscan.io.

Phishing 360

Phishing VPN Social Engineering Media 360

Security Affairs

MAY 1, 2024

The malware creates a proxy or VPN tunnel on the compromised router to exfiltrate data, and then uses stolen credentials to access targeted resources. The experts noticed that the infection chain was distinct, with 99% of infections originating in Turkey, primarily from two major telecommunications providers.

Malware 100

Malware DNS Authentication Telecommunications 100

Security Affairs

MARCH 23, 2022

Microsoft confirmed that Lapsus$ extortion group has hacked one of its employees to access and steal the source code of some projects. Microsoft confirmed that Lapsus$ extortion group has hacked one of its employees to access and steal the source code of some projects. SecurityAffairs – hacking, Microsoft). Pierluigi Paganini.

Accountability 100

Accountability VPN Social Engineering Hacking 100

Security Affairs

APRIL 26, 2023

The Chinese APT is known to be focused on telecommunications companies operating across Asia, Europe and Africa. Alloy Taurus is known for leveraging the SoftEther VPN service to facilitate access and maintain persistence to their targeted network.

Malware 95

Malware Telecommunications Government VPN 95

Security Affairs

MARCH 22, 2022

The gang announced the alleged hack through its Telegram channel and shared a series of screenshots as proof of the hack. Their scope of interests includes – major telecommunications companies such as Claro, Telefonica and AT&T. SecurityAffairs – hacking, BazarLoader). Pierluigi Paganini.

Telecommunications 84

Telecommunications Data breaches VPN Hacking 84

Security Affairs

MARCH 11, 2022

Their scope of interests include – major telecommunications companies such as Claro, Telefonica and AT&T. Notably, the actors are looking to buy remote VPN access and asking potential insiders to contact them privately via Telegram, they then reward them by paying for the access granted. Pierluigi Paganini.

Ransomware 105

Ransomware Telecommunications Technology VPN 105

Security Affairs

APRIL 23, 2022

Telecommunication giant T-Mobile confirmed the LAPSUS$ extortion group gained access to its networks in March. In most cases, this involved social engineering employees at the targeted firm into adding one of their computers or mobiles to the list of devices allowed to authenticate with the company’s virtual private network (VPN).”

Mobile 96

Mobile VPN Social Engineering Telecommunications 96

Security Affairs

JULY 13, 2021

AS27725) including Cubacel, the cellular network operated by Cuba’s sole telecommunications company.” VPN services have yet to be blocked in the country, allowing citizens to bypass internet censorship. SecurityAffairs – hacking, Cuba). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Media 93

Media Government Internet Internet 93

Security Affairs

DECEMBER 6, 2021

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers. SecurityAffairs – hacking, NOBELIUM). The Nobelium cyberspies is using a new custom downloader tracked by the researchers as CEELOADER.

Malware 103

Malware VPN Telecommunications Accountability 103

Security Affairs

MARCH 22, 2022

The Lapsus$ extortion group claims to have hacked Microsoft ‘s internal Azure DevOps server and leaked the source code for some projects. Their scope of interests includes – major telecommunications companies such as Claro, Telefonica and AT&T. SecurityAffairs – hacking, Microsoft). Pierluigi Paganini.

Cybercrime 91

Cybercrime Telecommunications VPN Hacking 91

Security Affairs

APRIL 19, 2024

In December 2023, Microsoft first noticed that to conceal malicious traffic, the threat actor routes it through compromised small office and home office (SOHO) network devices, including routers, firewalls, and VPN hardware. The group also relies on customized versions of open-source tools for C2 communications and to stay under the radar.

Energy and Utilities 96

Energy and Utilities Telecommunications Technology Government 96

Security Affairs

JUNE 8, 2022

China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers.

Telecommunications 96

Telecommunications Authentication Passwords Accountability 96

Security Affairs

JANUARY 14, 2022

The gang was also providing VPN-like services used by other cybercriminal organizations to carry out malicious activities used to deliver malware to the target organization. SecurityAffairs – hacking, IKEA). Source SSU. ” continues the press release. ” continues the press release. Pierluigi Paganini.

Ransomware 111

Ransomware DDOS Telecommunications Malware 111

Security Affairs

DECEMBER 12, 2019

The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. SecurityAffairs – GALLIUM, hacking). Pierluigi Paganini.

Telecommunications 67

Telecommunications DNS Malware Advertising 67

Security Affairs

FEBRUARY 2, 2020

Russia’s telecommunications watchdog Roskomnadzor has instituted administrative proceedings against Facebook and Twitter after they refused to store data of Russian users on servers located in the country. This week the Russian government has blocked the ProtonMail end-to-end encrypted email service and ProtonVPN VPN service.

Telecommunications 46

Telecommunications VPN Advertising Government 46

SecureList

DECEMBER 12, 2023

Every year is abundant with major data leaks, biggest data breaches and hacks drawing massive media attention (such as Medibank and Optus data breach, Twitter data breach, and Uber and Rockstar compromise in 2022 and in T-Mobile , MailChimp and OpenAI in 2023). But are we really conscious of the true scale of the threat?

Data breaches 87

Data breaches Accountability Telecommunications Malware 87

SecureList

NOVEMBER 14, 2022

From a different angle, reporting from The Intercept revealed mobile surveillance capabilities available to Iran for the purposes of domestic investigations that leverage direct access to (and cooperation of) local telecommunication companies. One glaring example is Iran, which faced a series of spectacular hacks and sabotages.

Firmware 111

Firmware Surveillance Mobile Telecommunications 111

SecureWorld News

SEPTEMBER 30, 2022

Check Point has also observed the sharing of open VPN servers for the purpose of bypassing censorship, as Iran has limited the use of internet and social media. Check Point Research reports that key activities include leaking and selling government officials' phone numbers and emails, as well as maps of "sensitive locations.".

Government 89

Government Telecommunications Encryption Internet 89

Security Affairs

NOVEMBER 25, 2020

Group-IB’s report Hi-Tech Crime Trends 2020/2021 examines various aspects of cybercrime industry operations and predicts changes to the threat landscape for various sectors, namely the financial industry, telecommunications, retail, manufacturing, and the energy sector. SecurityAffairs – hacking, crime trends). Pierluigi Paganini.

Banking 129

Banking Ransomware Phishing Marketing 129

SecureList

DECEMBER 14, 2022

According to the same article, another such attack took place in the late 1990s when the American military attacked a Serbian telecommunications network. Following these activities, the international hacking collective known as “Anonymous” declared cyber war against Killnet on May 23. Hack and leak. Key insights.

DDOS 136

DDOS Ransomware Government Energy and Utilities 136

SecureList

APRIL 27, 2021

It was first publicly documented in 2014, in the aftermath of the Gamma Group hacking incident. The attackers used vulnerabilities in an SSL-VPN product to deploy a multi-layered loader we dubbed Ecipekac (aka DESLoader, SigLoader and HEAVYHAND). This server was disabled a day after our discovery last December.

Malware 142

Malware Spyware Government Social Engineering 142

SecureList

MAY 12, 2021

Hackers who are on the lookout for publicly disclosed vulnerabilities (1-days) in internet facing software, such as VPN appliances or email gateways. There is, of course, a documented porosity between the ransomware ecosystem and other cybercrime domains such as carding or point-of-sale (PoS) hacking. Access sellers.

Ransomware 129

Ransomware Encryption Malware Cybercrime 129