Security Affairs

OCTOBER 31, 2019

China-linked APT41 group is targeting telecommunications companies with a new piece of malware used to spy on text messages of highly targeted individuals. The experts found the MessageTap backdoor installed on a Linux-based Short Message Service Center (SMSC) server belonging to an unnamed telecommunications company.

Telecommunications 55

Telecommunications Malware Mobile Advertising 55

Security Affairs

AUGUST 25, 2022

Russia-linked APT group Nobelium is behind a new sophisticated post-exploitation malware tracked by Microsoft as MagicWeb. Microsoft security researchers discovered a post-compromise malware, tracked as MagicWeb, which is used by the Russia-linked NOBELIUM APT group to maintain persistent access to compromised environments.

Malware 124

Malware Authentication Telecommunications Government 124

Security Affairs

SEPTEMBER 19, 2023

China-linked threat actor Earth Lusca used a new Linux malware dubbed SprySOCKS in a recent cyber espionage campaign. The experts noticed that the threat actors have rewritten many functions of the malware to run on Linux systems. Additional analysis led to the discovery of a previously unknown Linux backdoor tracked as SprySOCKS.

Malware 109

Malware Encryption Telecommunications Authentication 109

Security Affairs

APRIL 26, 2023

The Chinese APT is known to be focused on telecommunications companies operating across Asia, Europe and Africa. This circumstance suggests that the threat actor is reusing existing source code to create new malware. ” reads the analysis published by Unit 42. org over port 8443 for C2. While investigating the yrhsywu2009.zapto[.]org

Malware 97

Malware Telecommunications Government VPN 97

Security Affairs

MAY 3, 2022

A China-linked APT group, tracked as Moshen Dragon, has been observed targeting the telecommunication sector in Central Asia with ShadowPad and PlugX malware, SentinelOne warns. Both PlugX and ShadowPad malware are very common among China-linked cyberespionage groups. ” concludes the report.”Once Pierluigi Paganini.

Software 113

Software Malware Telecommunications Antivirus 113

Security Affairs

JUNE 3, 2022

An “extremely sophisticated” China-linked APT tracked as LuoYu was delivering malware called WinDealer via man-on-the-side attacks. The activity of the group was first documented by TeamT5 researchers that also reported the use of three malware families: SpyDealer, Demsty and WinDealer. To nominate, please visit:?.

Malware 138

Malware Telecommunications Internet Internet 138

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. exe, and rundll32.exe.

Government 52

Government Malware Telecommunications Cybercrime 52

Security Affairs

OCTOBER 20, 2021

A China-linked hacking group, tracked as LightBasin (aka UNC1945 ), hacked mobile telephone networks around the globe and used specialized tools to access calling records and text messages from telecommunications companies. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019.

Telecommunications 122

Telecommunications Mobile Hacking Architecture 122

Security Affairs

NOVEMBER 25, 2020

Researchers spotted a new mobile malware dubbed WAPDropper that subscribes users to legitimate premium-rate services. Security researchers from Check Point have spotted a new malware family dubbed WAPDropper that targets mobile phone users to subscribe them to legitimate premium-rate services. ” continues the analysis.

Malware 99

Malware Telecommunications Mobile Marketing 99

Security Affairs

SEPTEMBER 22, 2023

A previously undocumented APT dubbed Sandman targets telecommunication service providers in the Middle East, Western Europe, and South Asia. SentinelLabs clarified that LuaJIT is used by the attackers as an attack vector and is used to install additional malware in the target infrastructure. ” continues the report.

Telecommunications 107

Telecommunications Malware Hacking Risk 107

Security Affairs

MARCH 4, 2024

Security researcher HaxRob discovered a previously undetected Linux backdoor dubbed GTPDOOR, which is specifically crafted to carry out stealth cyber operations within mobile carrier networks. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019.

Telecommunications 135

Telecommunications Firewall Mobile Malware 135

Security Affairs

JUNE 11, 2022

Iran-linked Lyceum APT group uses a new.NET-based DNS backdoor to target organizations in the energy and telecommunication sectors. The Iran-linked Lyceum APT group, aka Hexane or Spilrin, used a new.NET-based DNS backdoor in a campaign aimed at companies in the energy and telecommunication sectors, ZScaler researchers warn.

DNS 144

DNS Telecommunications Malware Phishing 144

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware 112

Malware Hacking Government Telecommunications 112

Security Affairs

OCTOBER 14, 2022

Chinese-speaking threat actor, tracked as WIP19, is targeting telecommunications and IT service providers in the Middle East and Asia. SentinelOne researchers uncovered a new threat cluster, tracked as WIP19, which has been targeting telecommunications and IT service providers in the Middle East and Asia. ” continues the report.

Telecommunications 133

Telecommunications Malware Hacking Information Security 133

Security Affairs

FEBRUARY 23, 2024

Australian telecommunications provider Tangerine disclosed a data breach that impacted roughly 230,000 individuals. Tangerine suffered a data breach that exposed the personal information of roughly 230,000 individuals. The telco notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. 

Data breaches 100

Data breaches Telecommunications Banking Mobile 100

Security Affairs

OCTOBER 22, 2023

The group targeted organizations in multiple sectors, including defense, government, electronics, telecommunication, technology, media, telecommunication industries. The researchers observed Flax Typhoon gaining and maintaining long-term access to Taiwanese organizations’ networks with minimal use of malware.

Telecommunications 135

Telecommunications Technology Government Firmware 135

Security Affairs

FEBRUARY 24, 2020

FireEye’s report revealed that the incident response division Mandiant observed more than 500 new malware families in 2019. million malware samples per day in 2019 and identified 1,268 malware families. The most worrisome figure is related to the number of previously unseen malware families which is greater than 500 (41%).

Malware 94

Malware Cyber threats Telecommunications Advertising 94

Security Affairs

OCTOBER 7, 2021

Operation GhostShell: Threat actors used ShellClient malware in cyberespionage campaigns aimed at companies in the aerospace and telecommunications sectors. Hackers use stealthy ShellClient malware on aerospace, telco firms. The analysis of the malware employed in the recent Operation GhostShell (version 4.0.1)

Telecommunications 115

Telecommunications Malware Hacking Information Security 115

Security Affairs

SEPTEMBER 19, 2023

ShroudedSnooper threat actors are targeting telecommunication service providers in the Middle East with a backdoor called HTTPSnoop. Cisco Talos researchers recently discovered a new stealthy implant dubbed HTTPSnoop that was employed in attacks against telecommunications providers in the Middle East. ” continues the report.

Telecommunications 111

Telecommunications Internet Internet Malware 111

Security Affairs

JANUARY 28, 2023

On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware. Security firms warn that the Sandworm APT continues to target Ukraine with multiple means, including custom malware and botnet.

Telecommunications 95

Telecommunications Malware Hacking Technology 95

Security Affairs

SEPTEMBER 27, 2023

The group targeted organizations in multiple sectors, including defense, government, electronics, telecommunication, technology, media, telecommunication industries. According to a joint cybersecurity advisory from the United States National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S.

Firmware 118

Firmware Telecommunications System Administration Malware 118

Security Affairs

APRIL 13, 2022

Microsoft dismantled the C2 infrastructure used by the ZLoader trojan with the help of telecommunications providers around the world and cybersecurity firms. ” Zloader is a banking malware that has been active at least since 2016, it borrows some functions from the notorious Zeus 2.0.8.9 To nominate, please visit:?

Banking 121

Banking Malware Telecommunications Antivirus 121

Security Affairs

MARCH 18, 2022

CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by the group since 2019. The group hacked mobile telephone networks around the globe and used specialized tools to access calling records and text messages from telecommunications companies. ” concludes the report.

Banking 134

Banking Telecommunications System Administration Hacking 134

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. and Tykelab Srl, the latter is a telecommunications solutions company suspected to be operating as a front company. ” reads the analysis published by Lookout.

Spyware 84

Spyware Surveillance Telecommunications Mobile 84

Security Affairs

OCTOBER 8, 2023

Belgian intelligence service VSSE accused Alibaba of ‘possible espionage’ at European hub in Liege A WhatsApp zero-day exploit can cost several million dollars CISA adds JetBrains TeamCity and Windows flaws to its Known Exploited Vulnerabilities catalog NATO is investigating a new cyber attack claimed by the SiegedSec group Global CRM Provider Exposed (..)

Data breaches 109

Data breaches Cybercrime Ransomware Hacking 109

Security Affairs

NOVEMBER 16, 2022

The backdoor unpacking process is composed of several stages, the second-stage malicious code is stored inside the malware PE file. Modifications in the way the malware is packed show that Lazarus still sees DTrack as an important asset. “The DTrack backdoor continues to be used actively by the Lazarus group.

Telecommunications 130

Telecommunications Manufacturing Malware Education 130

Security Affairs

MAY 16, 2020

Antivirus firms have uncovered and foiled an advanced cyber espionage campaign aimed at a governmental institution and two companies in the telecommunications and gas sector. The security firm ESET and Avast first detected the attacks since September and January respectively. SecurityAffairs – Microcin malware, hacking).

Telecommunications 118

Telecommunications Malware Advertising Antivirus 118

Security Affairs

NOVEMBER 28, 2022

While the malware written in.NET is new, its deployment is similar to previous attacks attributed to #Sandworm. In April, Sandworm targeted energy facilities in Ukraine with a new strain of the Industroyer ICS malware (INDUSTROYER2) and a new version of the CaddyWiper wiper.

Ransomware 126

Ransomware Encryption Telecommunications Malware 126

Security Affairs

JUNE 19, 2021

“RedFoxtrot has primarily targeted aerospace and defense, government, telecommunications, mining, and research organizations in Afghanistan, India, Kazakhstan, Kyrgyzstan, Pakistan, Tajikistan, and Uzbekistan. Experts noticed that RedFoxtrot activity overlaps with groups tracked by other security firms as Temp.Trident and Nomad Panda.

Telecommunications 124

Telecommunications Government Hacking Malware 124

Security Affairs

JULY 3, 2022

The role of Social Media in modern society – Social Media Day 22 interview Experts shared PoC exploit code for RCE in Zoho ManageEngine ADAudit Plus tool A ransomware attack forced publishing giant Macmillan to shuts down its systems SessionManager Backdoor employed in attacks on Microsoft IIS servers worldwide A long-running cryptomining campaign (..)

Telecommunications 90

Telecommunications Media DDOS Malware 90

Security Affairs

MARCH 19, 2020

A new variant of the TrickBot malware is targeting telecommunications organizations in the United States and Hong Kong. Security experts from Bitdefender recently discovered a new TrickBot variant that is targeting telecommunications organizations in the United States and Hong Kong. SecurityAffairs – malware, Trickbot).

Telecommunications 117

Telecommunications Malware Advertising Financial Services 117

Security Affairs

MAY 24, 2022

Trend Micro addressed a DLL hijacking issue in Trend Micro Security actively exploited by a China-linked threat group to deploy malware. Trend Micro addressed a DLL hijacking flaw in Trend Micro Security that a China-linked threat actor actively exploited to deploy malware.

Malware 100

Malware Telecommunications Internet Internet 100

Security Affairs

MARCH 28, 2023

Telecommunications giant Lumen Technologies discovered two cybersecurity incidents, including a ransomware attack. In a filing to the Securities and Exchange Commission, on March 27, 2023, Lumen announced two cybersecurity incidents. ” continues the form.

Ransomware 94

Ransomware Telecommunications Technology Cybersecurity 94

Security Affairs

NOVEMBER 28, 2019

The Spanish multinational security company Prosegur announced that it was of a ransomware attack that disrupted its telecommunication platform. The network of the Prosegur firm was infected with a piece of the Ryuk ransomware , the company temporary limited communications with its customers to avoid the malware spreading.

Ransomware 121

Ransomware Cybersecurity Telecommunications Advertising 121

Security Affairs

OCTOBER 18, 2020

Since August, FIN11 started targeting organizations in many industries, including defense, energy, finance, healthcare, legal, pharmaceutical, telecommunications, technology, and transportation. Researchers from FireEye’s Mandiant observed FIN11 hackers using spear-phishing messages distributing a malware downloader dubbed FRIENDSPEAK.

Ransomware 133

Ransomware Malware Telecommunications Advertising 133

Security Affairs

OCTOBER 19, 2021

Symantec spotted a previously unknown nation-state actor, tracked as Harvester, that is targeting telecommunication providers and IT firms in South Asia. “The Harvester group uses both custom malware and publicly available tools in its attacks, which began in June 2021, with the most recent activity seen in October 2021.

Telecommunications 102

Telecommunications Government Malware Encryption 102

Security Affairs

DECEMBER 30, 2020

T-Mobile discovered that the attackers had access to the CPNI (Customer Proprietary Network Information). Customer proprietary network information (CPNI) is the data collected by telecommunications companies about a consumer’s telephone calls. The telecommunication giant is in the process of notifying impacted customers.

Data breaches 138

Data breaches Mobile Telecommunications Wireless 138