Security Affairs

SEPTEMBER 19, 2023

China-linked threat actor Earth Lusca used a new Linux malware dubbed SprySOCKS in a recent cyber espionage campaign. The experts noticed that the threat actors have rewritten many functions of the malware to run on Linux systems. Additional analysis led to the discovery of a previously unknown Linux backdoor tracked as SprySOCKS.

Malware 103

Malware Encryption Telecommunications Authentication 103

Security Affairs

OCTOBER 22, 2023

“If you’re working today at the cutting edge of technology then geopolitics is interested in you, even if you’re not interested in geopolitics.” ” Commercial businesses in the technology sector of any size, especially small companies and start-ups and researchers, are more exposed to Chinese espionage. .

Telecommunications 130

Telecommunications Technology Government Firmware 130

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. exe, and rundll32.exe.

Government 52

Government Malware Telecommunications Cybercrime 52

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware 106

Malware Hacking Government Telecommunications 106

Security Affairs

SEPTEMBER 27, 2023

The group targeted organizations in multiple sectors, including defense, government, electronics, telecommunication, technology, media, telecommunication industries. The nation-state actors employed multiple custom malware families targeting Windows, Linux, and FreeBSD operating systems.

Firmware 112

Firmware Telecommunications System Administration Malware 112

Security Affairs

JANUARY 28, 2023

1/3 pic.twitter.com/pMij9lpU5J — ESET Research (@ESETresearch) January 27, 2023 The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). We attribute this attack to #Sandworm.

Telecommunications 91

Telecommunications Malware Hacking Technology 91

SecureList

DECEMBER 22, 2022

Around the same time, we identified ransomware and wiper malware samples resembling those used in the first wave, though with a few interesting modifications that likely allowed evasion of security controls and better attack speeds. Below, we compare and discuss the differences between the wave 1 and wave 2 ransomware and wiper malware.

Ransomware 99

Ransomware Telecommunications Malware Encryption 99

Security Affairs

MARCH 28, 2023

Telecommunications giant Lumen Technologies discovered two cybersecurity incidents, including a ransomware attack. In this second incident, a sophisticated intruder accessed a limited number of the Company’s internal information technology systems. ” continues the form.

Ransomware 89

Ransomware Telecommunications Technology Cybersecurity 89

Security Affairs

OCTOBER 25, 2021

The NOBELIUM APT ( APT29 , Cozy Bear , and The Dukes) is the threat actor that conducted supply chain attack against SolarWinds, which involved multiple families of implants, including the SUNBURST backdoor , TEARDROP malware , GoldMax malware , Sibot , and GoldFinder backdoors. ” states Microsoft.

Telecommunications 109

Telecommunications Technology Hacking Malware 109

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. and Tykelab Srl, the latter is a telecommunications solutions company suspected to be operating as a front company. ” reads the analysis published by Lookout.

Spyware 78

Spyware Surveillance Telecommunications Mobile 78

Heimadal Security

MARCH 17, 2021

A cyber-espionage campaign is targeting telecom companies around the world with attacks using malicious downloads in an effort to steal sensitive data – including information about 5G technology – from compromised victims. The post Telecom Companies Are Targeted by Hackers appeared first on Heimdal Security Blog.

Telecommunications 98

Telecommunications Technology Cybersecurity Malware 98

Thales Cloud Protection & Licensing

OCTOBER 23, 2023

The threat of attacks against Critical National Infrastructure (CNI) – energy, utilities, telecommunications, and transportation – is a top priority. Reducing the risk of attacks such as ransomware and malware on CNI will be paramount to the stability of national economies for the years to come.

Energy and Utilities 77

Energy and Utilities Cybersecurity Ransomware Technology 77

Security Affairs

NOVEMBER 28, 2022

While the malware written in.NET is new, its deployment is similar to previous attacks attributed to #Sandworm. Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Ransomware 121

Ransomware Encryption Telecommunications Malware 121

Security Affairs

JUNE 19, 2021

. “RedFoxtrot has primarily targeted aerospace and defense, government, telecommunications, mining, and research organizations in Afghanistan, India, Kazakhstan, Kyrgyzstan, Pakistan, Tajikistan, and Uzbekistan. The threat actors behind the RedFoxtrot operations employed both custom malware and publicly available malicious code.

Telecommunications 119

Telecommunications Government Hacking Malware 119

Security Affairs

JUNE 29, 2020

According to the experts, the malware was developed by the Russian cybercrime crew known as Evil Corp , which was behind the Dridex Trojan , and multiple ransomware like Locky , Bart, Jaff , and BitPaymer. Most of the victims belong to the manufacturing industry, followed by IT and media and telecommunications sectors.

Ransomware 90

Ransomware Telecommunications Manufacturing Malware 90

Security Affairs

OCTOBER 18, 2020

Since August, FIN11 started targeting organizations in many industries, including defense, energy, finance, healthcare, legal, pharmaceutical, telecommunications, technology, and transportation. Researchers from FireEye’s Mandiant observed FIN11 hackers using spear-phishing messages distributing a malware downloader dubbed FRIENDSPEAK.

Ransomware 132

Ransomware Malware Telecommunications Advertising 132

Security Affairs

OCTOBER 4, 2022

The malicious installer was used to infect organizations in multiple sectors, including the industrial, healthcare, technology, manufacturing, insurance and telecommunications sectors in North America and Europe. “Malware is delivered via a signed Comm100 installer that was downloadable from the company’s website.

Telecommunications 110

Telecommunications Insurance Healthcare Manufacturing 110

Security Affairs

OCTOBER 19, 2021

Symantec spotted a previously unknown nation-state actor, tracked as Harvester, that is targeting telecommunication providers and IT firms in South Asia. “The Harvester group uses both custom malware and publicly available tools in its attacks, which began in June 2021, with the most recent activity seen in October 2021.

Telecommunications 97

Telecommunications Government Malware Encryption 97

Security Affairs

SEPTEMBER 1, 2020

French President Emmanuel Macron announced that France won’t ban the Chinese giant Huawei from its upcoming 5G telecommunication networks. French President Emmanuel Macron announced that his government will not exclude Chinese telecom giant Huawei from the building of the upcoming 5G telecommunication networks.

Telecommunications 132

Telecommunications Advertising Technology Manufacturing 132

Security Affairs

JANUARY 30, 2023

The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications 89

Telecommunications Malware Hacking Technology 89

Security Affairs

SEPTEMBER 28, 2021

Microsoft discovered new custom malware, dubbed FoggyWeb, used by the Nobelium cyberespionage group to implant backdoor in Windows domains. “Once NOBELIUM obtains credentials and successfully compromises a server, the actor relies on that access to maintain persistence and deepen its infiltration using sophisticated malware and tools.

Telecommunications 85

Telecommunications Malware Encryption Government 85

Security Affairs

APRIL 11, 2020

The attackers may have gained access to some users’ login credentials after deploying malware on both websites. The attackers inserted malicious computer code on these websites to steal some users’ login credentials,” reads a message posted to both site’s by the SFO’s Airport Information Technology and Telecommunications (ITT) director.

Data breaches 141

Data breaches Hacking Telecommunications Passwords 141

CyberSecurity Insiders

MAY 31, 2022

Thus with the latest announcement, the number of victims from the ransomware attacks has increased to 7 as in May this year the said file encrypting malware gang disrupted server operations of The Finance Ministry, The Ministry of Science, Innovation, Technology and Telecommunication, The Labor and Social Security Ministry, The Social Development and (..)

Ransomware 112

Ransomware Telecommunications Encryption Cyber Attacks 112

The Last Watchdog

APRIL 13, 2022

The Russian government, military, and intelligence service may wish to achieve some operational effect, for example, disrupting the power grid or interfering with telecommunications infrastructure, which may be part of a larger war plan. Educate your employees on threats and risks such as phishing and malware.

Cybersecurity 214

Cybersecurity Cybercrime Education Passwords 214

Security Affairs

MARCH 11, 2022

Lapsus$ Ransomware gang is looking for insiders willing to sell remote access to major technology corporations and ISPs. Thursday, March 10, Lapsus$ ransomware gang announced they’re starting to recruit insiders employed within major technology giants and ISPs, such companies include Microsoft, Apple, EA Games and IBM.

Ransomware 106

Ransomware Telecommunications Technology VPN 106

Security Affairs

MARCH 25, 2020

The group hit entities in several industries, including the gaming, healthcare, high-tech, higher education, telecommunications, and travel services industries. Unlike other China-based actors, the group used custom malware in cyber espionage operations, experts observed 46 different malware families and tools in APT41 campaigns.

Telecommunications 120

Telecommunications Healthcare Education Advertising 120

Security Boulevard

MARCH 15, 2022

Other targets include Brazil’s Ministry of Health (MoH) and Brazilian telecommunications operator Claro. Since they appear to be succeeding, Lapsus$ announced that they are looking to recruit insiders employed at telecommunications, software and gaming companies, among other technology businesses.

Ransomware 128

Ransomware Telecommunications Firmware Media 128

Malwarebytes

OCTOBER 27, 2023

” Since then the group has expanded its range of activities to include targeting organizations providing cable telecommunications, email, and tech services, and partnering with the ALPHV/BlackCat ransomware group. Use endpoint security software that can prevent exploits and malware used to deliver ransomware. Prevent intrusions.

Social Engineering 101

Social Engineering Engineering Ransomware Backups 101

SecureList

NOVEMBER 15, 2022

Dtrack hides itself inside an executable that looks like a legitimate program, and there are several stages of decryption before the malware payload starts. DTrack unpacks the malware in several stages. The second stage is stored inside the malware PE file. First stage – implanted code. Conclusions.

Malware 133

Malware Telecommunications Encryption Manufacturing 133

Krebs on Security

APRIL 2, 2019

Canadian police last week raided the residence of a Toronto software developer behind “ Orcus RAT ,” a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. An advertisement for Orcus RAT. In an “official press release” posted to pastebin.com on Mar.

Advertising 215

Advertising Malware Marketing Software 215

Security Affairs

DECEMBER 7, 2023

Most of the APT28s’ campaigns leveraged spear-phishing and malware-based attacks. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS). The vulnerability is a Microsoft Outlook spoofing vulnerability that can lead to an authentication bypass.

Government 110

Government Telecommunications Accountability Phishing 110

Security Affairs

DECEMBER 6, 2021

The NOBELIUM APT ( APT29 , Cozy Bear , and The Dukes) is the threat actor that conducted supply chain attack against SolarWinds, which involved multiple families of implants, including the SUNBURST backdoor , TEARDROP malware , GoldMax malware , Sibot , and GoldFinder backdoors.

Phishing 94

Phishing Telecommunications Government Accountability 94

Security Affairs

APRIL 20, 2023

FROZENLAKE, aka Sandworm , has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware. and similar services.

Phishing 87

Phishing Education Accountability Telecommunications 87

Security Affairs

SEPTEMBER 24, 2023

Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5 Government of Bermuda blames Russian threat actors for the cyber attack City of Dallas has set a budget of $8.5

Cyber Attacks 84

Cyber Attacks Firewall Data breaches Telecommunications 84

Security Boulevard

JUNE 26, 2023

Data breaches caused by weak security measures and procedures result in severe monetary losses, erosion of clients’ trust, and irreversible reputation damage to organizations in the healthcare, financial services, technology, and retail industries, as well as government and public sector entities.

Data breaches 52

Data breaches Healthcare Telecommunications Financial Services 52

SecureList

SEPTEMBER 16, 2021

We are currently seeing attempts to exploit the CVE-2021-40444 vulnerability targeting companies in the research and development sector, the energy sector and large industrial sectors, banking and medical technology development sectors, as well as telecommunications and the IT sector. Mitigations.

Engineering 98

Engineering Telecommunications Internet Internet 98

SecureWorld News

JANUARY 27, 2023

According to the DOJ , the HIVE ransomware network had been operating for several years, using the "ransomware-as-a-service" model to target a wide range of businesses and critical infrastructure sectors, including government facilities, telecommunication companies, manufacturing, information technology, and healthcare and public health.

Ransomware 79

Ransomware Cybercrime Cryptocurrency Telecommunications 79