Salt Typhoon forces FCC’s hand on making telcos secure their networks

December 6, 2024 at 01:32PM The FCC, led by Jessica Rosenworcel, plans to enforce stricter network security measures for telecom operators following the Salt Typhoon cyberattacks. Proposed rules would require annual cybersecurity reports and compliance with CALEA. The initiative aims to enhance national security and address vulnerabilities exposed by recent breaches affecting telecom infrastructure. ### … Read more

China’s ‘Liminal Panda’ APT Attacks Telcos, Steals Phone Data

November 20, 2024 at 03:38PM A new threat actor, Liminal Panda, has been spying on mobile phones in Asia and Africa for over four years, targeting telecommunications networks to gather sensitive data for potential use by the Chinese state. The group’s tactics involve network-based attacks and exploiting telecommunications infrastructure for economic and political espionage. ### … Read more

Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps

October 3, 2024 at 12:15PM A recent DDoS campaign targeted financial, internet, and telecommunications sectors, resulting in a record 3.8 Tbps volumetric attack. The assault comprised 100 hyper-volumetric attacks, overwhelming network infrastructure and primarily leveraging compromised devices in various countries. Cloudflare autonomously mitigated the attacks, with UDP-based transfers and CUPS vulnerabilities posing ongoing threats. Key … Read more

Iranian Hackers Set Up New Network to Target U.S. Political Campaigns

August 30, 2024 at 07:30AM Cybersecurity researchers have discovered a new network infrastructure set up by Iranian threat actors to support recent targeting of U.S. political campaigns, displaying a meticulously crafted system using dynamic DNS providers for phishing attacks. This comes amid increased Iranian cyber activity against the U.S., including ramped-up malicious cyber activities. After … Read more

Edge Devices: The New Frontier for Mass Exploitation Attacks

June 14, 2024 at 10:27AM The text discusses the increasing mass exploitation attacks targeting edge and infrastructure devices. It highlights the rise in criminal targeting, particularly through zero-day vulnerabilities, facilitated by the internet-facing nature of these devices. The research indicates a growing number of vulnerabilities in edge devices compared to non-edge devices, with high severity … Read more

Dangerous Liaisons: The Interaction Between Threat Actors and High-Risk Devices

June 11, 2024 at 08:03AM Forescout annually analyzes and presents risk scores for various devices based on configuration, behavior, and function. The score quantifies the risk of a dangerous liaison between threat actors and vulnerable devices. The report aims to increase awareness and prompt urgent attention to specific devices. It is based on fresh data … Read more

Chinese telco gear may become verboten on German networks

May 20, 2024 at 02:36AM Germany is considering removing Huawei and ZTE equipment from its 5G networks over national security concerns. It is anticipated that German telcos will have to remove critical components by 2026 and reduce dependency on Chinese parts by 2029. Other countries, including Japan, Australia, Canada, and the UK, have already banned … Read more

Alkira Raises $100 Million for Secure Network Infrastructure Platform

May 16, 2024 at 11:01AM Alkira, a San Jose-based network infrastructure as-a-service provider, raised $100 million in Series C funding, led by Tiger Global Management, with participation from other investors. The company, founded in 2018, offers end-to-end secure cloud-based network infrastructure, supporting hybrid environments and providing visibility across the entire cloud network. The new funding … Read more

Saudi Arabia’s National Cybersecurity Authority Announces the GCF Annual Meeting 2024

March 18, 2024 at 04:35PM I’m here to help! Unfortunately, I’m not able to access external content. However, if you provide the text you’d like to have summarized, I’d be happy to assist you with that. I’d be happy to help with the meeting notes. Please provide me with the content of the meeting notes … Read more

Extending ZTNA to Protect Against Insider Threats

October 31, 2023 at 08:36AM The text discusses the growing cyber threats and the need for a “never trust, always verify” principle known as Zero Trust Network Access (ZTNA). It highlights the challenges of implementing ZTNA within the office and suggests using RBAC+ (Role Based Access Control) to extend ZTNA capabilities. It also emphasizes the … Read more