Canadian telecommunications provider Freedom Mobile suffered a supply-chain attack recently, in which it lost sensitive data on a yet undisclosed number of customers.
In a data breach notification letter posted on its website earlier this week, Freedom said hackers broke into an account of a subcontractor, through which they accessed personal information “of a limited number” of its customers. The breach was spotted on October 23, and the access was terminated.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Australia’s critical infrastructure definition to span communications, data storage, space
November 9, 2020
The federal government on Monday published an exposure draft on the Security Legislation Amendment (Critical Infrastructure) Bill 2020. It seeks to amend the Security of Critical Infrastructure Act 2018 to implement “an enhanced framework to uplift the security and resilience of Australia’s critical infrastructure”. The Australian government’s Critical Infrastructure Resilience Strategy currently defines critical infrastructure as: ...
- US charges Iranian hackers for breaching US satellite companies
September 17, 2020
Three Iranian nationals have been indicted on charges of hacking US aerospace and satellite companies, the US Department of Justice announced today. Federal prosecutors accused Said Pourkarim Arabi, Mohammad Reza Espargham, and Mohammad Bayati of orchestrating a years-long hacking campaign on behalf of the Iranian government. The hacking spree started in July 2015 and targeted a broad ...
- New FritzFrog P2P botnet has breached at least 500 enterprise, government servers
August 19, 2020
A P2P botnet newly-discovered by researchers has struck at least 500 government and enterprise SSH servers over 2020. On Wednesday, cybersecurity firm Guardicore Labs published research into FritzFrog, a peer-to-peer (P2P) botnet that has been detected by the company’s sensors since January this year. According to researcher Ophir Harpaz, FritzFrog has attempted to brute-force SSH servers belonging ...
- ReVoLTE attack can decrypt 4G (LTE) calls to eavesdrop on conversations
August 12, 2020
A team of academics has detailed this week a vulnerability in the Voice over LTE (VoLTE) protocol that can be used to break the encryption on 4G voice calls. Named ReVoLTE, researchers say this attack is possible because mobile operators often use the same encryption key to secure multiple 4G voice calls that take place via ...
- Qualcomm Bugs Open 40 Percent of Android Handsets to Attack
August 7, 2020
Six serious bugs in Qualcomm’s Snapdragon mobile chipset impact up to 40 percent of Android phones in use, according research released at the DEF CON Safe Mode security conference Friday. The flaws open up handsets made by Google, Samsung, LG, Xiaomi and OnePlus to DoS and escalation-of-privileges attacks – ultimately giving hackers control of targeted handsets. ...
- OilRig Targets Middle Eastern Telecom Organization and Adds Novel C2 Channel with Steganography to Its Inventory
July 22, 2020
While analyzing an attack against a Middle Eastern telecommunications organization, Unit 42 has discovered a variant of an OilRig-associated tool we call RDAT using a novel email-based command and control (C2) channel that relied on a technique known as steganography to hide commands and data within bitmap images attached to emails. In May 2020, Symantec published ...