Heimadal Security

MAY 3, 2022

When it comes to sideloading malicious Windows DLLs into antivirus programs, stealing passwords to move laterally, and finally exfiltrating data from affected PCs, the hackers are quite persistent. The post Hacking Group Moshen Dragon Targets Asian Telecommunication Companies appeared first on Heimdal Security Blog. What Happened?

Telecommunications 87

Telecommunications Hacking Antivirus Passwords 87

SecureWorld News

OCTOBER 21, 2021

Since 2016, this cybercrime organization has been building customized tools to invade the world's telecommunications sector. According to the blog, at least 13 telecommunications companies have been breached by LightBasin since 2019. LightBasin hacks critical infrastructure with intention and competence.

Telecommunications 88

Telecommunications Energy and Utilities Passwords Hacking 88

Krebs on Security

MARCH 16, 2021

From there, the attacker can reset the password of any account which uses that phone number for password reset links. Most large and legacy telecommunications providers validate transfer requests related to their customers by consulting NPAC , or the Number Portability Administration Center. ” WHAT CAN YOU DO?

Telecommunications 360

Telecommunications Mobile Wireless Accountability 360

Security Affairs

OCTOBER 20, 2021

A China-linked hacking group, tracked as LightBasin (aka UNC1945 ), hacked mobile telephone networks around the globe and used specialized tools to access calling records and text messages from telecommunications companies. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019.

Telecommunications 122

Telecommunications Mobile Hacking Architecture 122

Security Affairs

FEBRUARY 23, 2024

Australian telecommunications provider Tangerine disclosed a data breach that impacted roughly 230,000 individuals. The telecommunications provider pointed out that no financial information (credit or debit card numbers, banking details) has been compromised. Access to the affected legacy database has also been closed.”continues

Data breaches 101

Data breaches Telecommunications Banking Mobile 101

The Hacker News

DECEMBER 21, 2021

Multiple backdoors have been discovered during a penetration test in the firmware of a widely used voice over Internet Protocol (VoIP) appliance from Auerswald, a German telecommunications hardware manufacturer, that could be abused to gain full administrative access to the devices.

Penetration Testing 119

Penetration Testing Firmware Telecommunications Manufacturing 119

Krebs on Security

FEBRUARY 1, 2021

The service, marketed in the underground under the name “ SMS Bandits ,” has been responsible for blasting out huge volumes of phishing lures spoofing everything from COVID-19 pandemic relief efforts to PayPal, telecommunications providers and tax revenue agencies. ” SMS Bandits offered an SMS phishing (a.k.a.

Phishing 322

Phishing Telecommunications Mobile Advertising 322

Malwarebytes

APRIL 2, 2024

Telecommunications giant AT&T has finally confirmed that 73 million current and former customers have been caught up in a massive dark web data leak. Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else.

Data breaches 144

Data breaches Passwords Phishing Accountability 144

The Security Ledger

FEBRUARY 22, 2019

A group representing European telecommunications firms last week published technical specifications for securing a wide range of consumer Internet of Things devices including toys, smart cameras and wearable health trackers. The post EU calls for End to Default Passwords on Internet of Things appeared first on The Security Ledger.

Internet 40

Internet Internet Passwords Telecommunications 40

Malwarebytes

MARCH 19, 2024

A 42-year-old manager at an unnamed telecommunications company has admitted SIM swapping customers at his store. Armed with an email and password—which are easily bought online— and the 2FA code, an attacker could take over the victim’s online accounts.

Social Engineering 135

Social Engineering Computers and Electronics Mobile Identity Theft 135

Krebs on Security

FEBRUARY 19, 2020

The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee accounts for weak passwords. How would your organization hold up to a password spraying attack? As the Citrix hack shows, if you don’t know you should probably check, and then act on the results accordingly.

VPN 355

VPN Passwords Software Telecommunications 355

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. ” reads the report published by Recorded Future.

Malware 89

Malware Telecommunications DNS Hacking 89

Security Affairs

JUNE 8, 2022

China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers.

Telecommunications 98

Telecommunications Authentication Passwords Accountability 98

Security Affairs

JANUARY 30, 2024

Based on the collected feedback, cybersecurity experts were able to build the following statistics: 45% were not aware about the identified compromised credentials and acknowledged successful password change and enabled 2FA; 16% were already aware about the identified compromised credentials as a result of infection by malicious code and made necessary (..)

Engineering 127

Engineering Passwords Telecommunications Accountability 127

Security Affairs

DECEMBER 30, 2020

.” T-Mobile said that threat actors did not access names on the account, physical or email addresses, financial data, credit card information, social security numbers, tax ID, passwords, or PINs. The telecommunication giant is in the process of notifying impacted customers.

Data breaches 139

Data breaches Mobile Telecommunications Wireless 139

Security Affairs

JULY 10, 2021

Mint Mobile is an American telecommunications company which sells mobile phone services and operates as an MVNO on T-Mobile’s cellular network in the United States. An unauthorized person also potentially accessed subscribers’ personal information, including call history, names, addresses, emails, and passwords.

Mobile 138

Mobile Data breaches Telecommunications Passwords 138

Security Affairs

JANUARY 7, 2024

The group targets government entities, Kurdish (political) groups like PKK, telecommunication, ISPs, IT-service providers (including security companies), NGO, and Media & Entertainment sectors; Over the years, the group enhanced its evasion capabilities. Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns.

Media 120

Media Accountability Telecommunications Government 120

The Last Watchdog

APRIL 13, 2022

The Russian government, military, and intelligence service may wish to achieve some operational effect, for example, disrupting the power grid or interfering with telecommunications infrastructure, which may be part of a larger war plan. Each of these organizations performs cyber operations for various reasons.

Cybersecurity 214

Cybersecurity Cybercrime Education Passwords 214

Security Affairs

DECEMBER 14, 2022

Some of the most popular brands don’t enforce a strong password policy, meaning anyone can peer into their owners’ lives. While the default security settings have improved over the review period, some popular brands either offer default passwords or no authentication, meaning anyone can spy on the spies.

Surveillance 135

Surveillance Manufacturing Passwords Internet 135

Malwarebytes

JUNE 19, 2023

There’s plenty of cheap Internet of Things (IoT) baby monitors out there with default passwords baked in, insecurely stored data, and an alarming amount of compromise stories in the news. Instead of Wi-Fi, they use other technologies called Digital Enhanced Cordless Telecommunications (DECT) and Frequency Hopping Spread Spectrum (FHSS).

Passwords 86

Passwords IoT Internet Internet 86

Security Affairs

APRIL 11, 2020

“The attackers inserted malicious computer code on these websites to steal some users’ login credentials,” reads a message posted to both site’s by the SFO’s Airport Information Technology and Telecommunications (ITT) director. In response to the incident, the SFO Airport reset all email and network passwords.

Data breaches 143

Data breaches Hacking Telecommunications Passwords 143

Security Affairs

MARCH 10, 2023

CPNI is information related to the telecommunications services purchased by the customers, including the number of lines for each account or the wireless plan to which customers are subscribed. Social Security Number, account passwords). ” reads a data breach communication sent by the company to the impacted customers.

Data breaches 94

Data breaches Hacking Wireless Telecommunications 94

Security Affairs

FEBRUARY 27, 2021

The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks.

Mobile 98

Mobile Telecommunications Data breaches Identity Theft 98

Security Affairs

MAY 1, 2024

The experts noticed that the infection chain was distinct, with 99% of infections originating in Turkey, primarily from two major telecommunications providers. The malware passively monitors network packets for “credential markers,” including usernames, passwords, and authentication tokens.

Malware 109

Malware DNS Authentication Telecommunications 109

CyberSecurity Insiders

NOVEMBER 25, 2021

Dubbed as “The Product Security and Telecommunications Infrastructure(PSTI) bill, it requests those involved in the manufacturing of Internet of Things such as smart TVs, CCTVs, smart phones and fitness trackers; to follow basic standards while offering service and products to consumers.

IoT 139

IoT Manufacturing Telecommunications Cyber Attacks 139

SecureWorld News

OCTOBER 6, 2022

Require all accounts with password logins to have strong, unique passwords, and change passwords immediately if there are indications that a password may have been compromised.". PRC state-sponsored cyber actors continue to exploit known vulnerabilities and use publicly available tools to target networks of interest.

Passwords 88

Passwords Telecommunications Government Cybersecurity 88

Malwarebytes

MARCH 3, 2022

The LAPSUS$ group is a relative newcomer to the ransomware scene, but it has made a name for itself by bringing down big targets like Impresa, the largest media conglomerate in Portugal, Brazil’s Ministry of Health, and Brazilian telecommunications operator Claro. The passwords and email addresses of some 70k employees were involved.

Ransomware 87

Ransomware Password Management Passwords Hacking 87

The Security Ledger

MARCH 11, 2020

In this Spotlight* podcast, Sayed Wajahat Ali the Senior Director of Security Risk Management at DU TELECOM in the UAE joins us to talk about how digital transformation is shaking up the once-staid telecommunications industry and how his company is staying on top of both the risks and opportunities created by digital transformation.

Digital transformation 52

Digital transformation Risk Telecommunications Mobile 52

CyberSecurity Insiders

SEPTEMBER 22, 2022

The Australian Telecommunication Firm is currently silent on the issue and assured that it will release a press statement after a preliminary inquiry into the attack gets completed. From the past few months, Australia has been experiencing cyber attacks on its national infrastructure and the nation has blamed Russia for digital assaults.

Cyber Attacks 89

Cyber Attacks Data breaches Telecommunications Passwords 89

Krebs on Security

MARCH 20, 2023

Image: Shutterstock Telecommunications giant AT&T disclosed this month that a breach at a marketing vendor exposed certain account information for nine million customers. “An individual’s CPNI can be shared with other telecommunications providers for network operating reasons,” wrote TechTarget’s Gavin Wright.

Mobile 283

Mobile Wireless Advertising Telecommunications 283

Security Affairs

AUGUST 18, 2021

Importantly, no phone numbers, account numbers, PINs, passwords, or financial information were compromised in any of these files of customers or prospective customers.” data breach notification published by the telecommunications giant on its website revealed that the security breach impacted both employees and customers.

Data breaches 100

Data breaches Mobile Telecommunications Wireless 100

Pen Test Partners

FEBRUARY 22, 2024

Security requirements unpacked The regulations lay down explicit security mandates, from unique product passwords to transparent reporting mechanisms for security issues, alongside clear directives on security update commitments. Each product must either have a unique password or allow the user to set a secure password upon initial setup.

Manufacturing 55

Manufacturing Passwords Telecommunications Cyber threats 55

Security Affairs

MARCH 16, 2020

Hackers have stolen O2 customers’ data from a database run by Aerial Direct , one of the largest UK partners of the telecommunications services provider. To reassure you, the database did not include any passwords or financial details, such as bank account number or credit card information.” Pierluigi Paganini.

Data breaches 109

Data breaches Telecommunications Passwords Advertising 109

Security Affairs

OCTOBER 19, 2021

Symantec spotted a previously unknown nation-state actor, tracked as Harvester, that is targeting telecommunication providers and IT firms in South Asia. Sectors targeted include telecommunications, government, and information technology (IT). At this time, the APT group is mostly targeting organizations in Afghanistan.

Telecommunications 102

Telecommunications Government Malware Encryption 102

Security Affairs

DECEMBER 31, 2020

The Emotet campaign uses malicious emails that attempt to trick recipients into opening the zipped archive with the password included in the message. Emails accessed in this way require user action: open the file, unzip it with a password. Emails accessed in this way require user action: open the file, unzip it with a password.

Passwords 104

Passwords Malware Telecommunications Banking 104

Krebs on Security

OCTOBER 12, 2020

“We disrupted Trickbot through a court order we obtained as well as technical action we executed in partnership with telecommunications providers around the world,” wrote Tom Burt , corporate vice president of customer security and trust at Microsoft, in a blog post this morning about the legal maneuver. Image: Microsoft.

Healthcare 350

Healthcare Internet Internet Ransomware 350

Troy Hunt

MARCH 27, 2018

It began with a visit to the local Telstra store earlier this month to upgrade a couple of phone plans which resulted in me sitting alone by this screen whilst the Telstra staffer disappeared into the back room for a few minutes: Is it normal for @Telstra to display customer passwords on publicly facing terminals in their stores?

Passwords 154

Passwords Banking Mobile Telecommunications 154