Telecommunications

May 12, 2025

Mitel has released security advisory addressing two vulnerabilities in Mitel SIP Phones including Mitel 6800 Series, 6900 Series, 6900w Series and 6970 Conference Unit. CVE-2025-47188 has a CVSSv3 base score of 9.8 and is a ‘command injection’ vulnerability that could allow an unauthenticated attacker to inject and execute arbitrary commands on the device. Exploitation could lead ...

May 10, 2025

Türkiye’s National Intelligence Organization (MIT) has dismantled a cyber espionage network that sought to steal personal and financial data from citizens by imitating corporate identities through fake cell towers, security sources said Saturday. After months of investigations and surveillance, seven foreign nationals were caught red-handed in a joint operation with Istanbul police and prosecutors, sources said, ...

May 8, 2025

In April, South Korea’s telco giant SK Telecom (SKT) was hit by a cyberattack that led to the theft of personal data on approximately 23 million customers, equivalent to almost half of the country’s 52 million residents. At a National Assembly hearing in Seoul on Thursday, SKT chief executive Young-sang Ryu said about 250,000 users have ...

April 25, 2025

Trend Research uncovered a sophisticated APT campaign targeting government and telecommunications sectors in Southeast Asia. Named Earth Kurma, the attackers use advanced custom malware, rootkits, and cloud storage services for data exfiltration. Earth Kurma demonstrates adaptive malware toolsets, strategic infrastructure abuse, and complex evasion techniques. This campaign poses a high business risk due to targeted espionage, ...

April 24, 2025

FBI is issuing this announcement to ask the public to report information about PRC-affiliated activity publicly tracked as “Salt Typhoon” and the compromise of multiple US telecommunications companies, especially information about specific individuals behind the campaign. Investigation into these actors and their activity revealed a broad and significant cyber campaign to leverage access into these ...

April 15, 2025

The European Commission is giving staffers visiting the US on official business burner laptops and phones to avoid espionage attempts, according to the Financial Times. The use of clean and locked-down hardware is common practice for anyone visiting China, Russia, and other states where aggressive electronic surveillance is expected. Apparently the European Union has added the ...

April 10, 2025

GOFFEE is a threat actor that first came to our attention in early 2022. Since then, Kaspersky researchers have observed malicious activities targeting exclusively entities located in the Russian Federation, leveraging spear phishing emails with a malicious attachment. Starting in May 2022 and up until summer of 2023, GOFFEE deployed modified Owowa (malicious IIS module) in ...

April 4, 2025

Security researcher Evan Connelly discovered an enormous flaw affecting one of the largest telecommunications companies in the world that could allow any single person to view the recent incoming call log for potentially any Verizon phone number. A vulnerability in the Verizon Call Filter iOS app allowed anyone to request the call logs of millions of ...

March 31, 2025

The Earth Alux APT group’s schemes and tactics have been uncloaked through our relentless monitoring and investigation efforts. The China-linked intrusion set is actively launching cyberespionage attacks against the government, technology, logistics, manufacturing, telecommunications, IT services, and retail sectors. The first sighting of its activity was in the second quarter of 2023; back then, it was ...

March 10, 2025

Japanese telecom giant NTT Communications (NTT Com) has confirmed that hackers accessed the data of almost 18,000 corporate customers during a February cyberattack, affecting an as-yet-unknown number of individuals. The Tokyo-based NTT Com, which provides phone and network tech to enterprises, said it discovered the data breach on February 5 after determining that the hackers had ...

February 17, 2025

Dr. Mohammed Hamad Al Kuwaiti, Chairman of the UAE Cybersecurity Council, stated that the UAE possesses an advanced cybersecurity system capable of predicting and countering most electronic attacks before they occur. He noted that the average daily cyberattacks on key sectors exceeds 50,000, all of which are proactively deterred and mitigated. In statements to the Emirates ...

February 13, 2025

Security researchers say the Chinese government-linked hacking group, Salt Typhoon, is continuing to compromise telecommunications providers, despite the recent sanctions imposed by the U.S. government on the group. In a report shared with TechCrunch, threat intelligence firm Recorded Future said it had observed Salt Typhoon — which the company tracks as “RedMike” — breaching five telecommunications ...

February 12, 2025

Microsoft is publishing for the first time their research into a subgroup within the Russian state actor Seashell Blizzard and its multiyear initial access operation, tracked by Microsoft Threat Intelligence as the “BadPilot campaign”. This subgroup has conducted globally diverse compromises of Internet-facing infrastructure to enable Seashell Blizzard to persist on high-value targets and support tailored ...

February 3, 2025

FunkSec is a relatively new but highly active ransomware group that, as of this writing, has targeted several dozen victims across industries like government, banking, communications, and education. In a recent blog post, the group announced a partnership with another ransomware outfit, FSociety, aiming to carry out attacks more efficiently. This week, SonicWall Capture Labs research ...

January 29, 2025

We identified a cluster of activity that we track as CL-STA-0048. This cluster targeted high-value targets in South Asia, including a telecommunications organization. This activity cluster used rare tools and techniques including the technique we call Hex Staging, in which the attackers deliver payloads in chunks. Their activity also includes exfiltration over DNS using ping, and ...

January 27, 2025

U.K. telecoms giant TalkTalk has confirmed that it is investigating a data breach after a hacker claimed to have stolen the personal information of millions of customers. In a post on a popular cybercrime forum seen by TechCrunch, an individual using the alias “b0nd” claimed to have stolen the personal data of more than 18.8 ...

January 23, 2025

The FBI has raised alarm that hackers who breached AT&T’s system last year may have stolen months of agents’ call and text logs, which could potentially lead to the identities of anonymous informants connected to investigations. While the hackers did not access the content of conversations, the stolen call log metadata—records of who called whom, when ...

January 7, 2025

As part of Washington’s lawsuit, the state claims T-Mobile failed to ‘adequately secure sensitive personal information of more than 2 million Washingtonians’. This failure, the state claims, left those consumers vulnerable to fraud and identity theft. The suit claims that the breach was ‘entirely avoidable’ and explains T-Mobile had years to fix key vulnerabilities in its ...

January 1, 2025

In the first half of 2024, Nigeria saw 2,721 incidents, with the telecom sector, computer services sector, Data processing and hosting companies, and even local beauty salons having a fair dose of the attacks respectively. At the time, experts attributed the rise in cyberattacks to digital transformation initiatives the country was carrying out such as adoption ...

December 30, 2024

Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from AT&T and Verizon. As first reported by KrebsOnSecurity last month, the accused is a communications specialist who was recently stationed in South Korea. ...