SecureList

OCTOBER 15, 2024

The malware uses different strings to load libraries and functions required for execution. q=0" Icon File Name : %systemroot%System32moricons.dll Machine ID : desktop-84bs21b Downloader module The RTF exploits and LNK files execute the same JavaScript malware. In particular, Avast and AVG solutions are of interest to the malware.

Malware 143

Malware Encryption Architecture Phishing 143

The Last Watchdog

AUGUST 20, 2019

And, increasingly, they come riddled with some of the most invasive types of malware. These devices are not safe to do anything on, and they impact everything they touch,” says Ronan Cremin, chief technology officer at Afilias Technologies , a Dublin-based tech vendor that has a unique view of mobile device usage patterns.

Malware 185

Malware Mobile Manufacturing Marketing 185

Security Affairs

AUGUST 25, 2022

Russia-linked APT group Nobelium is behind a new sophisticated post-exploitation malware tracked by Microsoft as MagicWeb. Microsoft security researchers discovered a post-compromise malware, tracked as MagicWeb, which is used by the Russia-linked NOBELIUM APT group to maintain persistent access to compromised environments.

Malware 137

Malware Authentication Telecommunications Government 137

SecureList

MARCH 10, 2025

We continued to monitor the group throughout the rest of the year, observing intense activity that included updates to SideWinder’s toolset and the creation of a massive new infrastructure to spread malware and control compromised systems. Additionally, they change the names and paths of their malicious files.

Energy and Utilities 121

Energy and Utilities Malware Government Phishing 121

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. net” and “ett[.]hopto[.]org”

Malware 105

Malware Telecommunications DNS Hacking 105

Security Affairs

SEPTEMBER 5, 2024

The group focuses on government departments that are involved in foreign affairs, technology, and telecommunications. The malware is highly obfuscated and disguises itself as system utilities, allowing attackers to perform tasks like file manipulation, command execution, and remote port scanning.

Malware 122

Malware Telecommunications Encryption Hacking 122

Security Affairs

MARCH 12, 2025

UNC3886 is a sophisticated China-linked cyber espionage group that targets network devices and virtualization technologies using zero-day exploits. Its primary focus is on defense, technology, and telecommunications sectors in the US and Asia. To deploy malware, the threat actor had to first bypass this security mechanism.

Telecommunications 68

Telecommunications Malware DDOS Technology 68

Security Affairs

FEBRUARY 13, 2025

Seashell Blizzard (aka Sandworm , BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRUs Main Center for Special Technologies (GTsST). On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications 110

Telecommunications DNS Passwords Hacking 110

Security Affairs

SEPTEMBER 8, 2024

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. The researchers observed threat actors exploiting CVE-2024-36401 in attacks aimed at IT service providers in India, technology companies in the U.S.,

Malware 137

Malware Telecommunications Encryption DDOS 137

Malwarebytes

APRIL 16, 2025

This is the same technology that now flirts with people online for you and automatically writes heartfelt consolatory emails on behalf of heartless administrators. Install anti-malware software and follow basic cyber hygiene measures. The rise in bots is down to generative artificial intelligence (AI), Imperva said. Protect your PC.

Internet 144

Internet Internet Passwords Artificial Intelligence 144

Security Affairs

DECEMBER 6, 2021

Russia-linked Nobelium APT group is using a new custom malware dubbed Ceeloader in attacks against organizations worldwide. NOBELIUM focuses on government organizations, non-government organizations (NGOs), think tanks, military, IT service providers, health technology and research, and telecommunications providers.

Malware 135

Malware VPN Accountability Telecommunications 135

Security Boulevard

MARCH 24, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. but given the Salt Typhoon breach and the apparent lackluster security practices and culture at just about every American telecommunications company, this was too interesting to ignore. They also have appeared to partner with Proton.

Surveillance 75

Surveillance Telecommunications Malware Data breaches 75

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. exe, and rundll32.exe.

Government 98

Government Malware Telecommunications Cybercrime 98

Security Affairs

SEPTEMBER 19, 2023

China-linked threat actor Earth Lusca used a new Linux malware dubbed SprySOCKS in a recent cyber espionage campaign. The experts noticed that the threat actors have rewritten many functions of the malware to run on Linux systems. Additional analysis led to the discovery of a previously unknown Linux backdoor tracked as SprySOCKS.

Malware 129

Malware Encryption Telecommunications Authentication 129

Security Affairs

JANUARY 31, 2024

Researchers from cybersecurity firm Synacktiv published a technical analysis of a Rust malware, named KrustyLoader, that was delivered by threat actors exploiting the above vulnerabilities. The flaw CVE-2023-46805 (CVSS score 8.2) is an Authentication Bypass issue that resides in the web component of Ivanti ICS 9.x,

VPN 130

VPN Malware Authentication Small Business 130

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware 128

Malware Hacking Government Telecommunications 128

Security Affairs

FEBRUARY 15, 2025

custody in exchange for Marc Fogel North Korea-linked APT Emerald Sleet is using a new tactic U.S.

Spyware 72

Spyware Firewall Artificial Intelligence Malware 72

Adam Levin

FEBRUARY 8, 2019

The attackers then enumerated access and conducted privilege escalation on the victim networks, utilizing DLL sideloading techniques documented in a US-CERT alert on APT10 to deliver malware,” stated the report. and European-based technology firms, such as the cyberattack on Airbus earlier this year. government officials worried.

Telecommunications 146

Telecommunications Government Technology Hacking 146

Security Affairs

OCTOBER 22, 2023

“If you’re working today at the cutting edge of technology then geopolitics is interested in you, even if you’re not interested in geopolitics.” ” Commercial businesses in the technology sector of any size, especially small companies and start-ups and researchers, are more exposed to Chinese espionage. .

Telecommunications 144

Telecommunications Technology Government Firmware 144

Approachable Cyber Threats

MARCH 9, 2023

Category Awareness, News, Case Study As one of the world’s fastest-growing industries, telecommunication has become a highly vulnerable target for cybersecurity threats. The Industry Information technology's ability to connect and communicate has become integral to our society here in the digital age. Read more of the ACT

Telecommunications 52

Telecommunications IoT Firewall Encryption 52

Security Affairs

DECEMBER 1, 2024

CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog Thai police arrested Chinese hackers involved in SMS blaster attacks Zyxel firewalls targeted in recent ransomware attacks Malware campaign abused flawed Avast Anti-Rootkit driver Russia-linked APT TAG-110 uses targets Europe and Asia Russia-linked threat (..)

Cybercrime 74

Cybercrime Firewall Social Engineering Ransomware 74

Security Affairs

JUNE 29, 2020

According to the experts, the malware was developed by the Russian cybercrime crew known as Evil Corp , which was behind the Dridex Trojan , and multiple ransomware like Locky , Bart, Jaff , and BitPaymer. Most of the victims belong to the manufacturing industry, followed by IT and media and telecommunications sectors.

Ransomware 125

Ransomware Telecommunications Manufacturing Advertising 125

Security Affairs

OCTOBER 25, 2021

The NOBELIUM APT ( APT29 , Cozy Bear , and The Dukes) is the threat actor that conducted supply chain attack against SolarWinds, which involved multiple families of implants, including the SUNBURST backdoor , TEARDROP malware , GoldMax malware , Sibot , and GoldFinder backdoors. ” states Microsoft.

Telecommunications 132

Telecommunications Technology Hacking Malware 132

Security Affairs

OCTOBER 18, 2020

Since August, FIN11 started targeting organizations in many industries, including defense, energy, finance, healthcare, legal, pharmaceutical, telecommunications, technology, and transportation. Researchers from FireEye’s Mandiant observed FIN11 hackers using spear-phishing messages distributing a malware downloader dubbed FRIENDSPEAK.

Ransomware 142

Ransomware Malware Telecommunications Advertising 142

Security Affairs

MARCH 25, 2020

The group hit entities in several industries, including the gaming, healthcare, high-tech, higher education, telecommunications, and travel services industries. Unlike other China-based actors, the group used custom malware in cyber espionage operations, experts observed 46 different malware families and tools in APT41 campaigns.

Telecommunications 145

Telecommunications Healthcare Education Advertising 145

SecureList

DECEMBER 22, 2022

Around the same time, we identified ransomware and wiper malware samples resembling those used in the first wave, though with a few interesting modifications that likely allowed evasion of security controls and better attack speeds. Below, we compare and discuss the differences between the wave 1 and wave 2 ransomware and wiper malware.

Ransomware 131

Ransomware Telecommunications Malware Encryption 131

Security Affairs

JUNE 19, 2021

. “RedFoxtrot has primarily targeted aerospace and defense, government, telecommunications, mining, and research organizations in Afghanistan, India, Kazakhstan, Kyrgyzstan, Pakistan, Tajikistan, and Uzbekistan. The threat actors behind the RedFoxtrot operations employed both custom malware and publicly available malicious code.

Telecommunications 138

Telecommunications Government Hacking Malware 138

Security Affairs

SEPTEMBER 1, 2020

French President Emmanuel Macron announced that France won’t ban the Chinese giant Huawei from its upcoming 5G telecommunication networks. French President Emmanuel Macron announced that his government will not exclude Chinese telecom giant Huawei from the building of the upcoming 5G telecommunication networks.

Telecommunications 143

Telecommunications Advertising Technology Manufacturing 143

Security Affairs

APRIL 11, 2020

The attackers may have gained access to some users’ login credentials after deploying malware on both websites. The attackers inserted malicious computer code on these websites to steal some users’ login credentials,” reads a message posted to both site’s by the SFO’s Airport Information Technology and Telecommunications (ITT) director.

Data breaches 145

Data breaches Hacking Telecommunications Advertising 145

The Last Watchdog

APRIL 13, 2022

The Russian government, military, and intelligence service may wish to achieve some operational effect, for example, disrupting the power grid or interfering with telecommunications infrastructure, which may be part of a larger war plan. Educate your employees on threats and risks such as phishing and malware.

Cybersecurity 214

Cybersecurity Cybercrime Education Government 214

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. and Tykelab Srl, the latter is a telecommunications solutions company suspected to be operating as a front company. ” reads the analysis published by Lookout.

Spyware 107

Spyware Surveillance Telecommunications Mobile 107

Security Affairs

SEPTEMBER 27, 2023

The group targeted organizations in multiple sectors, including defense, government, electronics, telecommunication, technology, media, telecommunication industries. The nation-state actors employed multiple custom malware families targeting Windows, Linux, and FreeBSD operating systems.

Firmware 138

Firmware Telecommunications System Administration Malware 138

Security Affairs

DECEMBER 1, 2020

UK officials proposed to stop installing new Huawei equipment in the 5G network within the year, they also plan to speed up the replacement of Chinese technology that has been already deployed. The UK intelligence analysis believe that US ban on Chinese 5G technology will force Huawei to use untrusted technology. allegations.

Wireless 143

Wireless Government Marketing Telecommunications 143

Security Affairs

NOVEMBER 28, 2022

While the malware written in.NET is new, its deployment is similar to previous attacks attributed to #Sandworm. Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Ransomware 140

Ransomware Encryption Telecommunications Malware 140

Security Affairs

OCTOBER 4, 2022

The malicious installer was used to infect organizations in multiple sectors, including the industrial, healthcare, technology, manufacturing, insurance and telecommunications sectors in North America and Europe. “Malware is delivered via a signed Comm100 installer that was downloadable from the company’s website.

Telecommunications 135

Telecommunications Insurance Manufacturing Healthcare 135

SecureList

SEPTEMBER 16, 2021

We are currently seeing attempts to exploit the CVE-2021-40444 vulnerability targeting companies in the research and development sector, the energy sector and large industrial sectors, banking and medical technology development sectors, as well as telecommunications and the IT sector. Mitigations.

Engineering 144

Engineering Telecommunications Internet Internet 144

Heimadal Security

MARCH 17, 2021

A cyber-espionage campaign is targeting telecom companies around the world with attacks using malicious downloads in an effort to steal sensitive data – including information about 5G technology – from compromised victims. The post Telecom Companies Are Targeted by Hackers appeared first on Heimdal Security Blog.

Telecommunications 98

Telecommunications Technology Cybersecurity Malware 98