Telecommunications


  • Xiaomi added to US list of alleged Communist Chinese military companies

    January 15, 2021

    Chinese hardware manufacturer Xiaomi has been added to a list of alleged Communist Chinese military companies by the United States Department of Defense. “The Department is determined to highlight and counter the People’s Republic of China’s (PRC) Military-Civil Fusion development strategy, which supports the modernisation goals of the People’s Liberation Army by ensuring its access to ...

  • Italian mobile operator offers to replace SIM cards after massive data breach

    January 5, 2021

    Ho Mobile, an Italian mobile operator, owned by Vodafone, has confirmed a massive data breach on Monday and is now taking the rare step of offering to replace the SIM cards of all affected customers. The breach is believed to have impacted roughly 2.5 million customers. It first came to light last month on December 28 when ...

  • T-Mobile data breach exposed phone numbers, call records

    December 30, 2020

    T-Mobile has announced a data breach exposing customers’ proprietary network information (CPNI), including phone numbers and call records. Starting yesterday, T-Mobile began texting customers that a “security incident” exposed their account’s information. According to T-Mobile, its security team recently discovered “malicious, unauthorized access” to their systems. After bringing in a cybersecurity firm to perform an investigation, T-Mobile ...

  • Australia: Communications department flags idea of tying telco licences to cyber capability

    December 11, 2020

    The Department of Infrastructure, Transport, Regional Development, and Communications has run up the flagpole the idea of inserting security provisions into the Telecommunications Act to require telcos to safeguard their systems as a condition of their licence to operate. Writing in a submission to the Parliamentary Joint Committee on Intelligence and Security (PJCIS) review of the ...

  • Australia’s critical infrastructure definition to span communications, data storage, space

    November 9, 2020

    The federal government on Monday published an exposure draft on the Security Legislation Amendment (Critical Infrastructure) Bill 2020. It seeks to amend the Security of Critical Infrastructure Act 2018 to implement “an enhanced framework to uplift the security and resilience of Australia’s critical infrastructure”. The Australian government’s Critical Infrastructure Resilience Strategy currently defines critical infrastructure as: ...

  • US charges Iranian hackers for breaching US satellite companies

    September 17, 2020

    Three Iranian nationals have been indicted on charges of hacking US aerospace and satellite companies, the US Department of Justice announced today. Federal prosecutors accused Said Pourkarim Arabi, Mohammad Reza Espargham, and Mohammad Bayati of orchestrating a years-long hacking campaign on behalf of the Iranian government. The hacking spree started in July 2015 and targeted a broad ...

  • New FritzFrog P2P botnet has breached at least 500 enterprise, government servers

    August 19, 2020

    A P2P botnet newly-discovered by researchers has struck at least 500 government and enterprise SSH servers over 2020. On Wednesday, cybersecurity firm Guardicore Labs published research into FritzFrog, a peer-to-peer (P2P) botnet that has been detected by the company’s sensors since January this year. According to researcher Ophir Harpaz, FritzFrog has attempted to brute-force SSH servers belonging ...

  • Re­VoL­TE attack can decrypt 4G (LTE) calls to eavesdrop on conversations

    August 12, 2020

    A team of academics has detailed this week a vulnerability in the Voice over LTE (VoLTE) protocol that can be used to break the encryption on 4G voice calls. Named ReVoLTE, researchers say this attack is possible because mobile operators often use the same encryption key to secure multiple 4G voice calls that take place via ...

  • Qualcomm Bugs Open 40 Percent of Android Handsets to Attack

    August 7, 2020

    Six serious bugs in Qualcomm’s Snapdragon mobile chipset impact up to 40 percent of Android phones in use, according research released at the DEF CON Safe Mode security conference Friday. The flaws open up handsets made by Google, Samsung, LG, Xiaomi and OnePlus to DoS and escalation-of-privileges attacks – ultimately giving hackers control of targeted handsets. ...

  • OilRig Targets Middle Eastern Telecom Organization and Adds Novel C2 Channel with Steganography to Its Inventory

    July 22, 2020

    While analyzing an attack against a Middle Eastern telecommunications organization, Unit 42 has discovered a variant of an OilRig-associated tool we call RDAT using a novel email-based command and control (C2) channel that relied on a technique known as steganography to hide commands and data within bitmap images attached to emails. In May 2020, Symantec published ...

  • Ransomware gang demands $7.5 million from Argentinian ISP

    July 20, 2020

    A ransomware gang has infected the internal network of Telecom Argentina, one of the country’s largest internet service providers, and is now asking for a $7.5 million ransom demand to unlock encrypted files. The incident took place over the weekend, on Saturday, July 18, and is considered one of Argentina’s biggest hacks. Sources inside the ISP said ...

  • Huawei 5G ban: UK networks must strip out equipment by 2027

    July 14, 2020

    UK mobile networks have been told they cannot buy any more 5G equipment from Huawei after the end of this year, and that they must remove the Chinese networking company’s technology from their 5G networks by the end of 2027. Culture secretary Oliver Dowden said: “Following US sanctions against Huawei and updated technical advice from our ...

  • More pre-installed malware has been found in budget US smartphones

    July 9, 2020

    Pre-installed malware has been discovered on another budget handset connected to Assurance Wireless by Virgin Mobile. Back in January, cybersecurity researchers from Malwarebytes discovered unremovable malware bundled with the Android operating systems on the Unimax (UMX) U686CL, a low-end handset sold by Assurance Wireless as part of the Lifeline Assistance program, a 1985 US initiative which subsidizes telephone services for ...

  • Ripple20 vulnerabilities will haunt the IoT landscape for years to come

    June 16, 2020

    Cyber-security experts have revealed today 19 vulnerabilities in a small library designed in the 90s that has been widely used and integrated into countless of enterprise and consumer-grade products over the last 20+ years. The number if impacted products is estimated at “hundreds of millions” and includes products such as smart home devices, power grid equipment, ...

  • Hackers breached A1 Telekom, Austria’s largest ISP

    June 11, 2020

    A1 Telekom, the largest internet service provider in Austria, has admitted to a security breach this week, following a whistleblower’s exposé. The company admitted to suffering a malware infection in November 2019. A1 said its security team detected the malware a month later, but that removing the infection was more problematic than it initially anticipated. From December ...

  • Hackers are targeting your smartphone as way into the company network

    June 4, 2020

    The number of phishing attacks targeting smartphones as the entry point for attempting to compromise enterprise networks has risen by more than a third over the course of just a few months. Analysis by cybersecurity company Lookout found that there’s been a 37% increase in mobile phishing attacks worldwide between the last three months of 2019 and the first ...

  • Academics demand answers from NHS over potential data timebomb ticking inside new UK contact-tracing app

    April 29, 2020

    A group of nearly 175 UK academics has criticised the NHS’s planned COVID-19 contact-tracing app for a design choice they say could endanger users by creating a centralised store of sensitive health and travel data about them. In the open letter published this afternoon, the 173 scholars called on NHSX, the state-run health service’s app-developing and ...

  • Virgin Media breach ‘linked customers to porn’

    March 6, 2020

    A customer database left unsecured online by Virgin Media contained details linking some customers to pornography and explicit websites. The researchers who first discovered the database told the BBC that it contained more information than Virgin Media suggested. Such details could be used by cyber-criminals to extort victims. Read more… Source: BBC News  

  • Molerats Delivers Spark Backdoor to Government and Telecommunications Organizations

    March 3, 2020

    Between October 2019 through the beginning of December 2019, Unit 42 observed multiple instances of phishing attacks likely related to a threat group known as Molerats (AKA Gaza Hackers Team and Gaza Cybergang) targeting eight organizations in six different countries in the government, telecommunications, insurance and retail industries, of which the latter two were quite ...

  • Burn, drown, or smash your phone: Forensics can extract data anyway

    January 31, 2020

    Damaged mobile phones are still filled with plenty of useful data, according to researchers at the National Institute of Standards and Technology (NIST), which is part of the U.S. Department of Commerce. NIST published the results of a recent study on forensic methods for getting data from mobile damaged mobile phones. It tested the tools that ...