The Hacker News
Konni Group Using Russian-Language Malicious Word Docs in Latest Attacks
Threat actor Konni, potentially tied to North Korea, deploys RAT in cyber espionage using Russian Word doc, exploiting WinRAR flaw.
SecurityWeek
Broadcom Planning to Complete Deal for $69 Billion Acquisition of VMWare After Regulators Give OK
Broadcom has cleared all regulatory hurdles and will complete its $69 billion acquisition of cloud technology company VMware.
CyberNews
DDoS has evolved in 2023: longer, more frequent, and more sophisticated
Novel approaches allow cyberattackers to bypass geoblocking defenses, flooding servers more frequently and for longer.
The Record
Rebel offensive in Myanmar takes aim at online scam industry
An alliance of rebel groups in northern Myanmar is preparing to lay siege to the city of Laukkaing — a hub of the country’s flourishing cyber-scamming industry that has drawn criticism from Beijing.
CyberNews
Most cyberattacks in Russia come from China and North Korea
China and North Korea were behind most of state-sponsored cyberattacks in Russia, according to the country’s security firm Solar.
The Record
In recent interview, ousted Ukrainian cyber official spoke about new Russian attacks, long-term plans
Ukraine's anti-corruption agency sent shockwaves through the country's cybersecurity agencies on Monday morning, when it announced that it had launched an investigation into the procurement practices of a handful of its top cyber officials.
The Record
Russian analysts point finger at China, North Korea over cyber activity
Despite the countries' warm relationship, Russia is being targeted by North Korean and Chinese state hacking groups, a cybersecurity firm connected to Rostelecom claims.
CyberNews
FBI warning on MGM hacker group Scattered Spider, urges victims to come forward
The FBI is warning organizations to guard against the Scattered Spider ransom group, responsible for the MGM and Caesars hacks, plus dozens more US attacks this year.
The Record
FTC targets telecom provider for inmates after massive data breach
The federal agency wants Virginia-based Global Tel*Link Corp. to improve its security practices and incident reporting policies.
The Record
Toyota recovering from cyberattack on its financial services division
The company acknowledged the cyberattack hours after the Medusa ransomware gang claimed to have stolen data from Toyota Financial Services.
SecurityWeek
State-Backed Hackers a Threat to Australia, Agency Warns
The Australian Signals Directorate singled out Russia and China as among the country's greatest cyber threats in its latest threat report.
The Record
Clearing the informational fog in Israel and Gaza
The Click Here podcast team reports on wartime technological improvisations: An activist unexpectedly leads an effort to identify the missing and the dead. And an English teacher finds a way to connect mobile phones as infrastructure collapses.
CSO
Iran-linked spy APT MuddyWater ratchets up anti-Israel attacks: Report
Fake folders and remote access tools are part of the MuddyWater advanced persistent threat (APT) espionage group’s latest campaign against Israeli targets, according to cybersecurity firm Deep Instinct.
The Hacker News
Iranian Cyber Espionage Group Targets Financial and Government Sectors in Middle East
Iranian threat actor "Scarred Manticore" has launched a year-long cyber espionage campaign targeting the Middle East finance, government, military.
The Record
Iranian hackers caught spying on governments and military in Middle East
An Iranian nation-state threat actor is targeting high-profile organizations in the Middle East in an ongoing espionage campaign, according to a new report.
Bleeping Computer
SEC sues SolarWinds for misleading investors before 2020 hack
The U.S. Securities and Exchange Commission (SEC) today charged SolarWinds with defrauding investors by allegedly concealing cybersecurity defense issues before a December 2020 linked to APT29, the Russian Foreign Intelligence Service (SVR) hacking division.
SecurityWeek
Florida SIM Swapper Sentenced to Prison for Cryptocurrency Theft
A 20-year-old Floridian was sentenced to prison for his role in a hacking scheme that led to the theft of $1 million in cryptocurrency.
The Record
Ukrainian hackers disrupt internet providers in Russia-occupied territories
Ukrainian hackers have temporarily disabled internet services in parts of the country’s territories that have been occupied by Russia.
DarkReading
Octo Tempest Group Threatens Physical Violence as Social Engineering Tactic
The financially motivated English-speaking threat actors use advanced social engineering techniques, SIM swapping, and even threats of violence to breach targets.
Bleeping Computer
The Week in Ransomware - October 27th 2023 - Breaking Records
Ransomware attacks are increasing significantly, with reports indicating that last month was a record month for ransomware attacks in 2023.
The Hacker News
Record-Breaking 100 Million RPS DDoS Attack Exploits HTTP/2 Rapid Reset Flaw
Cloudflare reported an industry-wide campaign that targeted AWS, Cloudflare, and Google Cloud, launching DDoS attacks exploiting HTTP/2 Rapid Reset.
Bleeping Computer
Chilean telecom giant GTD hit by the Rorschach ransomware gang
Chile's Grupo GTD warns that a cyberattack has impacted its Infrastructure as a Service (IaaS) platform, disrupting online services.
CSO
Wildfires, cyberattacks, and cheating students turned off the internet in the third quarter
Submarine cable damage, natural disasters and cyberattacks triggered third quarter internet outages worldwide, according to a report from Cloudflare.
The Record
Exclusive: How a defend-forward operation gave Ukraine’s SBU an edge over Russia
On a recent trip to Kyiv, the Click Here team spoke with Illia Vitiuk, head of the cyber department of the Security Service of Ukraine, about the importance of an early operation with U.S. hunt teams and why he considers attacks on civil infrastructure “to be nothing but a war crime.”
CyberNews
DDoS attacks trending upwards: multiple EU websites under siege
DDoS attacks are currently on the rise.
The Hacker News
CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks
Ukraine's CERT-UA discovered threat actors targeting 11 telecom providers between May and September 2023. The attacks caused service interruptions.
The Record
Russia’s Sandworm hacking unit targets Ukrainian telecom providers
The infamous Russian state hacking group known as Sandworm has targeted at least eleven Ukrainian internet and telecom providers since May, according to a recent report from Ukrainian cybersecurity authorities.
The Record
Five Eyes intelligence chiefs warn of ‘sharp rise’ in commercial espionage
Speaking on the same stage for the first time, the agency heads presented five principles they wanted businesses to adopt to keep staff and information secure.
The Record
Russia wants to isolate its internet, but experts warn it won’t be easy
As Russia’s war with Ukraine drags on, the Kremlin has doubled down on its efforts to take control of the internet on its own turf.
The Hacker News
Researchers Unveil ToddyCat's New Set of Tools for Data Exfiltration
Kaspersky sheds light on hacking group ToddyCat's latest arsenal of tools. Designed for data theft, their tactics are more advanced than ever.
The Hacker News
Researchers Uncover Ongoing Attacks Targeting Asian Governments and Telecom Giants
Cybersecurity experts uncover an ongoing threat to government and telecom entities in Asia.
The Record
Hacktivists take sides in Israel-Palestinian war
Since Hamas fighters launched their assault on Saturday, nearly 60 groups have targeted Palestinian and Israeli entities.
The Hacker News
Gaza-Linked Cyber Threat Actor Targets Israeli Energy and Defense Sectors
Gaza-based hacker group Storm-1133 targets Israeli energy, defense, and telecom. Microsoft's report exposes tactics.
The Record
China-based spies are hacking East Asian semiconductor companies, report says
Researchers at EclecticIQ attributed the campaign to a China-based group known as Budworm or APT27. The hacking campaign involved lures citing a major Taiwan microchip manufacturer.
The Record
Cyberattack on British telecom Lyca prevented customers from making calls, topping up
The company began investigating after it became aware that customers were problems buying minutes and making calls.
The Record
Red Cross releases ethical guidelines for hacktivists in war
The International Committee for the Red Cross asks hacktivists to comply with eight “humanitarian law-based rules” to protect themselves and avoid harming others.
Infosecurity News
Predator Spyware Linked to Madagascar’s Government Ahead of Election
Cybersecurity firm Sekoia has found new evidence that the Malagasy government has used Cytrox’s spyware ahead of the election
Bleeping Computer
Budworm hackers target telcos and govt orgs with custom malware
A Chinese cyber-espionage hacking group tracked as Budworm has been observed targeting a telecommunication firm in the Middle East and a government entity in Asia using a new variant of its custom 'SysUpdate' backdoor.
The Hacker News
China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies
Budworm, a China-linked group, strikes again with updated malware tools, targeting government and telecom entities.
The Record
Suspected China-based hackers target Middle Eastern telecom, Asian government
Hackers targeted a Middle Eastern telecom organization and an Asian government in a recent spying operation, according to a report published Thursday.
The Record
NSA is creating a hub for AI security, Nakasone says
The Artificial Intelligence Security Center will serve as a “focal point” for various activities related to AI, including the security of the technology, the spy agency's director said.
Cyber Security News
Ransomware Group Claims to Have Hacked 'All Of Sony Systems'
A group that has never been seen before has said that they were able to break into all of Sony Group Corporation's computer systems.
Cyber Security News
Sandman APT Attacks Telcos Organizations to Steal System Information
Due to its vital infrastructure and the enormous quantity of sensitive data it manages, which includes both personal and business communications, the telecommunications sector is aggressively targeted by hackers.
SecurityWeek
Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks
Predator spyware delivered to iPhones and Android devices using iOS and Chrome zero-day vulnerabilities and MitM attacks.
The Hacker News
Apple and Chrome Zero-Days Exploited to Hack Egyptian ex-MP with Predator Spyware
iPhone spyware attack! Former Egyptian parliament member Ahmed Eltantawy targeted by Predator spyware using 3 recent zero-day vulnerabilities.
Ars Technica
3 iOS 0-days, a cellular network compromise, and HTTP used to infect an iPhone
Apple patches 3 zero-days after they were used in a sophisticated attack.
Infosecurity News
Elusive Sandman APT Targets Telecom Giants With LuaJIT Toolkit
SentinelLabs said the group’s tactics focus on stealthy lateral movements and minimal interactions
SecurityWeek
In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking
Noteworthy stories that might have slipped under the radar: Snowden file analysis, Yubico starts trading, election hacking event.
The Record
Egyptian opposition politician hacked with Predator spyware, researchers confirm
Ahmed Eltantawy was targeted between May and September with spyware that used three zero-day vulnerabilities in Apple products, researchers said.
DarkReading
Mysterious 'Sandman' APT Targets Telecom Sector With Novel Backdoor
The Sandman group's main malware is among the very few that use the Lua scripting language and its just-in-time compiler.
The Hacker News
Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents
Sandman, a new cyber threat actor, is targeting telecom providers across continents. Read more about this cyber espionage campai
Bleeping Computer
‘Sandman’ hackers backdoor telcos with new LuaDream malware
A previously unknown threat actor dubbed 'Sandman' targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named 'LuaDream.'
The Hacker News
China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers
China's Ministry of State Security accuses the U.S. of cyber espionage against Huawei servers since 2009.
Bleeping Computer
Hackers backdoor telecom providers with new HTTPSnoop malware
New malware named HTTPSnoop and PipeSnoop are used in cyberattacks on telecommunication service providers in the Middle East, allowing threat actors to remotely execute commands on infected devices.
The Hacker News
ShroudedSnooper's HTTPSnoop Backdoor Targets Middle East Telecom Companies
Telecom providers in the Middle East face a stealthy cyber threat called ShroudedSnooper. It uses HTTPSnoop to exploit Windows HTTP kernel drivers.
DarkReading
'ShroudedSnooper' Backdoors Use Ultra-Stealth in Mideast Telecom Attacks
The threat cluster hasn't been seen before, but its custom Windows server backdoors have researchers intrigued thanks to their extremely effective stealth mechanisms.
The Hacker News
Financially Motivated UNC3944 Threat Actor Shifts Focus to Ransomware Attacks
UNC3944 threat actor now turns to ransomware attacks, targeting critical systems. Understand their tactics, and learn how to protect your organization
DarkReading
DoD: China's ICS Cyber Onslaught Aimed at Gaining Kinetic Warfare Advantage
Escalating incursions into military base infrastructure, telecom networks, utilities, and more signal that Beijing is laying the groundwork for mass disruption.
Cyber Security News
Massive DDoS Attacks at 633.7 Gbps Combining ACK, PUSH, RESET, and SYN Packets
DDoS attack evolves with changing tech and attacker motivations, with recent cases involving significant damages and legal consequences.
CyberSecurity Dive
MGM Resorts disruption linked to recent attacks against hospitality industry
Security researchers link the threat group Scattered Spider to a wave of malicious activity as Caesars Entertainment confirms social engineering attack in regulatory filing.
The Hacker News
Chinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and Telecom
Suspected Chinese hacking group UNC4841 exploited zero-day flaw in Barracuda ESG appliances to target government, military, and tech companies.
The Record
Legitimate software tainted in attacks on Hong Kong organizations, report says
Symantec says it found abuse of the legitimate Cobra DocGuard software by a previously unknown advanced persistent threat (APT) group that it's labeling as Carderbee.
The Hacker News
India Passes New Digital Personal Data Protection Bill (DPDPB), Putting Users' Privacy First
Indian President approves the Digital Personal Data Protection Bill, reinforcing the importance of lawful data processing while respecting privacy.
SecurityWeek
In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities
Weekly cybersecurity news roundup: VPN vulnerabilities, macOS threats, keyboard spying, layoffs, and security patches
SecurityWeek
India Passes Data Protection Legislation in Parliament. Critics Fear Privacy Violation
Indian lawmakers approved a data protection legislation as several groups expressed concern over citizens’ privacy rights.
SecurityWeek
MoustachedBouncer: Foreign Embassies in Belarus Likely Targeted via ISPs
MoustachedBouncer is a cyberespionage group that targets foreign diplomats in Belarus via ISP adversary-in-the-middle attacks.
The Record
‘MoustachedBouncer’ espionage hackers targeting embassies in Belarus
Four embassies in Belarus were targeted by an espionage campaign, including two from Europe and one each from South Asia and Africa.
The Record
US should crack down on SIM swapping following Lapsus$ attacks: DHS review
In its latest report, the Cyber Safety Review Board called on the FCC and FTC to strengthen their oversight and enforcement activities around SIM swapping.
The Record
Lawmakers press FCC for action on Chinese-made cellular modules
Reps. Mike Gallagher and Raja Krishnamoorthi, leaders of the House's panel on China, want to hear more from the FCC about Chinese-made cellular connectivity modules embedded in Internet of Things devices.
Bleeping Computer
Extended warranty robocallers fined $300 million after 5 billion scam calls
The Federal Communications Commission (FCC) has announced a record-breaking $299,997,000 fine imposed on an international network of companies for placing five billion robocalls to more than 500 million phone numbers over three months in 2021.
The Record
US ‘lagging behind’ on Border Gateway Protocol security practices, CISA and FCC chiefs say
The U.S. government is lagging behind other countries in instituting more stringent cybersecurity measures governing Border Gateway Protocol (BGP) – a set of technical rules responsible for routing data efficiently.
Bleeping Computer
Hacktivists fund their operations using common cybercrime tactics
Hacktivist groups that operate for political or ideological motives employ a broad range of funding methods to support their operations.
The Record
Federal privacy bill would strip FCC’s role as telecom industry’s privacy cop
Sweeping federal privacy legislation now under debate in Congress is expected to move oversight of the telecom industry’s privacy practices from the Federal Communications Commission (FCC) to the Federal Trade Commission (FTC).
The Hacker News
CISA and NSA Issue New Guidance to Strengthen 5G Network Slicing Against Threats
U.S. cybersecurity agencies issue recommendations to strengthen security in 5G network slicing.
The Record
Russia’s vast telecom surveillance system crippled by withdrawal of Western tech, report says
Russia- and China-produced technology isn't sophisticated enough to maintain SORM, the Kremlin's domestic surveillance system, according to a new paper from the Carnegie Endowment for International Peace.
The Record
Cloudflare reports surge in sophisticated DDoS attacks
Hacking groups — many based in Russia — pummeled companies in the second quarter of this year with well-planned distributed denial-of-service (DDoS) attacks, according to new research.
Ars Technica
AT&T stock fell to 29-year low on Friday and sank another 6.7% today
AT&T, Verizon, Frontier, and Lumen all get hammered after lead-cable reports.
CyberSecurity Dive
Microsoft hardens key issuance systems after state-backed hackers breach Outlook accounts
The China-linked group, which Microsoft calls Storm-1558, has adopted new techniques after it took steps to disrupt their recent hacking activity.
Cyber Security News
Microsoft Struggling to Find How Hackers Steal the Azure AD Signing Key
Surprisingly, Microsoft remains unaware of how Chinese hackers acquired an inactive Microsoft account signing key to breach Exchange Online and Azure AD accounts.
The Record
Hackers target Pakistani government, bank and telecom provider with China-made malware
An unknown hacker group compromised a Pakistani government app in order to infect victims with the China-linked Shadowpad malware, researchers have found.
CyberSecurity Dive
RomCom uses Word documents in new phishing campaign, Microsoft warns
The hackers are known to use trojanized versions of legitimate software from Adobe, SolarWinds, KeePass and others.
Cyber Security News
VMware SD-WAN Vulnerability Let Attacker Bypass Authentication
An authentication bypass vulnerability exists in VMware SD-WAN (Edge). Upon successful exploitation, unauthorized attackers gain access.
The Hacker News
Surviving the 800 Gbps Storm: Gain Insights from Gcore's 2023 DDoS Attack Statistics
Learn how the DDoS attack landscape has changed in Q1-Q2 of 2023.
Infosecurity News
Police Arrest Suspected OPERAE1R Cybercrime Kingpin
Individual is thought to be key figure in $30m gang
Infosecurity News
Police Arrest Suspected OPERA1ER Cybercrime Kingpin
Individual is thought to be key figure in $30m gang
The Hacker News
INTERPOL Nabs Hacking Crew OPERA1ER's Leader Behind $11 Million Cybercrime
Suspected leader of OPERA1ER hacking crew, responsible for $11 Million+ in theft, has been arrested in an international operation.
Security Affairs
RedEnergy Stealer-as-a-Ransomware employed in attacks in the wild
RedEnergy is a sophisticated stealer-as-a-ransomware that was employed in attacks targeting energy utilities, oil, gas, telecom, and machinery sectors. Zscaler ThreatLabz researchers discovered a new Stealer-as-a-Ransomware named RedEnergy used in attacks against energy utilities, oil, gas, telecom, and machinery sectors. The malware allows operators to steal information from various browsers, it also supports ransomware capabilities. […]
Bleeping Computer
Police arrest suspect linked to notorius OPERA1ER cybercrime gang
Law enforcement has detained a suspect believed to be a key member of the OPERA1ER cybercrime group, which has targeted mobile banking services and financial institutions in malware, phishing, and Business Email Compromise (BEC) campaigns.
The Hacker News
RedEnergy Stealer-as-a-Ransomware Threat Targeting Energy and Telecom Sectors
RedEnergy, a sophisticated stealer-as-a-ransomware threat, is targeting energy utilities, oil, gas, telecom, and machinery sectors.
The Record
Top suspect in OPERA1ER cybercrime operation arrested in Africa
A “suspected senior member” of the French-speaking OPERA1ER cybercrime gang is in custody, international police announced Wednesday.
The Hacker News
Swedish Data Protection Authority Warns Companies Against Google Analytics Use
Swedish watchdog warns against using Google Analytics over Data Protection risks linked to U.S. surveillance.
DarkReading
Researchers Develop Exploit Code for Critical Fortinet VPN Bug
Some 340,000 FortiGate SSL VPN appliances remain exposed to the threat more than three weeks after Fortinet released firmware updates to address the issue.
Cyber Security News
New Stealer-as-a-Ransomware Delivered Through Fake Updates
Recently, the cybersecurity analysts at Zscaler found a new variant of malware, RedEnergy, a new hybrid Stealer-as-a-Ransomware threat.
The Hacker News
Cybercrime Group 'Muddled Libra' Targets BPO Sector with Advanced Social Engineering
Watch out, BPOs! Discover how 'Muddled Libra' cybercrime group is leveraging the 0ktapus phishing kit and social engineering tactics.
Cyber Security News
50 World's Best Penetration Testing Companies - 2023
Best Penetration Testing Companies: 1. Crowdstrike 2. Secureworks 3. Rapid7 4. Acunetix 5. Trellix 6. Invicti 7. Cobalt 8. Intruder.
Security Affairs
Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Law enforcement shutdown a long-standing DDoS-for-hire service A Russian national charged for committing LockBit Ransomware attacks […]
DarkReading
Fortinet: Patched Critical Flaw May Have Been Exploited
Users urged to apply updates to FortiOS SSL-VPN after attackers may have leveraged a recently discovered vulnerability in attacks against government, manufacturing, and critical infrastructure organizations.
Bleeping Computer
Chinese hackers used VMware ESXi zero-day to backdoor VMs
VMware patched today a VMware ESXi zero-day vulnerability exploited by a Chinese-sponsored hacking group to backdoor Windows and Linux virtual machines and steal data.
ZDNet
How to hack Facebook with just a phone number
Updated: A flaw in the SS7 protocol made hacking Facebook accounts easier than you'd think.
Security Affairs
Pro-Ukraine Cyber Anarchy Squad claims the hack of the Russian telecom provider Infotel JSC
Pro-Ukraine hackers Cyber Anarchy Squad claimed responsibility for the attack that hit Russian telecom provider Infotel JSC. Pro-Ukraine hacking group Cyber.Anarchy.Squad claimed responsibility for an attack on Russian telecom provider Infotel JSC. The company provides connectivity services to the Russian banking system, for this reason, the attack had a severe impact on the operations of […]
Bleeping Computer
Ukrainian hackers take down service provider for Russian banks
A group of Ukrainian hackers known as the Cyber.Anarchy.Squad claimed an attack that took down Russian telecom provider Infotel JSC on Thursday evening.
Cyber Security News
25 Best Cloud Service Providers (Public and Private) in 2023
Best Cloud Service Providers: 1. AWS 2. Google Cloud 3. Azure 4. Oracle Cloud 5. VMware 6. DigitalOcean 7. Rackspace 8. IBM Cloud.
ZDNet
Were you caught up in the latest data breach? Here's how to find out
Wondering if your information is posted online from a data breach? Here's how to check if your accounts are at risk and what to do next.
CSO
New CISO appointments 2023
Keep up with news of CSO, CISO, and other senior security executive appointments.
The Hacker News
5 Must-Know Facts about 5G Network Security and Its Cloud Benefits
Discover the untold security secrets of 5G! Find out how encryption, privacy protection, and more are transforming mobile connectivity.
The Hacker News
New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids
New industrial malware COSMICENERGY unearthed – targeting electric transmission operations in Europe, Middle East, and Asia.
CyberScoop
Mysterious malware designed to cripple industrial systems linked to Russia
The code designed to target industrial control systems joins the pantheon of dangerous malware that can cause cyber-physical harm.
DarkReading
'Volt Typhoon' China-Backed APT Infiltrates US Critical Infrastructure Orgs
According to Microsoft and researchers, the state-sponsored threat actor could very well be setting up a contingency plan for disruptive attacks on the US in the wake of an armed conflict in the South China Sea.
The Hacker News
OilAlpha: Emerging Houthi-linked Cyber Threat Targets Arabian Android Users
OilAlpha, a hacking group with suspected ties to Yemen's Houthi movement, is on the rise.
Bleeping Computer
Hackers use Azure Serial Console for stealthy access to VMs
A financially motivated cybergang tracked by Mandiant as 'UNC3944' is using phishing and SIM swapping attacks to hijack Microsoft Azure admin accounts and gain access to virtual machines.
Security Affairs
Lancefly APT uses powerful Merdoor backdoor in attacks on Asian orgs
The Lancefly APT group is using a custom powerful backdoor called Merdoor in attacks against organizations in South and Southeast Asia. Symantec researchers reported that the Lancefly APT group is using a custom-written backdoor in attacks targeting organizations in South and Southeast Asia, as part of a long-running campaign. The highly-targeted attacks aim at organizations […]
The Hacker News
Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign
Government, aviation, education, and telecom sectors in South and Southeast Asia are under attack!
The Hacker News
New Stealthy Variant of Linux Backdoor BPFDoor Emerges from the Shadows
BPFDoor, an undetected malware variant, has resurfaced with enhanced evasiveness. Find out how this Linux backdoor has remained hidden for years.
The Hacker News
Mastermind Behind Twitter 2020 Hack Pleads Guilty and Faces up to 70 Years in Prison
23-year-old mastermind behind the Twitter 2020 hack, which compromised 130 high-profile accounts (including those of Bill Gates and Elon Musk).
Infosecurity News
CISA Advises FCC Covered List For Risk Management
Some of the companies included in the list are Huawei, ZTE, Dahua and China Unicom
Infosecurity News
Earth Longzhi Uses
Trend Micro analyzed two separate Earth Longzhi campaigns between 2020 and 2022
The Hacker News
Why Telecoms Struggle with SaaS Security
Telecoms are under threat from cybercriminals due to the sensitive information they hold. Learn how SaaS security can help protect their data.
DarkReading
China's 'Evasive Panda' Hijacks Software Updates to Deliver Custom Backdoor
Researchers observed downloads of installers for the APT's flagship backdoor, MgBot, when users at a Chinese NGO were updating legitimate applications.
The Hacker News
Paperbug Attack: New Politically-Motivated Surveillance Campaign in Tajikistan
New politically-motivated surveillance campaign detected in Tajikistan, targeting government officials, telecom services.
Bleeping Computer
Tencent QQ users hacked in mysterious malware attack, says ESET
The Chinese APT hacking group known as 'Evasive Panda' are behind a mysterious attack that distributed the MsgBot malware as part of an automatic update for the Tencent QQ messaging app.
The Hacker News
Chinese Hackers Using PingPull Linux Variant to Target Financial and Government Entities
Chinese threat actor Alloy Taurus has been caught using a Linux variant of a backdoor called PingPull to target financial institutions and governments
The Hacker News
Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China
Evasive Panda, a Chinese APT group, targeting international NGOs in Mainland China with MgBot modular malware framework.
The Hacker News
Daggerfly Cyberattack Campaign Hits African Telecom Services Providers
China-linked Bronze Highland hackers aka Daggerfly group is targeting telecom services providers in Africa using spear-phishing and MgBot malware.
CSO
Battle could be brewing over new FCC data breach reporting rules
An expanded data breach definition and the telcos’ desire to link notifications to “concrete harm” are among the most controversial aspects of the proposed FCC data breach reporting rules.
Bleeping Computer
All Dutch govt networks to use RPKI to prevent BGP hijacking
The Dutch government will adopt the RPKI (Resource Public Key Infrastructure) standard on all its systems before the end of 2024 to upgrade the security of its internet routing.
CSO
Default static key in ThingsBoard IoT platform can give attackers admin access
Admins unable to update to the patched ThingsBoard version can manually change the default signing key.
CyberSecurity Dive
Western Digital cyber incident is credit negative: Moody’s analyst
The data storage firm will face added pressure to its credit profile if the security incident further disrupts operations, one analyst said.
Trend Micro
Stay Ahead of Cyber Threats
Going further and faster with high-performance network security
Security Affairs
Telecom giant Lumen suffered a ransomware attack and disclose a second incident
Telecommunications giant Lumen Technologies discovered two cybersecurity incidents, including a ransomware attack. In a filing to the Securities and Exchange Commission, on March 27, 2023, Lumen announced two cybersecurity incidents. One of the incidents is a ransomware attack that impacted a limited number of its servers that support a segmented hosting service. The company did […]
Security Affairs
Security Affairs newsletter Round 412 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sites Pwn2Own Vancouver 2023 awarded $1,035,000 and […]
Infosecurity News
China-Aligned
The deployment of custom credential theft malware is the main novelty of the new campaign
The Hacker News
Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers
Middle East telecom providers under cyber attack from China-linked threat actors in a long-running campaign dubbed Operation Soft Cell.
The Hacker News
Emotet Rises Again: Evades Macro Security via OneNote Attachments
Emotet is back, now hiding in Microsoft OneNote email attachments to bypass macro-based security restrictions and compromise systems.
Trend Micro
S4x23 Review Part 3: Healthcare Cybersecurity Sessions
This article focuses on the healthcare sector. Over the past two years, the healthcare sector has been in a constant state of emergency due to the COVID-19 pandemic, and as widely reported in the media, it has also been threatened by cyberattacks such as ransomware.
Infosecurity News
Pro-Russian Winter Vivern APT Targets Governments and Telecom Firm
SentinelOne shared details about the new campaign in an advisory published on Thursday
DarkReading
Brand Names in Finance, Telecom, Tech Lead Successful Phishing Lures
AT&T, PayPal, and Microsoft top the list of domains that victims visit following a link in a phishing email, as firms fight to prevent fraud and credential harvesting.
CSO
AT&T informs 9M customers about data breach
The company’s marketing vendor suffered a security failure in January and exposed CPNI data that included first names, wireless account numbers, wireless phone numbers, and email addresses.
CyberSecurity Dive
Worried about data breaches? Blame the information sector
Three in five records exposed in a data breach last year came from software, telecom, data processing and web hosting companies, Flashpoint found.
ZDNet
Huawei spotlights healthcare, maritime in 5G use case
Healthcare and maritime are key sectors that can benefit from 5G connectivity with their need for low network latency, but they also have to prepare for higher security risks.
Infosecurity News
Experts Warn of
Small businesses are particularly vulnerable
DarkReading
Dish Blames Ransomware Attack for Disruptions of Internal Systems, Call Center Services
The cyberattackers might have potentially accessed customer information, the service provider warns.
DarkReading
Canadian Telecom Firm Telus Reportedly Investigating Breach
A threat actor has leaked data — purportedly, samples of Telus employee payroll data and source code — on a hacker site.
Bleeping Computer
TELUS investigating leak of stolen source code, employee data
Canada's second-largest telecom, TELUS is investigating a potential data breach after a threat actor shared samples online of what appears to be employee data. The threat actor subsequently shared screenshots apparently showing private source code repositories and payroll records held by the company.
The Record
Hackers use ChatGPT phishing websites to infect users with malware
Cyble says cybercriminals are setting up phishing websites that mimic the branding of ChatGPT, an AI tool that has exploded in popularity.
DarkReading
Novel Spy Group Targets Telecoms in 'Precision-Targeted' Cyberattacks
The primary victims so far have been employees of telcos in the Middle East, who were hit with custom backdoors via the cloud, in a likely precursor to a broader attack.
The Hacker News
New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East
Cybersecurity experts are cautioning of a new, previously unreported threat actor located in the Middle East that is targeting telecommunications s
CyberSecurity Dive
IT security budgets triple as businesses confront more cyberattacks across Europe, US
Five-year data from Hiscox shows businesses are facing more frequent and more costly attacks.
The Record
Scandinavian Airlines hit by cyberattack, 'Anonymous Sudan' claims responsibility
A group calling itself "Anonymous Sudan" took credit on Telegram for knocking the SAS website offline and exposing some customer data.
DarkReading
OT Network Security Myths Busted in a Pair of Hacks
How newly exposed security weaknesses in industrial wireless, cloud-based interfaces, and nested PLCs serve as a wake-up call for hardening the physical process control layer of the OT network.
The Hacker News
Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second
Cloudflare on Monday disclosed that it thwarted a record-breaking DDoS attack.
Security Affairs
Australian Defense Department will replace surveillance cameras from Chinese firms Hikvision and Dahua
Australia’s Defense Department announced that they will remove surveillance cameras made by Chinese firms linked to the government of Beijing. Australia’s Defense Department is going to replace surveillance cameras made by Chinese firms Hikvision and Dahua, who are linked to the government of Beijing. The decision of the Australian government is aligned with similar decisions […]
CSO
Flaws in industrial wireless IoT solutions can give attackers deep access into OT networks
Greater use of industrial cellular gateways and routers expose IIoT devices to attackers and increase the attack surface of OT networks.
Ars Technica
Grim Reaper starts coming for fax machines, pagers, landlines
China will stop giving network-access permits to some legacy communication tech.
The Hacker News
Sydney Man Sentenced for Blackmailing Optus Customers After Data Breach
A 20-year-old Sydney man has been sentenced for attempting to extort and defraud Optus customers by using their personal information from data breach.
The Hacker News
CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
CERT-UA has issued a warning of cyber attacks targeting state authorities using a legitimate remote access software.
Trend Micro
Earth Zhulong Familiar Patterns Target Vietnam
In 2022, we discovered Earth Zhulong, a hacking group that has been targeting Vietnam's telecom, technology, and media sectors similar to another well-known threat actor. In this article, we unravel their new tactics, techniques and procedures that they apply on their misdeeds.
Trend Micro
Earth Zhulong Familiar Patterns Target Southeast Asian Firms
In 2022, we discovered Earth Zhulong, a hacking group that has been targeting Asian firms similar to another well-known threat actor. In this article, we unravel their new tactics, techniques and procedures that they apply on their misdeeds.
The Record
More than 2,000 cybersecurity patent applications filed since 2010: report
The number of cybersecurity patent applications has skyrocketed over the past decade, with U.S. companies leading the way.
The Record
Russia suffered record number of DDoS attacks last year: report
Russia faced a record number of distributed denial-of-service (DDoS) attacks last year, fueled by pro-Ukrainian hackers.
Bleeping Computer
Russia’s largest ISP says 2022 broke all DDoS attack records
Russia's largest internet service provider Rostelecom says 2022 was a record year for Distributed denial of service attacks (DDoS) targeting organizations in the country.
DarkReading
Hunting Insider Threats on the Dark Web
Use threat intelligence to reduce chance of success for malicious insider and Dark Web threats.
Bleeping Computer
Critical ManageEngine RCE bug now exploited to open reverse shells
A critical remote code execution (RCE) vulnerability affecting multiple Zoho ManageEngine products is now being exploited in attacks.
CSO
T-Mobile suffers 8th data breach in less than 5 years
Customer data such as customer name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of lines on the account and plan features were exposed in the breach.
CyberSecurity Dive
Experts question T-Mobile’s security culture as breach cycle churns
The gap between the threat actor’s intrusion and T-Mobile’s detection underscores multiple unresolved challenges.
DarkReading
Cybercriminals Target Telecom Provider Networks
The growing use of mobile devices for MFA and the proliferation of 5G and VoIP in general could result in more attacks in future, experts say.
The Hacker News
Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks
Researchers uncover a new wave of BackdoorDiplomacy's cyber attacks targeting Iranian government entities.
DarkReading
Malware Comes Standard With This Android TV Box on Amazon
The bargain T95 Android TV device was delivered with preinstalled malware, adding to a trend of Droid devices coming out-of-the-box tainted.
The Hacker News
New Analysis Reveals Raspberry Robin Can be Repurposed by Other Threat Actors
New Analysis Reveals Raspberry Robin Attack Infrastructure Can be Repurposed by Other Threat Actors
SecurityWeek
Cybercrime Group Exploiting Old Windows Driver Vulnerability to Bypass Security Products
A cybercrime group tracked as Scattered Spider is exploiting an old vulnerability in Intel Ethernet diagnostics driver for Windows to bypass security products.
CyberSecurity Dive
FCC revives push to speed up telecom incident disclosures
Telecom operators are a primary target for threat actors. A change to breach reporting rules is long overdue, one analyst said.
The Record
Serbian government reports ‘massive DDoS attack’ amid heightened tensions in Balkans
The Serbian government announced on Saturday that the website and IT infrastructure of its Ministry of Internal Affairs had been hit by several “massive” distributed denial-of-service (DDoS) attacks.
Bleeping Computer
FCC wants telecom carriers to report data breaches faster
The U.S. Federal Communications Commission wants to strengthen federal law enforcement and modernize breach notification requirements for telecommunications companies so that they notify customers of security breaches faster.
The Hacker News
Bluebottle Cybercrime Group Preys on Financial Sector in French-Speaking African Nations
Bluebottle Cybercrime Group Preys on Financial Sector in French-Speaking African Nations
DarkReading
Chinese 'RedZei' Group Batters Victims With Incessant Vishing Effort
The cybercriminals switch up carriers and SIM cards regularly, making it difficult for either mobile users or telecom companies to block the barrage of malicious calls and voicemails.
SecurityWeek
Cybersecurity M&A Roundup: 16 Deals Announced in December 2022
Sixteen cybersecurity-related merger and acquisition (M&A) deals were announced in December 2022.
The Hacker News
Raspberry Robin Worm Evolves to Attack Financial and Insurance Sectors in Europe
Raspberry Robin worm is targeting financial and insurance sectors in Europe, especially Spanish and Portuguese-speaking organizations, and has evolved
CSO
US Congress funds cybersecurity initiatives in FY2023 spending bill
This year’s appropriation bill covers a lot of cybersecurity territory, including threats from TikTok and foreign adversaries and steps to improve medical device security.
Bleeping Computer
Royal ransomware claims attack on Intrado telecom provider
The Royal Ransomware gang claimed responsibility for a cyber attack against telecommunications company Intrado on Tuesday.
Security Affairs
Security Affairs newsletter Round 399 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Expert found Backdoor credentials in ZyXEL LTE3301 M209 Raspberry Robin malware used in attacks against Telecom […]
Security Affairs
Security Affairs newsletter Round 399 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Expert found Backdoor credentials in ZyXEL LTE3301 M209 Raspberry Robin malware used in attacks against Telecom […]
Security Affairs
Raspberry Robin malware used in attacks against Telecom and Governments
The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. The campaign has been active since at least September 2022, most of the infections have been observed in […]
Security Affairs
Raspberry Robin malware used in attacks against Telecom and Governments
The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. The campaign has been active since at least September 2022, most of the infections have been observed in […]
Cyber Security News
Raspberry Robin Malware Attacks Against Telecom and Government Sectors
Trend Micro researchers noticed Raspberry Robin in recent attacks on telecommunications service providers and government networks. The Raspberry Robin malware is now dropping a fake payload to evade detection when it detects it's being run within sandboxes and debugging tools.
Bleeping Computer
FCC proposes record-breaking $300 million fine against robocaller
The U.S. Federal Communications Commission proposed today a record-breaking $300 million fine against an auto warranty robocall operation that made billions of calls to more than 550 million phones across the United States.
The Hacker News
Raspberry Robin Worm Strikes Again, Targeting Telecom and Government Systems
Raspberry Robin worm has been attacking telecommunications and government systems in regions including Latin America, Australia, and Europe.
DarkReading
Raspberry Robin Worm Targets Telcos & Governments
With 10 layers of obfuscation and fake payloads, the Raspberry Robin worm is nesting its way deep into organizations.
Trend Micro
Raspberry Robin Malware Targets Telecom, Governments
We found samples of the Raspberry Robin malware spreading in telecommunications and government office systems beginning September. The main payload itself is packed with more than 10 layers for obfuscation and is capable of delivering a fake payload once it detects sandboxing and security analytics tools.
CyberScoop
CISA researchers: Russia's Fancy Bear infiltrated US satellite network
The agency said it discovered the Russian hacking group in a satellite communications provider with critical infrastructure customers.
SecurityWeek
Email Hack Hits 15,000 Business Customers of Australian Telecoms Firm TPG
Australian telecoms firm TPG Telecom this week revealed unauthorized access to an Exchange service hosting the email accounts of 15,000 customers.
Bleeping Computer
NSA shares tips on mitigating 5G network slicing threats
The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI), have published a joint report that highlights the most likely risks and potential threats in 5G network slicing implementations.
CyberSecurity Dive
What does it take to be good at cybersecurity?
Few large enterprises meet Deloitte’s standards for high cyber maturity. The 21% that do recognize benefits not typically associated with security.
The Hacker News
Chinese Hackers Target Middle East Telecoms in Latest Cyber Attacks
China-linked APT group BackdoorDiplomacy has been spotted launching sophisticated cyber attacks against telecom companies in the Middle East.
SecurityWeek
'Scattered Spider' Cybercrime Group Targets Mobile Carriers via Telecom, BPO Firms
A threat actor tracked as ‘Scattered Spider’ is targeting telecom and BPO companies to gain access to mobile carrier networks and perform SIM swapping.
The Hacker News
Telcom and BPO Companies Under Attack by SIM Swapping Hackers
Alert: SIM swapping attacks are targeting telecom and BPO companies
Bleeping Computer
Sneaky hackers reverse defense mitigations when detected
A financially motivated threat actor is hacking telecommunication service providers and business process outsourcing firms, actively reversing defensive mitigations applied when the breach is detected.
SecurityWeek
Cybersecurity M&A Roundup: 35 Deals Announced in November 2022
Thirty-five cybersecurity-related merger and acquisition (M&A) deals were announced in November 2022.
Bleeping Computer
Police arrest 55 members of 'Black Panthers' SIM Swap gang
The Spanish National Police have arrested 55 members of the 'Black Panthers' cybercrime group, including one of the organization's leaders based in Barcelona.
The Hacker News
Hackers Leak Another Set of Medibank Customer Data on the Dark Web
Hackers behind the devastating cyberattack on Australian insurer Medibank have posted another dump of the stolen data on the dark web.
DarkReading
Oracle Fusion Middleware Flaw Flagged by CISA
The bug could allow unauthorized access and takeover, earning it a spot on the Known Exploited Vulnerabilities Catalog.
Cyber Security News
Fake Android SMS APP on the Google Play Steal Phone Numbers to Verify & Create New Web Accounts
Evina's security researcher Maxime Ingrao identified a fake Android SMS APP on Google Play ‘Symoo’, with 100,000 downloads actually serving as an SMS relay for a service that creates accounts for websites including Microsoft, Google, Instagram, Telegram, and Facebook.