Internet, Technology, Telecommunications and VPN

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. The Russia-linked APT group Sandworm (UAC-0165) has compromised eleven telecommunication service providers in Ukraine between May and September 2023, reported the Ukraine’s Computer Emergency Response Team (CERT-UA).

Telecommunications

Telecommunications Authentication Data collection Passwords

The War in Technology: A Digital Iron Curtain Goes Up

SecureWorld News

MARCH 10, 2022

Many threats that have until now been theoretical—like creation of a "Ru-net" as an alternative to the Internet—are becoming a reality. Cutting off Internet access to a country the size of Texas is not as simple as cutting a few cables or bombing a few cell towers. There are many tech angles to the war in Ukraine.

Technology

Technology Internet Internet Telecommunications

The Russian Government blocked ProtonMail and ProtonVPN

Security Affairs

FEBRUARY 2, 2020

The p opular ProtonMail end-to-end encrypted email service and ProtonVPN VPN service have been blocked by the Russian government this week. This week the Russian government has blocked the ProtonMail end-to-end encrypted email service and ProtonVPN VPN service. ” states Proton Technologies.

Government

Government VPN Telecommunications Advertising

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. The employee phishing page bofaticket[.]com. Image: urlscan.io. ” SPEAR VISHING.

Phishing

Phishing VPN Social Engineering Media

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

FEBRUARY 18, 2019

This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers. federal civilian agencies to secure the login credentials for their Internet domain records. That changed on Jan.

DNS

DNS Internet Internet Government

What is a Managed Security Service Provider? MSSPs Explained

eSecurity Planet

AUGUST 22, 2023

Expanding attack surfaces require additional skills to secure, maintain, and monitor an ever-expanding environment of assets such as mobile, cloud, and the internet of things (IoT). Traditionally, this leads to the use of VPNs or remote desktop functions to enable remote access to specific machines. Outsourcing U.S.

Telecommunications

Telecommunications Firewall Penetration Testing Cybersecurity

Russia’s watchdog Roskomnadzor threatens to fine Twitter and Facebook

Security Affairs

FEBRUARY 2, 2020

Russia’s telecommunications watchdog Roskomnadzor has instituted administrative proceedings against Facebook and Twitter after they refused to store data of Russian users on servers located in the country. This week the Russian government has blocked the ProtonMail end-to-end encrypted email service and ProtonVPN VPN service.

Telecommunications

Telecommunications VPN Advertising Government

New spear phishing campaign targets Russian dissidents

Malwarebytes

MARCH 29, 2022

The spear phishing emails are warning people that use websites, social networks, instant messengers and VPN services that have been banned by the Russian Government and that criminal charges will be laid. Ministry of Digital Development, Telecommunications and Mass Media of the Russian Federation). Figure 1: Phishing template.

Phishing

Phishing Education Telecommunications Technology

It’s official, Lapsus$ gang compromised a Microsoft employee’s account

Security Affairs

MARCH 23, 2022

The threat actors used the compromised credentials and/or session tokens to access the target networks through internet-facing systems and applications (i.e. virtual private network (VPN), remote desktop protocol (RDP), virtual desktop infrastructure (VDI) including Citrix, or Identity providers (including Azure Active Directory, Okta)). .”

Accountability

Accountability VPN Social Engineering Hacking

Reassessing cyberwarfare. Lessons learned in 2022

SecureList

DECEMBER 14, 2022

According to the same article, another such attack took place in the late 1990s when the American military attacked a Serbian telecommunications network. The Viasat “cyberevent” On the 24 th of February , Europeans who relied on the ViaSat-owned “ KA-SAT ” satellite faced major Internet access disruptions.

DDOS

DDOS Ransomware Government Energy and Utilities

What Is Encryption? Definition, How it Works, & Examples

eSecurity Planet

DECEMBER 7, 2023

AES encryption can be commonly found in communication protocols, virtual private network (VPN) encryption, full-disk encryption, and Wi-Fi transmission protocols. ECC is used for email encryption, cryptocurrency digital signatures, and internet communication protocols.

Encryption

Encryption Passwords IoT Firewall

APT trends report Q1 2021

SecureList

APRIL 27, 2021

The attackers used vulnerabilities in an SSL-VPN product to deploy a multi-layered loader we dubbed Ecipekac (aka DESLoader, SigLoader and HEAVYHAND). The victims we observed were all high-profile Tunisian organizations, such as telecommunications or aviation companies. We attribute this activity to APT10 with high confidence.

Malware

Malware Spyware Government Social Engineering

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

As a leading VC, BVP offers budding companies plenty to consider, with a set of roadmaps and tools for today’s technologies and market complexities. Notable cybersecurity exits for the company include AVG Technologies, Cognitive Security, OpenDNS, and Carbon Black. Also read : Addressing Remote Desktop Attacks and Security.

Cybersecurity

Cybersecurity Technology Marketing Healthcare

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

From a different angle, reporting from The Intercept revealed mobile surveillance capabilities available to Iran for the purposes of domestic investigations that leverage direct access to (and cooperation of) local telecommunication companies. One of the major cyber-incidents of 2022 took place early this year: the Okta hack.

Firmware

Firmware Surveillance Mobile Telecommunications

Ransomware by the numbers: Reassessing the threat’s global impact

SecureList

APRIL 23, 2021

In certain cases, they used spear-phishing campaigns to install Cobalt Strike RAT, while other attacks involved exploiting a vulnerable internet-facing service (e.g., Citrix ADC/NetScaler or Pulse Secure VPN) or weak RDP credentials to breach the network. First appearing in 2019, Maze used various mechanisms for initial compromise.

Ransomware

Ransomware Mobile Malware Encryption

Cyber Security Informer

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

The War in Technology: A Digital Iron Curtain Goes Up

Trending Sources

The Russian Government blocked ProtonMail and ProtonVPN

Voice Phishers Targeting Corporate VPNs

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

What is a Managed Security Service Provider? MSSPs Explained

Russia’s watchdog Roskomnadzor threatens to fine Twitter and Facebook

New spear phishing campaign targets Russian dissidents

It’s official, Lapsus$ gang compromised a Microsoft employee’s account

Reassessing cyberwarfare. Lessons learned in 2022

What Is Encryption? Definition, How it Works, & Examples

APT trends report Q1 2021

Top VC Firms in Cybersecurity of 2022

Advanced threat predictions for 2023

Ransomware by the numbers: Reassessing the threat’s global impact

Stay Connected