Information Security, Passwords and Telecommunications

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. is a French telecommunications company, subsidiary of Iliad S.A. that provides voice, video, data, and Internet telecommunications to consumers in France. Free S.A.S.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

Ukrainian telecommunications operators hit by DarkCrystal RAT malware

Security Affairs

JUNE 27, 2022

The Ukrainian CERT-UA warns of attacks against Ukrainian telecommunications operators involving the DarkCrystal RAT. The Governmental Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a malware campaign targeting Ukrainian telecommunications operators with the DarkCrystal RAT. Pierluigi Paganini.

Telecommunications

Telecommunications Malware Media Passwords

European Telecommunications Standards Institute (ETSI) suffered a data breach

Security Affairs

OCTOBER 2, 2023

The European Telecommunications Standards Institute (ETSI) disclosed a data breach, threat actors had access to a database of its users. Threat actors stole a database containing the list of users of the portal of the European Telecommunications Standards Institute ( ETSI ).

Telecommunications

Telecommunications Data breaches Technology Passwords

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. The Russia-linked APT group Sandworm (UAC-0165) has compromised eleven telecommunication service providers in Ukraine between May and September 2023, reported the Ukraine’s Computer Emergency Response Team (CERT-UA).

Telecommunications

Telecommunications Authentication Data collection Passwords

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

The government agencies released a guide that advises telecom and critical infrastructure defenders on best practices to strengthen network security against PRC-linked and other cyber threats. Strong segmentation with firewalls and DMZs, securing VPN gateways, and ensuring encrypted traffic with TLS v1.3 ” continues the advisory.

Telecommunications

Telecommunications Government Mobile Cyber threats

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

FEBRUARY 25, 2025

” reads the security breach notification published by GosSOPKA. “The NKTsKI recommends that all organizations change passwords and keys for accessing their systems operated in LANIT data processing centers as soon as possible.

Telecommunications

Telecommunications Software Technology Healthcare

African multinational telco giant MTN Group disclosed a data breach

Security Affairs

APRIL 26, 2025

African multinational telecommunications company MTN Group disclosed a data breach that exposed subscribers’ personal information. MTN Group Limited is a South African multinational telecommunications company headquartered in Johannesburg. At this time, no ransomware groups have claimed responsibility for an attack.

Data breaches

Data breaches Telecommunications Financial Services Mobile

NCSC: New UK law bans default passwords on smart devices

Security Affairs

APRIL 30, 2024

The UK National Cyber Security Centre (NCSC) orders smart device manufacturers to ban default passwords starting from April 29, 2024. National Cyber Security Centre (NCSC) is urging manufacturers of smart devices to comply with new legislation that bans default passwords. ” reads the announcement published by NCSC.

Passwords

Passwords Manufacturing Telecommunications Cyber Attacks

Exposed eyes: 40,000 security cameras vulnerable to remote hacking

Security Affairs

JUNE 12, 2025

Analysis by organizational sector showed the Telecommunications sector (79%) dominated due to widespread consumer use. Excluding telecommunications, the technology sector has the most exposed cameras (28.4%), followed by media (19.6%), utilities (11.9%), business services (10.7%), and education (10.6%).

Hacking

Hacking Telecommunications Internet Internet

Why CISA is Warning CISOs About a Breach at Sisense

Krebs on Security

APRIL 11, 2024

New York City based Sisense has more than 1,000 customers across a range of industry verticals, including financial services, telecommunications, healthcare and higher education. ” “We are taking this matter seriously and promptly commenced an investigation,” Dash continued.

CISO

CISO Encryption Telecommunications Financial Services

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Storm-2372s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East.”

Phishing

Phishing Authentication Telecommunications Accountability

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

The malspam messages had the topic Free primary legal aid use a password-protected attachment Algorithm of actions of members of the family of a missing serviceman LegalAid.rar.

Computers and Electronics

Computers and Electronics Telecommunications Malware Surveillance

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Security Affairs

MAY 1, 2025

The financially-motivated group targeted organizations in the media, tourism, finance, insurance, manufacturing, energy, telecommunications, biotechnology and retail sectors. The messages contained password-protected archives named similarly to Documents from 04/29/2025.rar.

Malware

Malware Phishing Telecommunications Antivirus

China-linked LightBasin group accessed calling records from telcos worldwide

Security Affairs

OCTOBER 20, 2021

A China-linked hacking group, tracked as LightBasin (aka UNC1945 ), hacked mobile telephone networks around the globe and used specialized tools to access calling records and text messages from telecommunications companies. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019.

Telecommunications

Telecommunications Mobile Hacking Architecture

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

FEBRUARY 13, 2025

On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware. Attackers inserted rogue JavaScript to capture usernames and passwords in real-time, enhancing lateral movement within networks. ” concludes the report.

Telecommunications

Telecommunications DNS Hacking Passwords

Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)

Security Affairs

MARCH 27, 2025

Arkana Security, a new ransomware group, claims to have breached the telecommunications provider WideOpenWest (WOW!). The new ransomware group Arkana Security claims to have hacked US telecom provider WOW!, is a US-based telecommunications company that provides broadband internet, cable TV, and phone services.

Hacking

Hacking Telecommunications Data breaches Internet

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

The Russian government, military, and intelligence service may wish to achieve some operational effect, for example, disrupting the power grid or interfering with telecommunications infrastructure, which may be part of a larger war plan. Therefore, educating your employees about the importance of security to your network is critical.

Cybersecurity

Cybersecurity Cybercrime Education Government

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

Security Affairs

DECEMBER 30, 2020

.” T-Mobile said that threat actors did not access names on the account, physical or email addresses, financial data, credit card information, social security numbers, tax ID, passwords, or PINs. T-Mobile discovered that the attackers had access to the CPNI (Customer Proprietary Network Information).

Data breaches

Data breaches Mobile Telecommunications Accountability

Chinese APT Weaver Ant infiltrated a telco in Asia for over four years

Security Affairs

MARCH 24, 2025

China-linked APT Weaver Ant infiltrated the network of a telecommunications services provider for over four years. First, attackers used specific keywords, such as “password” and “key,” in the payload, which WAFs typically redact in logs, obscuring the malicious content.

Telecommunications

Telecommunications Encryption Accountability Firewall

SFO discloses data breach following the hack of 2 of its websites

Security Affairs

APRIL 11, 2020

“The attackers inserted malicious computer code on these websites to steal some users’ login credentials,” reads a message posted to both site’s by the SFO’s Airport Information Technology and Telecommunications (ITT) director. In response to the incident, the SFO Airport reset all email and network passwords.

Data breaches

Data breaches Hacking Telecommunications Passwords

230K individuals impacted by a data breach suffered by Telco provider Tangerine

Security Affairs

FEBRUARY 23, 2024

Australian telecommunications provider Tangerine disclosed a data breach that impacted roughly 230,000 individuals. Tangerine suffered a data breach that exposed the personal information of roughly 230,000 individuals. The telco notified the Australian Cyber Security Centre and the Office of the Australian Information Commissioner. 

Data breaches

Data breaches Telecommunications Banking Mobile

T-Mobile customers were hit with SIM swapping attacks

Security Affairs

FEBRUARY 27, 2021

The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks.

Mobile

Mobile Data breaches Telecommunications Identity Theft

Hackers accessed Mint Mobile subscribers’ data and ported some numbers

Security Affairs

JULY 10, 2021

Mint Mobile discloses a data breach, an unauthorized attacker gained access to subscribers’ account information and ported phone numbers. Mint Mobile is an American telecommunications company which sells mobile phone services and operates as an MVNO on T-Mobile’s cellular network in the United States.

Mobile

Mobile Data breaches Telecommunications Passwords

Operation Soft Cell – Multiple telco firms hacked by nation-state actor

Security Affairs

JUNE 25, 2019

Once compromised the networks of telecommunication companies, attackers can access to mobile phone users’ call data records. “Based on the data available to us, Operation Soft Cell has been active since at least 2012, though some evidence suggests even earlier activity by the threat actor against telecommunications providers.

Telecommunications

Telecommunications Hacking Mobile Advertising

Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations

SecureList

DECEMBER 18, 2024

To implement effective anti-attack measures, it is vital to perform regular testing, updating and integration of security systems. A key factor in securing infrastructure is compliance with password-protection policies for access to the information security systems. In one of the incidents, C.A.S Matches[0].Value

Encryption

Encryption Passwords Accountability Ransomware

Aerial Direct, the O2’s largest UK partner suffered a data breach

Security Affairs

MARCH 16, 2020

Hackers have stolen O2 customers’ data from a database run by Aerial Direct , one of the largest UK partners of the telecommunications services provider. “We recently became aware that some of our customers’ personal information stored on one of our databases has been accessed without permission. Pierluigi Paganini.

Data breaches

Data breaches Telecommunications Passwords Advertising

Iran-linked Seedworm APT targets Telecoms organizations across the Middle East and Asia

Security Affairs

DECEMBER 15, 2021

Researchers uncovered a new Seedworm campaign targeting telecommunication and IT service providers in the Middle East and Asia. In the recent campaign against telecommunication, the attackers may have attempted to pivot to other targets by connecting to the Exchange Web Services (EWS) of other organizations.

Telecommunications

Telecommunications Passwords Phishing Hacking

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

Some of the most popular brands don’t enforce a strong password policy, meaning anyone can peer into their owners’ lives. While the default security settings have improved over the review period, some popular brands either offer default passwords or no authentication, meaning anyone can spy on the spies.

Surveillance

Surveillance Manufacturing Internet Internet

T-Mobile discloses data breach affecting prepaid wireless customers

Security Affairs

NOVEMBER 22, 2019

The US branch of the telecommunications giant T -Mobile disclosed a security breach that according to the company impacted a small number of customers of its prepaid service. The cybersecurity team at T-Mobile discovered an unauthorized access to information associated with a limited number of its prepaid wireless account customers.

Wireless

Wireless Data breaches Mobile Telecommunications

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. ” reads the report published by Recorded Future.

Malware

Malware Telecommunications DNS Hacking

21 Million stolen credentials from Fortune 500 companies available on the dark web

Security Affairs

OCTOBER 31, 2019

. “As many as 95% of the credentials contained unencrypted, or bruteforced and cracked by the attackers, plaintext passwords.” ” The following table shows stolen credentials per industry: Most of the login credentials (95%) include plaintext passwords, 76% of them were compromised during the last 12 months.

Passwords

Passwords Telecommunications Advertising Retail

Security Affairs newsletter Round 500 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 1, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Cybercrime Firewall Ransomware Social Engineering

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers.

Telecommunications

Telecommunications Authentication Passwords Accountability

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Security Affairs

JANUARY 7, 2024

The group targets government entities, Kurdish (political) groups like PKK, telecommunication, ISPs, IT-service providers (including security companies), NGO, and Media & Entertainment sectors; Over the years, the group enhanced its evasion capabilities.

Media

Media Accountability Telecommunications Government

Hundreds of network operators’ credentials found circulating in Dark Web

Security Affairs

JANUARY 30, 2024

Based on the collected feedback, cybersecurity experts were able to build the following statistics: 45% were not aware about the identified compromised credentials and acknowledged successful password change and enabled 2FA; 16% were already aware about the identified compromised credentials as a result of infection by malicious code and made necessary (..)

Engineering

Engineering Passwords Telecommunications Accountability

Security Affairs newsletter Round 522 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MAY 4, 2025

Mail, Broadcom Brocade Fabric OS, and Commvault Web Server flaws to its Known Exploited Vulnerabilities catalog The Turmoil Following BreachForums Shutdown: Confusion, Risks, and a New Beginning Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia A large-scale phishing campaign targets WordPress WooCommerce (..)

Cybercrime

Cybercrime Cyber Attacks Malware Phishing

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Security Affairs

SEPTEMBER 26, 2024

Once compromised the networks of telecommunication companies, attackers can access to mobile phone users’ call data records. Based on the data available to us, Operation Soft Cell has been active since at least 2012, though some evidence suggests even earlier activity by the threat actor against telecommunications providers.

Internet

Internet Internet DNS Telecommunications

Emotet campaign hits Lithuania’s National Public Health Center and several state institutions

Security Affairs

DECEMBER 31, 2020

The Emotet campaign uses malicious emails that attempt to trick recipients into opening the zipped archive with the password included in the message. Emails accessed in this way require user action: open the file, unzip it with a password. Emails accessed in this way require user action: open the file, unzip it with a password.

Passwords

Passwords Malware Banking Telecommunications

Russia-linked Energetic Bear APT behind San Francisco airport attacks

Security Affairs

APRIL 15, 2020

“The attackers inserted malicious computer code on these websites to steal some users’ login credentials,” reads a message posted to both site’s by the SFO’s Airport Information Technology and Telecommunications (ITT) director. In response to the incident, the SFO Airport reset all email and network passwords.

Data breaches

Data breaches Passwords Telecommunications Advertising

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Security Affairs

OCTOBER 25, 2021

NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers.

Telecommunications

Telecommunications Technology Hacking Malware

T-Mobile data breach has impacted 48.6 million customers

Security Affairs

AUGUST 18, 2021

million current T-Mobile postpaid customer accounts’ information appears to be contained in the stolen files, as well as just over 40 million records of former or prospective customers who had previously applied for credit with T-Mobile. . “Our preliminary analysis is that approximately 7.8

Data breaches

Data breaches Mobile Telecommunications Accountability

Lyceum APT made the headlines with attacks in Middle East

Security Affairs

AUGUST 27, 2019

The activity of the Lyceum APT group was first documents earlier of August by researchers at ICS security firm Dragos that tracked it as Hexane. Security experts at Dragos Inc. reported that Hexane is targeting organizations in the oil and gas industry and telecommunication providers. Another tool used by the group is kl.

DNS

DNS Penetration Testing Passwords Social Engineering

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

JULY 13, 2019

“ Malware then guesses routers’ passwords , which new research from Avast shows are often weak. The router attacks involved an exploit kit that attempts to find the router IP on a network, then attempts to guess the password using common login credentials. ” reads a blog post published by Avast. concludes Avast.

DNS

DNS Passwords Advertising Banking

AT&T is notifying millions of customers of data breach after a third-party vendor hack

Security Affairs

MARCH 10, 2023

AT&T is warning some of its customers that some of their information was exposed after the hack of a third-party vendor’s system. AT&T is notifying millions of customers that some of their information was exposed after a third-party vendor was hacked. ” Exposed data don’t include financial information (i.e.

Data breaches

Data breaches Hacking Wireless Telecommunications

France’s second-largest telecoms provider Free suffered a cyber attack

Ukrainian telecommunications operators hit by DarkCrystal RAT malware

Trending Sources

European Telecommunications Standards Institute (ETSI) suffered a data breach

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Russia warns financial sector organizations of IT service provider LANIT compromise

African multinational telco giant MTN Group disclosed a data breach

NCSC: New UK law bans default passwords on smart devices

Exposed eyes: 40,000 security cameras vulnerable to remote hacking

Why CISA is Warning CISOs About a Breach at Sisense

Storm-2372 used the device code phishing technique since August 2024

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

China-linked LightBasin group accessed calling records from telcos worldwide

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

Chinese APT Weaver Ant infiltrated a telco in Asia for over four years

SFO discloses data breach following the hack of 2 of its websites

230K individuals impacted by a data breach suffered by Telco provider Tangerine

T-Mobile customers were hit with SIM swapping attacks

Hackers accessed Mint Mobile subscribers’ data and ported some numbers

Operation Soft Cell – Multiple telco firms hacked by nation-state actor

Analysis of Cyber Anarchy Squad attacks targeting Russian and Belarusian organizations

Aerial Direct, the O2’s largest UK partner suffered a data breach

Iran-linked Seedworm APT targets Telecoms organizations across the Middle East and Asia

3.5m IP cameras exposed, with US in the lead

T-Mobile discloses data breach affecting prepaid wireless customers

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

21 Million stolen credentials from Fortune 500 companies available on the dark web

Security Affairs newsletter Round 500 by Pierluigi Paganini – INTERNATIONAL EDITION

China-linked threat actors have breached telcos and network service providers

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Hundreds of network operators’ credentials found circulating in Dark Web

Security Affairs newsletter Round 522 by Pierluigi Paganini – INTERNATIONAL EDITION

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Emotet campaign hits Lithuania’s National Public Health Center and several state institutions

Russia-linked Energetic Bear APT behind San Francisco airport attacks

Russia-linked Nobelium APT targets orgs in the global IT supply chain

T-Mobile data breach has impacted 48.6 million customers

Lyceum APT made the headlines with attacks in Middle East

For nearly a year, Brazilian users have been targeted with router attacks

AT&T is notifying millions of customers of data breach after a third-party vendor hack

Stay Connected