Risks in Telecommunications IT

Trend Micro

We summarize the characteristics, threats, and recommendations to improve the security posture of enterprises' and telecommunications companies' IT infrastructure.

DeadRinger: Chinese APTs strike major telecommunications companies

Zero Day

Previously unknown campaigns center around "Chinese state interests

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

McAfee uncovers espionage campaign aimed at major telecommunication companies

Tech Republic Security

The security company said the attacks were attributed to RedDelta and Mustang Panda, both of which are allegedly based in China

Telecommunications Industry in the Bullseye

Dark Reading

New report cites higher volume and increased sophistication of threats to the sector

CPDP 2021 – Moderator: Rob Van Eijk ‘Technical Standards Bringing Together Data Protection With Telecommunications Regulation, Digital Regulations And Procurement’

Security Boulevard

The post CPDP 2021 – Moderator: Rob Van Eijk ‘Technical Standards Bringing Together Data Protection With Telecommunications Regulation, Digital Regulations And Procurement’ appeared first on Security Boulevard. Speakers: Paul F. Nemitz,Mikuláš Peksa, Amelia Andersdotter, Clara Neppel, Francesca Bria, Our sincere thanks to CPDP 2021 - Computers, Privacy & Data Protection Conference for publishing their well-crafted videos on the organization's YouTube channel. Enjoy!

MWC19 Los Angeles: The value of blockchain in the telecommunications sector

Tech Republic Security

Here's how the telecommunications sector can benefit Blockchain isn't reserved for bitcoin.

China-linked APT41 group targets telecommunications companies with new backdoor

Security Affairs

China-linked APT41 group is targeting telecommunications companies with a new piece of malware used to spy on text messages of highly targeted individuals. The experts found the MessageTap backdoor installed on a Linux-based Short Message Service Center (SMSC) server belonging to an unnamed telecommunications company. “Named MESSAGETAP, the tool was deployed by APT41 in a telecommunications network provider in support of Chinese espionage efforts.”

DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos

Security Boulevard

In the beginning of 2021, the Cybereason Nocturnus Team investigated clusters of intrusions detected targeting the telecommunications industry across Southeast Asia. Security Bloggers Network APT china Nation-state Attack national security research ResearchCat telecommunications

Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

Security Boulevard

An analysis of the malicious file and other submissions by the same VirusTotal user suggest the account that initially flagged the backdoor as suspicious belongs to IT personnel at the National Telecommunications and Information Administration (NTIA), a division of the U.S. On Aug.

Spotlight Podcast: How DU Telecom Manages Digital Transformation Risk

The Security Ledger

One of the industries feeling the weight of these changes is telecommunications, where profitable legacy businesses like fixed line telephony and text messaging are falling victim to technology fueled changes.

Firm Uncovers Major Cyber-Espionage Campaign Against Telcos

The Security Ledger

The security firm Cybereason has uncovered a persistent cyber espionage attack on telecommunications companies worldwide to steal data on high-profile users and then spy on them. APT Business China critical infrastructure data breach Hacks & Hackers Telecommunications Threats Top Stories cyber espionage cyber warfare cyberattacks cybercrime cybersecurity hacking state sponsored telecommunications

The European Space Agency Launches Hackable Satellite

Schneier on Security

Of course this is hackable: A sophisticated telecommunications satellite that can be completely repurposed while in space has launched. […]. Because the satellite can be reprogrammed in orbit, it can respond to changing demands during its lifetime. […].

New House Bill Aims to Drive Americans' Security Awareness

Dark Reading

The legislation requires the National Telecommunications and Information Administration to establish a cybersecurity literacy campaign

Gallium: The Newest Threat Group on Microsoft's Radar

Dark Reading

Hacking group has been targeting telecommunication providers

Insecure Database Exposes Millions of Private SMS Messages

Threatpost

Breach Cloud Security Privacy data breach Data Privacy Database Security hosted services Microsoft Microsoft Azure Oracle Security small businesses SMS messages telecommunications TrueDialog vpnMentor

T-Mobile discloses data breach after SIM swapping attacks

Bleeping Computer

American telecommunications provider T-Mobile has disclosed a data breach after an unknown number of customers were apparently affected by SIM swap attacks. [.].

Singapore ISP Leaves 1,000 Routers Open to Attack

Threatpost

IoT Vulnerabilities Web Security Ankit Anubhav Mirai router vulnerability Singapore Telecommunications Limited SingCERT SingTel Wifi Gigabit RoutersTelcom firm leaves port open on customer routers after maintenance update exposing hundreds of customers to possible attack.

Podcast Episode 122: will 5G increase Internet of Things Risk?

The Security Ledger

Telecommunications firms like to talk up all the great things that so-called 5G cellular networks will bring to smart phones. Telecommunications firms like to talk up all the great things that so-called 5G cellular networks will bring to smart phones. In this week’s podcast: major telecommunications carriers like to talk up the advantages of so-called 5G connectivity to their customers.

Russia bans Opera VPN and VyprVPN, classifies them as threats

Bleeping Computer

Roskomnadzor, Russia's telecommunications watchdog, has banned the use of Opera VPN and VyprVPN after classifying them as threats according to current Russian law. [.].

New Cyber Espionage Group Targeting Ministries of Foreign Affairs

The Hacker News

Cybersecurity researchers on Thursday took the wraps off a new cyberespionage group that has been behind a series of targeted attacks against diplomatic entities and telecommunication companies in Africa and the Middle East since at least 2017.

Telcos Become Richer Hacking Targets

Dark Reading

The shift of moving telecommunications networks toward more commercial networking equipment and systems also expanded their attack surface

Hackers Tampered With APKPure Store to Distribute Malware Apps

The Hacker News

In an incident that's similar to that of German telecommunications equipment manufacturer Gigaset, the APKPure client version 3.17.18

RansomEXX Ransomware Impacts Ecuador’s Corporación Nacional de Telecomunicaciones CNT

Heimadal Security

The Corporación Nacional de Telecomunicaciones, CNT EP is the public telecommunications company in Ecuador that offers fixed telephony services local, regional and international, Internet Access (Dial-Up, DSL, mobile Internet), satellite television, and mobile telephony in Ecuadorian territory.

APT Horoscope

Schneier on Security

Just like Capricorn, Helix Kitten (also known as APT 35 or OilRig) is a skilled navigator of vast online networks, maneuvering deftly across an array of organizations, including those in aerospace, energy, finance, government, hospitality, and telecommunications.

Russia bans VyprVPN, Opera VPN services for not complying with blacklist request

The Hacker News

Russia's telecommunications and media regulator Roskomnadzor (RKN) on Thursday introduced restrictions on the operation of VyprVPN and Opera VPN services in the country. "In

Intentional Flaw in GPRS Encryption Algorithm GEA-1

Schneier on Security

” GEA-1 was designed by the European Telecommunications Standards Institute in 1998. General Packet Radio Service (GPRS) is a mobile data standard that was widely used in the early 2000s.

Threat Intelligence Firm ThreatQuotient Attracts $30 Million in Funding

eSecurity Planet

Threat Intelligence Firm ThreatQuotient gets the attention of Cisco and Japanese telecommunications company NTT Docomo

Episode 149: How Real is the Huawei Risk?

The Security Ledger

In this episode of the podcast we're joined by Priscilla Moriuchi of the firm Recorded Future, which released a report this week analyzing the security risks posed by Huawei, the Chinese telecommunications and technology giant. In this episode of the podcast we’re joined by Priscilla Moriuchi of the firm Recorded Future, which released a report this week analyzing the security risks posed by Huawei, the Chinese telecommunications and technology giant.

Risk 40

Huawei Charged with RICO Violations in Federal Court

Dark Reading

A new set of indictments adds conspiracy to violate RICO statutes to a list of existing charges against the Chinese telecommunications giant

Oracle Solaris Zero-Day Attack Revealed

Threatpost

A threat actor is compromising telecommunications companies and targeted financial and professional consulting industries using an Oracle flaw. Hacks Malware Vulnerabilities bluekeep CVE-2020-14871 Exploit Oracle oracle solaris SLAPSTICK unc1945 zero day

Webinar: DeadRinger – Exposing Chinese Threat Actors Targeting Major Telcos

Security Boulevard

Can We Stop Pretending SMS Is Secure Now?

Krebs on Security

Most large and legacy telecommunications providers validate transfer requests related to their customers by consulting NPAC , or the Number Portability Administration Center. But he suspects some of the smaller wired and wireless telecommunications firms may still be vulnerable.

AIs and Fake Comments

Schneier on Security

The big telecommunications companies paid millions of dollars to specialist “AstroTurf” companies to generate public comments. This month, the New York state attorney general issued a report on a scheme by “U.S. Companies and Partisans [to] Hack Democracy.”

RedFoxtrot Targets Indian Organizations

Security Boulevard

This hacker group has particularly focussed on targeting Indian institutions ranging from defense, telecommunications, mining, and research.

How a Single Digital Certificate Expiry Impacted 11 Countries?

Security Boulevard

It was early December 6th 2018, a cold winter morning when the security team at Swedish multinational networking and telecommunications company Ericsson received the jolt of their lives.

Brazilian Companies Are Lacking Much Needed Cybersecurity Teams

Heimadal Security

57% of businesses from areas like education, financial services, insurance, technology and telecommunications, health, and retail are constantly being targeted by cybercriminals according to a study by Instituto Datafolha commissioned by Mastercard.

Vodafone faces $9.7m data protection penalty in Spain

CyberSecurity Insiders

Spanish Data Protection Agency aka Agencia Espanola De Protection De Datos (AEPD) has penalized Vodafone Spain for failing to protect the data of its customers and for indulging in fraudulent telemarketing tactics.

US Government: Russia “Likely” Behind SolarWinds Breach

Adam Levin

The Cyber Unified Coordination Group (UCG), a task force composed of U.S. cybersecurity, intelligence, and law enforcement agencies, announced earlier this week that Russia was “likely” responsible for the 2020 SolarWinds data breach.

Mint Mobile Was Hit by a Data Breach

Heimadal Security

Mint Mobile is an American telecommunications company selling mobile phone services and operating as an MVNO on T-Mobile’s cellular network in the US.

Red Balloon Security Introduces Expanded Portfolio of Embedded Security Solutions

CyberSecurity Insiders

NEW YORK–(BUSINESS WIRE)–Red Balloon Security, the leader in embedded device security, today announced an expanded and customizable set of offerings for critical infrastructure and a range of industries –– including energy, industrial control systems (ICS), building management systems (BMS), automotive, and telecommunications.

U.K. Arrest in ‘SMS Bandits’ Phishing Service

Krebs on Security

The service, marketed in the underground under the name “ SMS Bandits ,” has been responsible for blasting out huge volumes of phishing lures spoofing everything from COVID-19 pandemic relief efforts to PayPal, telecommunications providers and tax revenue agencies.

Cell Networks Hacked by (Probable) Nation-State Attackers

Schneier on Security

Original report : Based on the data available to us, Operation Soft Cell has been active since at least 2012, though some evidence suggests even earlier activity by the threat actor against telecommunications providers. The attack was aiming to obtain CDR records of a large telecommunications provider.

Over 200 Bangladesh Organizations Hit by Hafnium Hacker Group

Heimadal Security

Bangladesh Telecommunication Regulatory Commission (BTRC), Bangladesh Bank, commercial banks, and Internet service providers were among the targets.