Telecommunications


  • T-Mobile discloses second data breach since the start of 2023

    May 1, 2023

    T-Mobile disclosed the second data breach of 2023 after discovering that attackers had access to the personal information of hundreds of customers for more than a month, starting late February 2023. Compared to previous data breaches reported by T-Mobile, the latest of which impacted 37 million people, this incident affected only 836 customers. Still, the amount ...

  • CISA Releases Malware Analysis Report on ICONICSTEALER

    April 20, 2023

    CISA has released a new Malware Analysis Report (MAR) on an infostealer known as ICONICSTEALER. This trojan has been identified as a variant of malware used in the supply chain attack against 3CX’s Desktop App. CISA recommends users and administrators to review the following resources for more information, and hunt for the listed indicators of compromise ...

  • Telus investigating sale of alleged code, employee information

    February 23, 2023

    Someone on a criminal forum is selling what they claim is data on all Telus employees, as well as the Canadian telecommunications company’s GitHub software code repositories. In response to an IT World Canada reporter’s query about the posting, Telus director of public affairs Richard Gilhooley said the company is looking into the allegation. Read more… Source: IT ...

  • Russia’s largest ISP says 2022 broke all DDoS attack records

    January 23, 2023

    Russia’s largest internet service provider Rostelecom says 2022 was a record year for Distributed denial of service attacks (DDoS) targeting organizations in the country. DDoS attacks are cyberattacks aimed at making an internet-connected website or service unavailable by overwhelming it with many requests that deplete the server’s ability to accept new connections, causing the service to ...

  • 37 million T-Mobile customers hacked in data breach

    January 20, 2023

    T-Mobile said a “bad actor” accessed personal data from 37 million current customers in a November data breach. In a regulatory filing Thursday, the company said the hacker stole customer data that included names, billing addresses, emails, phone numbers, dates of birth, T-Mobile account numbers, and information describing the kind of service they have with the ...

  • Royal ransomware claims attack on Intrado telecom provider

    December 28, 2022

    The Royal Ransomware gang claimed responsibility for a cyber attack against telecommunications company Intrado on Tuesday. While Intrado is yet to share any information regarding this incident, sources have told BleepingComputer early this month that the attack started on December 1 and the initial ransom demand was $60 million. The Royal Ransomware group, made up of experienced ...

  • Raspberry Robin Malware Targets Telecom, Governments

    December 20, 2022

    Trend Micro researchers found a malware sample allegedly capable of connecting to the Tor network to deliver its payloads. Their initial analysis of the malware, which compromised a number of organizations toward the end of September, showed that while the main malware routine contains both the real and fake payloads, it loads the fake payload ...

  • Cisco discloses high-severity IP phone bug with exploit code

    December 8, 2022

    Cisco has disclosed today a high-severity vulnerability affecting the latest generation of its IP phones and exposing them to remote code execution and denial of service (DoS) attacks. The company warned on Thursday that its Product Security Incident Response Team (PSIRT) is “aware that proof-of-concept exploit code is available” and that the “vulnerability has been publicly ...

  • French hospital cancels operations after cyberattack

    December 5, 2022

    A hospital complex in Versailles, near Paris, had to cancel operations and transfer some patients after being hit by a cyberattack over the weekend, France’s health ministry said. The Hospital Centre of Versailles – which consists of Andre-Mignot Hospital, Richaud Hospital and the Despagne Retirement Home – was affected by the hacking attempt, said the complex’s ...

  • Cybersecurity laws to be updated to boost UK protection from cyber attacks

    November 30, 2022

    The UK’s cybersecurity laws will be updated to require outsourced IT providers to meet security standards as part of efforts to better protect supply chains, the Government has announced. The Network and Information Systems (NIS) Regulations will be updated so third-party firms providing IT services to businesses will be compelled to have effective cybersecurity measures in ...

  • US bans Huawei, ZTE equipment sales amid Chinese spying fears

    November 27, 2022

    The Biden administration has banned approvals of new telecommunications equipment from China’s Huawei Technologies and ZTE because they pose “an unacceptable risk” to US national security. The US Federal Communications Commission said on Friday it had adopted the final rules, which also bar the sale or import of equipment made by China’s surveillance equipment maker Dahua ...

  • OPERA1ER APT in Africa

    November 3, 2022

    In 2019, Group-IB Threat Intelligence team detected a series of targeted attacks on financial organizations in Africa. Later in 2020, our professionals in collaboration with Orange, managed to piece together the seemingly disparate attacks into a single timeline and successfully attribute them to the threat actor codenamed OPERA1ER (also known as DESKTOP-GROUP, Common Raven, NXSMS). In ...

  • Vodafone Italy discloses data breach after reseller hacked

    November 2, 2022

    Vodafone Italia is sending customers notices of a data breach, informing that one of its commercial partners, FourB S.p.A., who operates as a reseller of the telecommunications services in the country, has suffered a cyberattack. According to the notice, the cyberattack took place in the first week of September and resulted in the compromise of sensitive ...

  • Russian spies ‘hacked Liz Truss’s phone and stole sensitive messages’

    October 29, 2022

    Liz Truss had her phone hacked by Kremlin spies while she was working as foreign secretary, according to a report. The former prime minister’s personal messages with former chancellor Kwasi Kwarteng were raided, as well as sensitive details of international negotiations, it is claimed. Security services discovered the major security breach during the summer Tory leadership election, ...

  • Verizon notifies prepaid customers their accounts were breached

    October 18, 2022

    Verizon warned an undisclosed number of prepaid customers that attackers gained access to Verizon accounts and used exposed credit card info in SIM swapping attacks. “We determined that between October 6 and October 10, 2022, a third party actor accessed the last four digits of the credit card used to make automatic payments on your account,” ...

  • Cyber attack on Bulgarian government websites traced to Russia

    October 16, 2022

    The head of Bulgaria’s National Investigation Service, Borislav Sarafov, said on October 16 that the perpetrator of a cyber attack the previous day on several Bulgarian state, government and private websites had been identified, and the attack had come from a city in Russia. Sarafov told Bulgarian media that the name and address of the perpetrator ...

  • Australia asks FBI to help find attacker who stole data from millions of users

    September 28, 2022

    Australian authorities have asked the United States Federal Bureau of Investigation (FBI) to assist with investigations into the data breach at local telco Optus. Attorney general Mark Dreyfus yesterday revealed the FBI was asked to help identify the entities involved in the attack, which saw Optus leak data describing over ten million account holders. Data suspected ...

  • New hacking group ‘Metador’ lurking in ISP networks for months

    September 25, 2022

    A previously unknown threat actor that researchers have named ‘Metador’ has been breaching telecommunications, internet services providers (ISPs), and universities for about two years. Metador targets organizations in the Middle East and Africa and their purpose appears to be long-term persistence for espionage. The group uses two Windows-based malware that have been described as “extremely complex” ...

  • Russian Sandworm hackers pose as Ukrainian telcos to drop malware

    September 19, 2022

    The Russian state-sponsored hacking group known as Sandworm has been observed masquerading as telecommunication providers to target Ukrainian entities with malware. Sandworm is a state-backed threat actor attributed by the US government as part of the Russian GRU foreign military intelligence service. The APT hacking group is believed to have been behind numerous attacks this year, including ...

  • Hive ransomware claims cyberattack on Bell Canada subsidiary

    September 15, 2022

    The Hive ransomware gang claimed responsibility for an attack that hit the systems of Bell Canada subsidiary Bell Technical Solutions (BTS). BTS is an independent subsidiary with more than 4,500 employees, specializing in installing Bell services for residential and small business customers across the Ontario and Québec provinces. While the Canadian telecommunications company didn’t reveal when its ...