February 13, 2024 at 03:30AM Meta has acknowledged the potential for account takeovers due to the reuse of phone numbers, particularly after being abandoned for at least 45 days. This issue implicates telecom companies’ phone number recycling practices, leading to security and privacy risks. Despite reports and attempts to address the issue, Meta has declined … Read more
February 12, 2024 at 04:56PM Telecom companies are now required to report data breaches affecting customers’ personally identifiable information within 30 days under the FCC’s updated rule. This follows years of proposals and aims to expand breach notification requirements and hold providers accountable. The stricter rules have been prompted by major breaches at major U.S. … Read more
January 31, 2024 at 01:41PM RIPE, the database for IP addresses, has been targeted by attackers stealing credentials, leading to network intrusions and incidents like Orange Spain’s internet outage. Resecurity found 716 compromised RIPE customers and 1,572 across other regional networks. Stolen credentials from RIPE were also used to target network engineers and privileged users. … Read more
January 30, 2024 at 09:42AM A 1.8 terabyte database containing personal information of 750 million individuals in India was offered for sale on the dark web, impacting subscribers of major telecom providers. The leak, estimated to affect 85% of the Indian population, poses a significant risk for cyberattacks and identity theft. CloudSEK has informed relevant … Read more
January 8, 2024 at 03:46PM Sea Turtle, a Turkish state-backed cyber espionage group, has expanded its spying campaigns to the Netherlands, targeting telcos, media, ISPs, and Kurdish websites. Using DNS hijacking and traffic redirection, they conduct man-in-the-middle attacks to acquire economic and political intelligence aligned with Turkish interests. Analysts at Hunt & Hackett observed these … Read more
January 4, 2024 at 02:39PM Russian hackers targeted Ukraine’s largest telecom provider, Kyivstar, in December 2023. They wiped thousands of servers and computers, causing a massive internet outage for its 25 million subscribers. Ukrainian authorities suspect the involvement of the Russian military-linked group, Solntsepek, known for attacking Ukrainian telecom targets since May 2023. Military communications … Read more
December 11, 2023 at 11:08AM Researchers have linked the Sandman threat group, known for cyberattacks on telecom providers, to a growing network of Chinese government-backed advanced persistent threat (APT) groups. This assessment by Microsoft, SentinelLabs, and PwC reveals shared practices and overlaps in malware development, emphasizing the need for collaboration within the cybersecurity community. From … Read more
December 7, 2023 at 01:54AM A new Linux trojan named Krasue, discovered targeting Thai telecoms since 2021, offers attackers persistent network access. Utilizing rootkits and evading detection with innovative tactics, its origins and deployment methods remain unclear. Similarities with XorDdos malware suggest a possible common creator. Security analysts stress the need for ongoing vigilance. Key … Read more
November 29, 2023 at 06:05AM The UK government is set to ban SIM farms, with unlimited fines for offenders, to combat cyber fraud. These devices, permitting mass messaging with minimal identity checks, hinder law enforcement efforts. The ban is part of a broader fraud strategy, with exemptions for legitimate uses and provisions to add future … Read more