Information Security, Internet and Mobile

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. The bad news is that this isn’t the first incident suffered by T-Mobile.

Mobile

Mobile Telecommunications Data breaches Hacking

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Security Affairs

JUNE 15, 2020

Security vulnerabilities in modern communication protocol GTP used by mobile network operators can be exploited by attackers to target 4G/5G users. “The GTP protocol contains a number of vulnerabilities threatening both mobile operators and their clients. ” reads the report published by the experts.

Mobile

Mobile Internet Internet Advertising

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. that provides voice, video, data, and Internet telecommunications to consumers in France. million mobile and fixed subscribers. million mobile and fixed subscribers. Free S.A.S.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

SK Telecom revealed that malware breach began in 2022

Security Affairs

MAY 20, 2025

South Korean mobile network operator SK Telecom revealed that the security breach disclosed in April began in 2022. SK Telecom is South Koreas largest wireless telecom company, a major player in the countrys mobile and tech landscape. ” states the Personal Information Protection Committee.

Malware

Malware Mobile Data breaches Wireless

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet service providers in recent months as part of a cyber espionage campaign code-named Salt Typhoon. The Consumer Financial Protection Bureau (CFPB) is a U.S. Wall Street Journal reported.

Hacking

Hacking Internet Internet Government

Internet disruption in Russia coincided with the introduction of restrictions

Security Affairs

MARCH 12, 2021

Experts at the NetBlocks Internet Observatory observed this week a temporary disruption of internet service in Russia due to new restrictions. On Wednesday 10 March 2021, researchers from Network data from the NetBlocks Internet Observatory observed the disruption of internet service provided by the Russian operator Rostelecom.

Internet

Internet Internet Mobile Hacking

China-linked APT UNC5221 started exploiting Ivanti EPMM flaws shortly after their disclosure

Security Affairs

MAY 26, 2025

CVE-2025-4428 (CVSS score: 7.2) A remote code execution vulnerabilityin Endpoint Manager Mobile allowing attackers to execute arbitrary code on the target system. Ivantii has released updates for Endpoint Manager Mobile (EPMM) which addresses one medium and one high severity vulnerability.

Mobile

Mobile Telecommunications Authentication Internet

South African telecom provider Cell C disclosed a data breach following a cyberattack

Security Affairs

APRIL 13, 2025

Cell C is the fourth-largest mobile network operator in South Africa, , after Vodacom, MTN, and Telkom. The company founded in 2001 offers prepaid and postpaid mobile plans, data bundles and internet services, fiber broadband, roaming and international calling, SIM-only plans and device deals.

Data breaches

Data breaches Unstructured Data Identity Theft Healthcare

T-Mobile suffered a major outage in the US allegedly caused by a massive DDoS attack

Security Affairs

JUNE 16, 2020

Wireless carrier T-Mobile suffered a major outage in the United States, that impacted service at other carriers, due to a “massive” DDoS attack. Wireless carrier T-Mobile suffered a massive DDoS attack that caused a major outage in the United States that impacted service at other carriers due to a “massive” DDoS attack.

DDOS

DDOS Mobile Wireless Advertising

Kyivstar, Ukraine’s largest mobile carrier brought down by a cyber attack

Security Affairs

DECEMBER 12, 2023

The Ukrainian telecommunications company provides communication services and data transmission based on a broad range of fixed and mobile technologies, including 4G (LTE) in Ukraine. The Kyivstar mobile network serves about 26 million mobile customers and more than 1 million broadband fixed internet customers in the country.

Cyber Attacks

Cyber Attacks Mobile Internet Internet

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

These include scrutinizing network device configurations, implementing advanced monitoring solutions, and restricting internet exposure of management traffic. Enhancing secure logging, isolating device management, and enforcing strict access control lists (ACLs) are key strategies. This is not the case at T-Mobile.”

Telecommunications

Telecommunications Government Mobile Cyber threats

Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure

Security Affairs

MARCH 28, 2022

Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure. On March 29, 2022, a massive cyber attack caused a major internet disruption across Ukraine on national provider Ukrtelecom. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Internet

Internet Internet Mobile Cyber Attacks

Malware found pre-installed in cheap push-button mobile phones sold in Russia

Security Affairs

SEPTEMBER 6, 2021

Security researcher ValdikSS found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores. A Russian security researcher that goes online with the name of ValdikSS has found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores.

Mobile

Mobile Malware Firmware Manufacturing

Californian IT company DNA Micro leaks private mobile phone data

Security Affairs

OCTOBER 18, 2023

Once the instance is exposed to the internet – without being secured by authentication – it’s accessible to anyone. IMEI is a unique number assigned to each mobile device and is used to identify a device on a mobile network. If that happens, it can cause disruptions to the mobile service of the device.

Mobile

Mobile Phishing Manufacturing Risk

Recently a large chunk of European mobile traffic was rerouted through China Telecom

Security Affairs

JUNE 8, 2019

On June 6, for more than two hours China Telecom re-routed through its infrastructure a large chunk of European mobile traffic. In November security researchers Chris C. Demchak and Yuval Shavitt published a paper that detailed how China Telecom has been misdirecting Internet traffic through China over the past years.

Mobile

Mobile Internet Internet Advertising

March Madness Meets Cyber Mayhem: How Cybercriminals Are Playing Offense this Season

SecureWorld News

MARCH 20, 2025

Mobile madness: the sneaky side of cyber scams With fans constantly checking scores, streaming games, and logging into betting apps, mobile devices are a major attack surface. Fake betting apps, fraudulent login pages, and malicious streaming links can easily bypass traditional security layers.

Scams

Scams Social Engineering Mobile Phishing

Local Networks Go Global When Domain Names Collide

Krebs on Security

AUGUST 23, 2024

At issue is a well-known security and privacy threat called “ namespace collision ,” a situation where domain names intended to be used exclusively on an internal company network end up overlapping with domains that can resolve normally on the open Internet. SSL/TLS certs). and schema.ad. Image: Defcon.org.

DNS

DNS Internet Internet Authentication

Hijacking nearby Firefox mobile browsers via WiFi by exploiting a bug

Security Affairs

SEPTEMBER 19, 2020

The SSDP protocol is based on the Internet protocol suite for advertisement and discovery of network services and presence information. The flaw was discovered the security researcher by Chris Moberly from GitLab. . The vulnerability resides in the implementation of Simple Service Discovery Protocol in Firefox.

Mobile

Mobile Advertising Engineering Hacking

At least 4,460 vulnerable Pulse Connect Secure hosts are exposed to the Internet

Security Affairs

DECEMBER 10, 2022

Censys researchers warn of more than 4,000 vulnerable Pulse Connect Secure hosts exposed to the Internet. Pulse Connect Secure is a widely-deployed SSL VPN solution for remote and mobile users, for this reason, it is a target of attacks by multiple threat actors. ” reads the post published by Censys.

Internet

Internet Internet VPN Mobile

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Security Affairs

SEPTEMBER 26, 2024

internet service providers (ISPs) as part of a cyber espionage campaign code-named Salt Typhoon. internet service providers in recent months as part of a cyber espionage campaign code-named Salt Typhoon. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.”

Internet

Internet Internet DNS Telecommunications

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Security Affairs

JUNE 24, 2022

Researchers from Google’s Threat Analysis Group (TAG) revealed that the Italian surveillance firm RCS Labs was helped by some Internet service providers (ISPs) in Italy and Kazakhstan to infect Android and iOS users with their spyware. ” reads the report published by Google. Follow me on Twitter: @securityaffairs and Facebook.

Surveillance

Surveillance Mobile Spyware Telecommunications

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service.

Malware

Malware VPN Internet Internet

Ukrainian Cyber Alliance destroyed the connectivity of Russian ISP Nodex

Security Affairs

JANUARY 9, 2025

Internet monitoring service NetBlocks confirmed a disruption in Nodexs connectivity following the attack on Tuesday night. Internet should work for many. First, we will raise the telephony and call center.” ” reads a message published by the Russian ISP on VKontakte. ” reads an update published by the company.

Backups

Backups Internet Internet Hacking

This service allows checking if your mobile is included in the Facebook leak

Security Affairs

APRIL 6, 2021

Security researcher implemented a service to verify if your mobile number is included in the recent Facebook data leak. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. ” Alosefer explained. ” added the expert. ” added the expert. Pierluigi Paganini.

Mobile

Mobile Data breaches Accountability Phishing

Fake Coronavirus Finder spread Ginp Mobile Banker

Security Affairs

MARCH 25, 2020

Security experts have spotted a new COVID-themed campaign aimed at distributing the Ginp Mobile Banker with “Coronavirus Finder” lure. Use a reliable security solution. For example, Kaspersky Internet Security for Android is quite aware of Ginp and detects it as Tojan-Banker.AndroidOS.Ginp.

Mobile

Mobile Banking Malware Passwords

The AI Attack Surface Map v1.0

Daniel Miessler

MAY 15, 2023

We’re about to make the same mistakes that we made when we went from offline to internet. And then internet to mobile. And then mobile to cloud. If you thought no-code was going to be bad for security, imagine no-code powered by AI! But yay for security. And now AI. And not just writing and art.

Technology

Technology Internet Internet Mobile

GUEST ESSAY: How I started a company to supply democratized pentests to immunize websites

The Last Watchdog

JANUARY 16, 2023

Unlike physical assets, web applications have an increased level of exposure to potential attackers simply because anyone with a viable internet connection can access your website, study it and exploit existing vulnerabilities. By now, the importance of penetration testing is known to most companies.

Penetration Testing

Penetration Testing Mobile Marketing Technology

GUEST ESSAY: A primer on content management systems (CMS) — and how to secure them

The Last Watchdog

MAY 19, 2022

Security is also necessary if your retrieval system (such as a website or mobile app) has a paywall or is restricted to only a subset of people, such as customers or resellers. What about public information? percent of CMS users worry about the security of their CMS—while 46.4

Data breaches

Data breaches Encryption Mobile Technology

New Leak Shows Business Side of China’s APT Menace

Krebs on Security

FEBRUARY 22, 2024

Security experts who reviewed the leaked data say they believe the information is legitimate, and that i-SOON works closely with China’s Ministry of State Security and the military. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government

Government Hacking Cyber threats Mobile

NASA identified 1,785 cyber incidents in 2020

Security Affairs

MAY 27, 2021

The audit conducted by NASA’s inspector general revealed that the agency has more than 4,400 applications, over 15,000 mobile devices, roughly 13,000 software licenses, nearly 50,000 computers, and a 39,000 Tb of data. NASA lacked an Agency-wide risk management framework for information security and an information security architecture.

Information Security

Information Security Cyber Attacks Mobile Architecture

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Orange Belgium is using Huawei equipment since 2007 for its mobile network in Belgium and Luxembourg, while the collaboration between Proximus and the Shenzhen-based company started in 2009 for the progressive upgrading of its network. Proximus and Orange’s Belgian branch signed an agreement in 2019 to share their mobile network.

Mobile

Mobile Manufacturing Internet Internet

10 Behaviors That Will Reduce Your Risk Online

Daniel Miessler

MAY 14, 2020

I wrote an article recently on how to secure your home network in three different tiers of protection. In that piece I wanted to link to some safe internet practices—which some used to call Safe Hex—but I couldn’t find anything newer than nine years old. don’t install software from random places on the internet.

Risk

Risk Passwords Password Management Accountability

Two students uncovered a flaw that allows to use laundry machines for free

Security Affairs

MAY 20, 2024

Two students discovered a security flaw in over a million internet-connected laundry machines that could allow laundry for free. They manage and operate many internet-connected laundry machines and systems, offering services such as coin and card-operated laundry machines, mobile payment solutions, and maintenance support.

Mobile

Mobile Internet Internet Accountability

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

The Last Watchdog

MAY 15, 2023

Funso Richard , Information Security Officer at Ensemble , highlighted the gravity of these threats. More recently, Sultan Qasim Khan, a principal security adviser with a UK-based security firm, tricked a Tesla into thinking the driver was inside by rerouting communication between the automaker’s mobile app and the car.

Malware

Malware Manufacturing IoT Software

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

Consider that most of us spend more time navigating the Internet on our laptops and smartphones than we do behind the wheel of a car. But the larger point is that Xbash is just one of dozens of malware families circulating far and wide across the Internet. Credential stuffing campaigns have become part of the fabric of the Internet.

Passwords

Passwords Password Management Internet Internet

Analysis of the 2021 Verizon Data Breach Report (DBIR)

Daniel Miessler

MAY 19, 2021

Top asseet varieties: web application (server), email (server), desktop or laptop (user dev), mobile phone (user dev). Interesting to see mobile phone in there. Even the median random organization with an internet presence has 17 internet-facing assets. It’s number 4, and behind desktop/laptop, but not by much.

Data breaches

Data breaches Social Engineering Ransomware Phishing

Vulnerabilities in Weapons Systems

Schneier on Security

JUNE 8, 2021

Transportation Command in 2017, after learning that their computerized logistical systems were mostly unclassified and on the internet. .” That was Bruce’s response at a conference hosted by U.S. That may be necessary to keep in touch with civilian companies like FedEx in peacetime or when fighting terrorists or insurgents.

Software

Software Cybersecurity Backups Manufacturing

Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

Security Affairs

JULY 13, 2020

The leaked traveler’s records include Passenger ID, Full Name, Mobile Number, Passport Details, Address, Gender, and Flight Details. The researchers acquired the data and analyzed it, then indexed the information on the company data breach monitoring and notification platform AmiBreached.com.

Mobile

Mobile InfoSec Data breaches Advertising

Hackers abusing the Ngrok platform phishing attacks

Security Affairs

FEBRUARY 16, 2021

Researchers at the threat intelligence firm Cyble discovered a new wave of phishing attacks targeting multiple organizations that are abusing the ngrok platform, a secure and introspectable tunnel to the localhost. Users of ngrok and other tunnelling services are advised to obtain authorization from their information security teams.

Phishing

Phishing Cybercrime Mobile Internet

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Joseph Steinberg

JULY 13, 2022

the firm’s Head of Security Engineering and Architecture, is quoted as saying that Apple “makes the most secure mobile devices on the market.”. Also concerning is the fact that in Apple’s Lockdown announcement, Ivan Krsti?, Is that really true?

Cybersecurity

Cybersecurity Artificial Intelligence Government Social Engineering

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Security Affairs

JANUARY 5, 2024

The Ukrainian telecommunications company provides communication services and data transmission based on a broad range of fixed and mobile technologies, including 4G (LTE) in Ukraine. The Kyivstar mobile network serves about 26 million mobile customers and more than 1 million broadband fixed internet customers in the country.

Mobile

Mobile Telecommunications Cyber Attacks Internet

MI5 seized Boris Johnson’s phone over security risk fears

Security Affairs

JUNE 21, 2021

The British Security Service, also known as MI5, has seized the mobile devices used by PM Boris Johnson over concerns that were raised after the discovery of the availability of its number online for the last 15 years. ” The case raises the importance of a good cyber security posture for politicians and government officials.

Risk

Risk Mobile Spyware Hacking

Unraveling the truth behind the DDoS attack from electric toothbrushes

Security Affairs

FEBRUARY 8, 2024

how are they connected to the Internet (hint: they aren't, they are… [link] — Robᵉʳᵗ Graham ? ErrataRob) February 7, 2024 Several experts explained that electric toothbrushes have no direct connections to the internet, they relies on Bluetooth to connect to mobile apps. what was the brand of toothbrushes?

DDOS

DDOS IoT Media Internet

Ukraine’s cyber operation shut down the ATM services of major Russian banks

Security Affairs

JULY 27, 2024

The attack included freezing bank payment systems and mobile applications, causing outages in personal offices, and preventing payments for public transport. “An The list of hacked Russian banks includes Dom.RF, VTB Bank, Alfa-Bank, Sberbank , Raiffeisen Bank, RSHB Bank, Rosbank, Gazprombank, Tinkoff Bank and iBank.

Banking

Banking Mobile Hacking Internet

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Trending Sources

France’s second-largest telecoms provider Free suffered a cyber attack

SK Telecom revealed that malware breach began in 2022

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Internet disruption in Russia coincided with the introduction of restrictions

China-linked APT UNC5221 started exploiting Ivanti EPMM flaws shortly after their disclosure

South African telecom provider Cell C disclosed a data breach following a cyberattack

T-Mobile suffered a major outage in the US allegedly caused by a massive DDoS attack

Kyivstar, Ukraine’s largest mobile carrier brought down by a cyber attack

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure

Malware found pre-installed in cheap push-button mobile phones sold in Russia

Californian IT company DNA Micro leaks private mobile phone data

Recently a large chunk of European mobile traffic was rerouted through China Telecom

March Madness Meets Cyber Mayhem: How Cybercriminals Are Playing Offense this Season

Local Networks Go Global When Domain Names Collide

Hijacking nearby Firefox mobile browsers via WiFi by exploiting a bug

At least 4,460 vulnerable Pulse Connect Secure hosts are exposed to the Internet

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Who and What is Behind the Malware Proxy Service SocksEscort?

Ukrainian Cyber Alliance destroyed the connectivity of Russian ISP Nodex

This service allows checking if your mobile is included in the Facebook leak

Fake Coronavirus Finder spread Ginp Mobile Banker

The AI Attack Surface Map v1.0

GUEST ESSAY: How I started a company to supply democratized pentests to immunize websites

GUEST ESSAY: A primer on content management systems (CMS) — and how to secure them

New Leak Shows Business Side of China’s APT Menace

NASA identified 1,785 cyber incidents in 2020

Belgium telecom operators Proximus and Orange drop Huawei

10 Behaviors That Will Reduce Your Risk Online

Two students uncovered a flaw that allows to use laundry machines for free

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

Analysis of the 2021 Verizon Data Breach Report (DBIR)

Vulnerabilities in Weapons Systems

Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

Hackers abusing the Ngrok platform phishing attacks

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

MI5 seized Boris Johnson’s phone over security risk fears

Unraveling the truth behind the DDoS attack from electric toothbrushes

Ukraine’s cyber operation shut down the ATM services of major Russian banks

Stay Connected