258 matches found
FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services
Various industrial organizations in the Asia-Pacific APAC region have been targeted as part of phishing attacks designed to deliver a known malware called FatalRAT. "The threat was orchestrated by attackers using legitimate Chinese cloud content delivery network CDN myqcloud and the Youdao Cloud...
Weathering the storm: In the midst of a Typhoon
Summary Cisco Talos has been closely monitoring reports of widespread intrusion activity against several major U.S. telecommunications companies. The activity, initially reported in late 2024 and later confirmed by the U.S. government, is being carried out by a highly sophisticated threat actor...
Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts
Microsoft is calling attention to an emerging threat cluster it calls Storm-2372 that has been attributed to a new set of cyber attacks aimed at a variety of sectors since August 2024. The attacks have targeted government, non-governmental organizations NGOs, information technology IT services an...
The FCC’s Jessica Rosenworcel Isn’t Leaving Without a Fight
As the US faces “the worst telecommunications hack in our nation’s history,” by China’s Salt Typhoon hackers, the outgoing FCC chair is determined to bolster network security if it’s the last thing she does...
CISA Releases Best Practice Guidance for Mobile Communications
Today, CISA released Mobile Communications Best Practice Guidance. The guidance was crafted in response to identified cyber espionage activity by People’s Republic of China PRC government-affiliated threat actors targeting commercial telecommunications infrastructure, specifically addressing...
The vulnerability of the UMTS RLC microprogramming software driver for Unisoc chips, related to buffer overflow attacks, allows attackers to cause service failures.
The vulnerability of the UMTS RLC microprogramming software driver for Unisoc chips is related to writing beyond buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service failure...
Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks
A joint advisory issued by Australia, Canada, New Zealand, and the U.S. has warned of a broad cyber espionage campaign undertaken by People's Republic of China PRC-affiliated threat actors targeting telecommunications providers. "Identified exploitations or compromises associated with these threa...
Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries
The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies. Trend Micro, which described the hacking group as an aggressive advanced persistent...
China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks
A new China-linked cyber espionage group has been attributed as behind a series of targeted cyber attacks targeting telecommunications entities in South Asia and Africa since at least 2020 with the goal of enabling intelligence collection. Cybersecurity company CrowdStrike is tracking the adversa...
Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign
U.S. telecoms giant T-Mobile has confirmed that it was also among the companies that were targeted by Chinese threat actors to gain access to valuable information. The adversaries, tracked as Salt Typhoon, breached the company as part of a "monthslong campaign" designed to harvest cellphone...
SideWinder APT Strikes Middle East and Africa With Stealthy Multi-Stage Attack
An advanced persistent threat APT actor with suspected ties to India has sprung forth with a flurry of attacks against high-profile entities and strategic infrastructures in the Middle East and Africa. The activity has been attributed to a group tracked as SideWinder, which is also known as...
PT-2024-9402 · Unisoc · Unisoc Chipsets
Name of the Vulnerable Software and Affected Versions: Unisoc chipsets affected versions not specified Description: The issue is related to a buffer overflow in the UMTS RLC driver of Unisoc chipsets' microprogram software. This is due to a missing bounds check, which could lead to a remote denia...
UNISOC Chipsets 安全漏洞
UNISOC Chipsets is a chipset from China's Unisplendour UNISOC. A security vulnerability exists in UNISOC Chipsets, which stems from a lack of boundary checking in the UMTS RLC driver, which could result in out-of-bounds writes...
PT-2024-37121
Name of the Vulnerable Software and Affected Versions: BT affected versions not specified Description: The BT encryption procedure host has a vulnerability. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents...
Global Outage Alert: Windows BSOD Crisis Following CrowdStrike Update – Recovery Steps & Qualys Assurance
On Friday, July 19, 2024, morning, reports surfaced globally of Microsoft Windows operating system users encountering the infamous Blue Screen of Death BSOD following the latest update from CrowdStrike. This widespread issue has severely impacted critical services, including telecommunications,...
ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor
Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed. "ExCobalt focuses on cyber espionage and includes several members active since at least 2016 and presumably once part of the notorious Cobalt Gang,"...
UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying
The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments. "Persistence mechanisms encompassed...
What can we learn from the passwords used in brute-force attacks?
Brute force attacks are one of the most elementary cyber threats out there. Technically, anyone with a keyboard and some free time could launch one of them -- just try a bunch of different username and password combinations on the website of your choice until you get blocked. Nick Biasini and I...
The UK Bans Default Passwords
The UK is the first country to ban default passwords on IoT devices. On Monday, the United Kingdom became the first country in the world to ban default guessable usernames and passwords from these IoT devices. Unique passwords installed by default are still permitted. The Product Security and...
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024
The U.K. National Cyber Security Centre NCSC is calling on manufacturers of smart devices to comply with new legislation that prohibits them from using default passwords, effective April 29, 2024. "The law, known as the Product Security and Telecommunications Infrastructure act or PSTI act, will...