Bleeping Computer
Google shut down caching servers at two Russian ISPs
Two Russian internet service providers (ISPs) have received notices from Google that the global caching servers on their network have been disabled.
Bleeping Computer
Turkish hackers Sea Turtle expand attacks to Dutch ISPs, telcos
The Turkish state-backed cyber espionage group tracked as Sea Turtle has been carrying out multiple spying campaigns in the Netherlands, focusing on telcos, media, internet service providers (ISPs), and Kurdish websites.
Bleeping Computer
ISPs must provide emergency video service to deaf users: Ofcom
UK telecom and broadcasting regulator, Ofcom has mandated new requirements for Internet Service Providers (ISPs) and phone companies to provide additional services for users with special needs.
Bleeping Computer
Iranian state hackers use upgraded malware in attacks on ISPs, telcos
The Iranian state-supported APT known as 'Lyceum' (Hexane, Spilrin) targeted ISPs and telecommunication service providers in the Middle East and Africa between July and October 2021.
Bleeping Computer
FTC: ISPs collect and monetize far more user data than you’d think
The Federal Trade Commission (FTC) found that six largest internet service providers (ISPs) in the U.S. collect and share customers' personal data without providing them with info on how it's used or meaningful ways to control this process.
Security Affairs
Metador, a never-before-seen APT targeted ISPs and telco for about 2 years
A previously undetected hacking group, tracked as Metador, has been targeting telecommunications, internet services providers (ISPs), and universities for about two years. SentinelLabs researchers uncovered a never-before-seen threat actor, tracked as Metador, that primarily targets telecommunications, internet service providers, and universities in several countries in the Middle East and Africa. The experts pointed out that […]
SecurityWeek
MoustachedBouncer: Foreign Embassies in Belarus Likely Targeted via ISPs
MoustachedBouncer is a cyberespionage group that targets foreign diplomats in Belarus via ISP adversary-in-the-middle attacks.
Bleeping Computer
New Mustang Panda hacking campaign targets diplomats, ISPs
An ongoing Mustang Panda campaign that has started at least eight months ago has been uncovered by threat analysts who also managed to sample and analyze custom malware loaders and a new Korplug variant.
DarkReading
Iranian 'Seedworm' Cyber Spies Target African Telcos & ISPs
Seedworm, aka MuddyWater, drops PowerShell-based malware on victims using living-off-the-land techniques.
The Record
New UK system will see ISPs benefit from same protections as government networks
The Share and Defend system will provide a list of malicious domains to a range of U.K. communications providers so the domains can be added to blocklists.
Naked Security
Google wins court order to force ISPs to filter botnet traffic
CryptBot criminals are alleged to have plundered browser passwords, illicitly-snapped screenshots, cryptocurrency account data, and more.
The Hacker News
Researchers Uncover New Metador APT Targeting Telcos, ISPs, and Universities
Researchers have identified a previously unknown APT hacking group, dubbed Metador, which has infiltrated telecommunications companies, universities,
Infosecurity News
Government Initiative Promises Rapid Blocking of Scam Sites
Real-time data sharing with ISPs could stop fraud at scale
Ars Technica
FCC has approved $6 billion in broadband grants despite rejecting Starlink
Fixed wireless and fiber ISPs get money as FCC continues cleanup of Pai program.
Security Affairs
Turkish Sea Turtle APT targets Dutch IT and Telecom firms
Sea Turtle cyber espionage group targeted Telco, media, ISPs, IT service providers, and Kurdish websites in the Netherlands.
Bleeping Computer
MoustachedBouncer hackers use AiTM attacks to spy on diplomats
A cyberespionage group named 'MoustachedBouncer' has been observed using adversary-in-the-middle (AitM) attacks at ISPs to hack foreign embassies in Belarus.
Bleeping Computer
Pirate sites ban in Austria took down Cloudflare CDNs by mistake
Excessive and indiscriminate blocking is underway in Austria, with internet service providers (ISPs) complying to a court order to block pirate sites causing significant collateral damage.
Bleeping Computer
Cloudflare CDN clients caught in Austrian fight against pirate sites
Excessive and indiscriminate blocking is underway in Austria, with internet service providers (ISPs) complying to a court order to block pirate sites causing significant collateral damage.
Security Affairs
Lapsus$ Ransomware Group is hiring, it announced recruitment of insiders
Lapsus$ Ransomware gang is looking for insiders willing to sell remote access to major technology corporations and ISPs. Thursday, March 10, Lapsus$ ransomware gang announced they’re starting to recruit insiders employed within major technology giants and ISPs, such companies include Microsoft, Apple, EA Games and IBM. Their scope of interests include – major telecommunications companies […]
SecurityWeek
Researchers Crowdsourcing Effort to Identify Mysterious Metador APT
SentinelLabs researchers are crowdsourcing an effort to understand a new mysterious APT hitting hitting telcos, ISPs and universities in the Middle East and Africa.
Ars Technica
Why Russia’s “disconnection” from the Internet isn’t amounting to much
So far, moves by two of the Internet's major pipelines are having negligible effects.
CyberScoop
Hackers with links to Pro-Russian groups compromised foreign embassies in Belarus, researchers say
The work has been carried out by a newly identified group dubbed "MustachedBouncer," according to researchers with ESET.
Ars Technica
Some Twitter traffic briefly funneled through Russian ISP, thanks to BGP mishap
Despite the timing, the 45-minute hijacking was most likely an error, not an attack.
SecurityWeek
Cloudflare Customer Targeted in Record HTTPS DDoS Attack
Cloudflare says it mitigated a 15.3 million request-per-second (RPS) distributed denial of service (DDoS) attack carried out over HTTPS.
The Hacker News
Cloudflare Thwarts Record DDoS Attack Peaking at 15 Million Requests Per Second
Cloudflare mitigated a 15.3 million request-per-second (RPS) distributed denial-of-service (DDoS) attack.
Ars Technica
$10 billion fund starts giving US states money for broadband expansions
Every state can get at least $100 million from Treasury Dept's $10 billion fund.
Infosecurity News
Viasat Attributes Outage to
Disruption of satellite internet service in Ukraine and Europe began on day one of Russian invasion
CSO
Akamai debuts Brand Protector service to combat phishing, online forgery
A new product from cloud services provider Akamai takes aim at online fakery by automating protection of a user’s brand and web presence.
Bleeping Computer
Instagram, Facebook, Twitter, YouTube suspended in Turkey after blast
Following yesterday's deadly blast on İstiklal Avenue in Istanbul, Turkish authorities began restricting access to social media including Instagram, Facebook, Twitter, YouTube and Telegram.
The Record
Iranian cloud company accused of hosting cybercriminals, nation-state hackers
An Iranian technology company is providing infrastructure services to ransomware gangs and an array of nation-state hackers, researchers have found.
Security Affairs
Anonymous leaked 128GB of data stolen from Russian ISP Convex revealing FSB’s warrantless surveillance
The popular collective Anonymous has leaked 128 GB of data allegedly stolen from the Russian Internet Service Provider Convex. The collective Anonymous released last week 128 gigabytes of documents that were allegedly stolen from the Russian Internet Service Provider Convex. The huge trove of data was leased by an affiliate of Anonymous’s affiliate group called […]
Cyber Security News
Cloud Hosting Provider Accused for Providing Infrastructure to 17 State-sponsored Hackers
Researchers at Cloudzy, an Iranian VPS hosting provider with 15+ data centers all around the globe had been reselling their server space.
Ars Technica
One of the most powerful DDoSes ever targets cryptocurrency platform
15.3 million requests per second is HUGE, especially when delivered through HTTPS.
Cyber Security News
Sea Turtle APT Group Exploiting Known Vulnerabilities to Attack IT-service Providers
Cybersecurity security researchers at Hunt & Hackett recently discovered, Sea Turtle has been actively exploiting the known vulnerabilities.
Ars Technica
Google Fiber touts 20Gbps download speed in test, promises eventual 100Gbps
Google Fiber test delivered 20.2Gbps downloads to exec's home in Kansas City.
The Record
US ‘lagging behind’ on Border Gateway Protocol security practices, CISA and FCC chiefs say
The U.S. government is lagging behind other countries in instituting more stringent cybersecurity measures governing Border Gateway Protocol (BGP) – a set of technical rules responsible for routing data efficiently.
CyberNews
Alarming: researchers can fingerprint and block eight out of ten top VPN providers
OpenVPN, the most widely used open-source VPN protocol for secure and private connections, can be reliably detected and blocked at scale.
Security Affairs
Lapsus$ gang claims to have hacked Microsoft source code repositories
Microsoft is investigating claims that the Lapsus$ hacking group breached its internal Azure DevOps source code repositories. Microsoft announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. Over the last months, the gang compromised other prominent companies such as NVIDIA, Samsung, Ubisoft, Mercado […]
The Record
Russia’s vast telecom surveillance system crippled by withdrawal of Western tech, report says
Russia- and China-produced technology isn't sophisticated enough to maintain SORM, the Kremlin's domestic surveillance system, according to a new paper from the Carnegie Endowment for International Peace.
CyberNews
Russians can now access Twitter over the Tor network | CyberNews
After blocking Facebook, the Russian communications watchdog also restricted Twitter's access. But now, Russian users can access it using the Tor browser.
Security Affairs
Analyzing IP Addresses to Prevent Fraud for Enterprises
How can businesses protect themselves from fraudulent activities by examining IP addresses? The police would track burglars if they left calling cards at the attacked properties. Internet fraudsters usually leave a trail of breadcrumbs whenever they visit websites through specific IP addresses. They reveal their physical location and the device they used to connect to […]
DarkReading
Operation Behind Predator Mobile Spyware Is 'Industrial Scale'
The Intellexa alliance has been using a range of tools for intercepting and subverting mobile and Wi-Fi technologies to deploy its surveillance tools, according to an investigation by Amnesty International and others.
Infosecurity News
Why Bulletproof Hosting is Key to Cybercrime-as-a-Service
As a critical infrastructure service for cybercriminals, bulletproof hosting should be tracked and blocked by defenders, Intel471 argued in a new blog post
PCMag
Hackers Target Azure Accounts With Malware-Laden Shared Documents
Threat actors are directing their attacks against senior-level executives and employees across multiple organizations, says cybersecurity firm Proofpoint.
ZDNet
Viasat says 'cyber event' causing broadband outages across Europe | ZDNet
The company said a network outage is impacting internet services in Ukraine and elsewhere across Europe.
Ars Technica
Russia inches closer to its splinternet dream
New impetus for sovereign Internet after backlash from Russia's war on Ukraine.
Ars Technica
Man who built ISP instead of paying Comcast $50K expands to hundreds of homes
Jared Mauch gets $2.6 million from gov't to expand fiber ISP in rural Michigan.
Security Affairs
Lapsus$ extortion gang claims to have stolen sensitive data from Okta
The Lapsus$ extortion group claims to have stolen sensitive data from the identity and access management giant Okta solutions. The gang announced the alleged hack through its Telegram channel and shared a series of screenshots as proof of the hack. Some of the images published by the threat actors appear to be related to the company’s […]
Security Affairs
Security Affairs newsletter Round 386
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. CISA adds Atlassian Bitbucket Server flaw to its Known Exploited Vulnerabilities Catalog Guacamaya hacktivists stole sensitive data […]
Security Affairs
Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit
Leaked documents show the surveillance firm Intellexa offering exploits for iOS and Android devices for $8 Million. Intellexa is an Israeli surveillance firm founded by Israeli entrepreneur Tal Dilian, it offers surveillance and hacking solution to law enforcement and intelligence agencies. The Vx-undergroud researchers shared some images of several confidential documents that appear to be […]
Infosecurity News
Russian Hacktivists Overwhelm Spanish Sites With DDoS
Attacks come after Prime Minister’s trip to Kyiv
DarkReading
Interpol's 'Synergia' Op Nabs Dozens of Cybercriminals, Zaps Global C2s
The largest number of takedowns in Africa were in South Sudan and Zimbabwe.
Infosecurity News
ICO Relaxes Breach Reporting for Comms Providers
New rules are designed to reduce regulatory burden
Infosecurity News
New Cyber Threat 'MoustachedBouncer' Targets Embassies in Belarus
The new APT is allegedly aligned with the Belarusian regime and has operated under the radar for at least nine years
The Record
Sandworm-linked group likely knocked down Ukrainian internet providers
A group known as Solntsepek claimed responsibility for the incidents. Ukrainian officials confirmed that they are investigating it as a Russian state-backed operation.
Bleeping Computer
Windows 11 includes the DNS-over-HTTPS privacy feature - How to use
Microsoft has added a privacy feature to Windows 11 called DNS-over-HTTPS, allowing users to perform encrypted DNS lookups to bypass censorship and Internet activity.
Ars Technica
Google Fiber plans multi-state expansion 5+ years after “pausing” buildouts
ISP's history suggests you can expect only limited availability in each area.
Infosecurity News
African Police Bust $800K Fraud Schemes
International operation lasted four months
Infosecurity News
FBI: Beware of Cyber-Threat from Russian Hacktivists
Feds claim DDoS attacks are being aimed at critical infrastructure
The Hacker News
ISC Releases Security Patches for New BIND DNS Software Vulnerabilities
ISC has released patches for multiple vulnerabilities in the BIND DNS software suite that could lead to a DoS condition and system failures.
PCMag
ExpressVPN Removes Split-Tunneling Feature for Leaking DNS Requests
A specific configuration allowed DNS requests to reach third-party servers for almost two years, so ExpressVPN has disabled split tunneling on Version 12 for Windows while it preps a fix.
Ars Technica
How Tor is fighting—and beating—Russian censorship
Russia has been trying to block the anonymous browser since December—with mixed results.
Ars Technica
ISP deploys fiber service with a wrinkle—the users themselves own each network
Despite costly Silicon Valley project, CEO says this isn't just for wealthy areas.
DarkReading
'Savvy Seahorse' Hackers Debut Novel DNS CNAME Trick
Petty scammers have figured out how to leverage a core function of DNS in order to maintain scalable, stealthy, pliable malicious infrastructure.
Bleeping Computer
Hundreds of thousands of MikroTik devices still vulnerable to botnets
Approximately 300,000 MikroTik routers are vulnerable to critical vulnerabilities that malware botnets can exploit for cryptomining and DDoS attacks.
Infosecurity News
Interpol-Led Initiative Targets 1300 Suspicious IPs
Global collaborative effort focused on combating the global rise of phishing, malware and ransomware
CyberSecurity Dive
FBI, CISA issue warning on China-backed cyber threats against the telecom industry
State-sponsored actors are targeting small and home office networking equipment for access.
CyberNews
FCC sets a new standard for broadband internet: no less than 100 Mbps
The Federal Communications Commission (FCC) has scrapped the old benchmark for measuring broadband internet and increased it four-fold.
Security Affairs
Ubisoft suffered a cyber security incident that caused a temporary disruption
Video game company Ubisoft has suffered a ‘cyber security incident’ that had a severe impact on games, systems, and services. The rumors of a cyber attack against Ubisoft circulated online in the last few days, while data extortion group LAPSUS$ claimed to have hacked the company. Over the last few days, multiple users reported problems accessing […]
ThreatPost
Google Warns Spyware Being Deployed Against Android, iOS Users
The company is warning victims in Italy and Kazakhstan that they have been targeted by the malware from Italian firm RCS Labs.
Cyber Security News
High-Severity BIND DNS Flaw Let Attackers Exploit Remotely
Security fixes have been issued that address three high-severity vulnerabilities in several versions of ISC's BIND DNS Flaw 9
The Hacker News
SideCopy Using Action RAT and AllaKore RAT to infiltrate Indian Organizations
Action RAT and AllaKore RAT are the latest strains of malware deployed by SideCopy to carry out spear-phishing email attacks using Indian government.
Infosecurity News
Australia Considers Ban on Ransomware Payments After Medibank Breach
Home affairs minister Clare O'Neil made the announcement on ABC television on Sunday
Infosecurity News
US Action Disrupts Russian Botnet Cyclops Blink
Coordinated effort removes malware from C&C devices
Security Affairs
Lapsus$ extortion gang leaked the source code for some Microsoft projects
The Lapsus$ extortion group claims to have hacked Microsoft ‘s internal Azure DevOps server and leaked the source code for some projects. Microsoft recently announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. On Sunday, the Lapsus$ gang announced to have compromised Microsoft’s Azure DevOps […]
ThreatPost
Agencies Warn on Satellite Hacks & GPS Jamming Affecting Airplanes, Critical Infrastructure
The Russian invasion of Ukraine has coincided with the jamming of airplane navigation systems and hacks on the SATCOM networks that empower critical infrastructure.
Bleeping Computer
CISA issues DDoS warning after attacks hit multiple US orgs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of ongoing distributed denial-of-service (DDoS) attacks after U.S. organizations across multiple industry sectors were hit.
Latest Hacking News
Microsoft Plan To Launch Built-In VPN With Edge Browser
The tech giant Microsoft has planned to introduce a built-in VPN feature with its Edge browser. Reportedly, this new VPN will be powered by Cloudflare and will offer limited free data to the users. Microsoft Edge
The Hacker News
Chinese 'Mustang Panda' Hackers Spotted Deploying New 'Hodur' Malware
Hackers from China's Mustang Panda hacker group spotted deploying a new variant of Korplug malware, dubbed Hodur.
SecurityWeek
CISA Releases Guidance on Adopting DDoS Mitigations
CISA has released new guidance to help federal agencies decide upon and prioritize DDoS mitigations based on mission and reputational impact.
ZDNet
In-the-wild DDoS attack can be launched from a single packet to create terabytes of traffic
A test mode that shouldn't be exposed to the internet from a PBX-to-internet gateway responsible for amplification ratio of 4,294,967,296 to 1.
SecurityWeek
RIPE Account Hacking Leads to Major Internet Outage at Orange Spain
Orange Spain’s internet went down for several hours after its RIPE account was hacked, likely after malware stole the credentials.
Infosecurity News
Bad Bots Drive 10% Annual Surge in Account Takeover Attacks
Malicious bots now represent a third of all internet traffic, says Imperva
SecurityWeek
Ongoing Azure Cloud Account Takeover Campaign Targeting Senior Personnel
An active cloud account takeover campaign has impacted dozens of Azure environments and compromised hundreds of user accounts.
Bleeping Computer
Signal calls on users to run proxies for bypassing Iran blocks
Signal is urging its global community to help people in Iran stay connected with each other and the rest of the world by volunteering proxies to bypass the aggressive restrictions imposed by the Iranian regime.
Security Affairs
The German BSI agency recommends replacing Kaspersky antivirus software
German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. The Agency warns the cybersecurity firm could be implicated in hacking attacks during the ongoing Russian invasion of Ukraine. According […]
Bleeping Computer
ExpressVPN bug has been leaking some DNS requests for years
ExpressVPN has removed the split tunneling feature from the latest version of its software after finding that a bug exposed the domains users were visiting to configured DNS servers.
ZDNet
Mustang Panda hacking group takes advantage of Ukraine crisis in new attacks | ZDNet
Just as criminals seized on the pandemic, this group is trying to capitalize on Russia's invasion of Ukraine.
The Hacker News
Hackers Abuse Mitel Devices to Amplify DDoS Attacks by 4 Billion Times
Hackers abuse Mitel devices to perform high-impact amplification attacks to stage massive DDoS attacks with a record-breaking amplification ratio.
Bleeping Computer
Russian hackers wiped thousands of systems in KyivStar attack
The Russian hackers behind a December breach of Kyivstar, Ukraine's largest telecommunications service provider, have wiped all systems on the telecom operator's core network.
CyberScoop
Top Ukrainian cyber official praises volunteer hacks on Russian targets, offers updates
Ukraine's Victor Zhora said the so-called IT Army has done "useful" things, and he offered information about the "CaddyWiper" incident.
The Hacker News
Orange Spain Faces BGP Traffic Hijack After RIPE Account Hacked by Malware
range Spain hit by major internet outage due to cyberattack. Find out how a simple malware breach led to massive service disruption.
Bleeping Computer
Steam, PayPal blocked as Indonesia enforces new Internet regulation
The Indonesian Ministry of Communication and Information Technology, Kominfo, is now blocking access to internet service and content providers who had not registered on the country's new licensing platform by July 27th, 2022, as the country begins to restrict access to online content providers and services.
Bleeping Computer
New TsuNAME DNS bug allows attackers to DDoS authoritative DNS servers
Attackers can use a newly disclosed domain name server (DNS) vulnerability publicly known as TsuNAME as an amplification vector in large-scale reflection-based distributed denial of service (DDoS) attacks targeting authoritative DNS servers.
Bleeping Computer
Activists use torrents to spread uncensored news to Russian pirates
A team of Ukrainian cyber-activists has thought of a simple yet potentially effective way to spread uncensored information in Russia: bundling torrents with text and video files pretending to include installation instructions.
Bleeping Computer
Russians bypass website blocks to access Western news sources
Cloudflare sees signs of Russians increasingly turning to Western news sources to get accurate information about the situation in Ukraine.
Bleeping Computer
Actively exploited bug bypasses authentication on millions of routers
Threat actors actively exploit a critical authentication bypass vulnerability impacting home routers with Arcadyan firmware to take them over and deploy Mirai botnet malicious payloads.
SecurityWeek
Iran-Run ISP 'Cloudzy' Caught Supporting Nation-State APTs, Cybercrime Hacking Groups
Researchers unmask an Iranian-run company providing command-and-control services to hacking groups, including state-sponsored APT actors.
Bleeping Computer
Movie torrents hijacked to send tips on bypassing Russian censorship
A team of Ukrainian cyber-activists has thought of a simple yet potentially effective way to spread uncensored information in Russia: bundling torrents with text and video files pretending to include installation instructions.
The Record
‘MoustachedBouncer’ espionage hackers targeting embassies in Belarus
Four embassies in Belarus were targeted by an espionage campaign, including two from Europe and one each from South Asia and Africa.
Loading more articles....