Internet, Malware, Telecommunications and VPN

Internet

Malware

Telecommunications

VPN

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. The Russia-linked APT group Sandworm (UAC-0165) has compromised eleven telecommunication service providers in Ukraine between May and September 2023, reported the Ukraine’s Computer Emergency Response Team (CERT-UA).

Telecommunications

Telecommunications Authentication Data collection Passwords

Cuttlefish malware targets enterprise-grade SOHO routers

Security Affairs

MAY 1, 2024

A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data. The malware creates a proxy or VPN tunnel on the compromised router to exfiltrate data, and then uses stolen credentials to access targeted resources.

Malware

Malware DNS Authentication Telecommunications

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

The Chinese APT is known to be focused on telecommunications companies operating across Asia, Europe and Africa. PingPull, was first spotted by Unit 42 in June 2022, the researchers defined the RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications.

Malware

Malware Telecommunications Government VPN

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

GALLIUM Threat Group targets global telcos, Microsoft warns

Security Affairs

DECEMBER 12, 2019

The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. The Microsoft Threat Intelligence Center (MSTIC) warns of GALLIUM threat group targeting global telecommunication providers worldwide. ” reads the warning published by Microsoft.

Telecommunications

Telecommunications DNS Malware Advertising

Weakness at the Network Edge: Mandiant Examines 2022’s Zero-Day Exploits

eSecurity Planet

MARCH 27, 2023

.” The three activity sets included a campaign against the Philippine government between March and May 2022; a campaign against telecommunications and business service providers in South Asia in April 2022; and a campaign against organizations in Belarus and Russia in May 2022.

Firewall

Firewall Internet Internet Telecommunications

WinDealer dealing on the side

SecureList

JUNE 2, 2022

It primarily goes after targets located in China, such as foreign diplomatic organizations established in the country, members of the academic community, or companies from the defense, logistics and telecommunications sectors. Leaving the mystery of the delivery method aside for now, let’s look at the capabilities of the malware itself.

Malware

Malware Encryption Social Engineering Telecommunications

New spear phishing campaign targets Russian dissidents

Malwarebytes

MARCH 29, 2022

The spear phishing emails are warning people that use websites, social networks, instant messengers and VPN services that have been banned by the Russian Government and that criminal charges will be laid. Ministry of Digital Development, Telecommunications and Mass Media of the Russian Federation). Figure 1: Phishing template.

Phishing

Phishing Education Telecommunications Technology

Reassessing cyberwarfare. Lessons learned in 2022

SecureList

DECEMBER 14, 2022

According to the same article, another such attack took place in the late 1990s when the American military attacked a Serbian telecommunications network. One month later, a new strain named RansomBoggs again hit Ukrainian targets – both malware families were attributed to Sandworm. Key insights. So did a number of industry peers. [3]

DDOS

DDOS Ransomware Government Energy and Utilities

Ransomware world in 2021: who, how and why

SecureList

MAY 12, 2021

They interact with each other through internet handles, paying for services with cryptocurrency. Well-known malware families are involved in the biggest and most wide-reaching campaigns. Hackers who are on the lookout for publicly disclosed vulnerabilities (1-days) in internet facing software, such as VPN appliances or email gateways.

Ransomware

Ransomware Encryption Malware Cybercrime

DDoS attacks in Q1 2021

SecureList

MAY 10, 2021

News broke in January of the FreakOut malware, which attacks Linux devices. This loophole was previously exploited by ADB.Miner, Ares, IPStorm, Fbot, Trinity, and other malware. To prevent attacks via RDP, it is recommended to hide RDP servers behind a VPN or disable UDP port 3389. News overview.

DDOS

DDOS Cryptocurrency Media Marketing

APT trends report Q1 2021

SecureList

APRIL 27, 2021

In our initial report on Sunburst , we examined the method used by the malware to communicate with its C2 (command-and-control) server and the protocol used to upgrade victims for further exploitation. This campaign made use of a previously unknown malware family we dubbed FourteenHi.

Malware

Malware Spyware Government Social Engineering

Ransomware by the numbers: Reassessing the threat’s global impact

SecureList

APRIL 23, 2021

Was ransomware, in fact, a dying species of malware? In 2019, the share of users targeted with ransomware among the overall number of users that encountered malware was 3.31%; this declined slightly in 2020 to 2.67%. The share of ransomware detections among the overall number of malware detections was 1.49% in 2019 and 1.08% in 2020.

Ransomware

Ransomware Mobile Malware Encryption

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

From a different angle, reporting from The Intercept revealed mobile surveillance capabilities available to Iran for the purposes of domestic investigations that leverage direct access to (and cooperation of) local telecommunication companies. One of the major cyber-incidents of 2022 took place early this year: the Okta hack.

Firmware

Firmware Surveillance Mobile Telecommunications

Cyber Security Informer

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Cuttlefish malware targets enterprise-grade SOHO routers

Webinars

Trending Sources

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Webinars

GALLIUM Threat Group targets global telcos, Microsoft warns

Weakness at the Network Edge: Mandiant Examines 2022’s Zero-Day Exploits

WinDealer dealing on the side

New spear phishing campaign targets Russian dissidents

Reassessing cyberwarfare. Lessons learned in 2022

Ransomware world in 2021: who, how and why

DDoS attacks in Q1 2021

APT trends report Q1 2021

Ransomware by the numbers: Reassessing the threat’s global impact

Advanced threat predictions for 2023

Stay Connected