Security News

A newly discovered botnet capable of staging distributed denial-of-service attacks targeted unpatched Ribbon Communications EdgeMarc appliances belonging to telecom service provider AT&T by exploiting a four-year-old flaw in the network appliances. Chinese tech giant Qihoo 360's Netlab network security division, which detected the botnet first on October 27, 2021, called it EwDoor, noting it observed 5,700 compromised IP addresses located in the U.S. during a brief three-hour window.

A recently discovered botnet is attacking unpatched AT&T enterprise network edge devices using exploits for a four-year-old critical severity Blind Command Injection security flaw. The botnet, dubbed EwDoor by researchers at Qihoo 360's Network Security Research Lab, targets AT&T customers using EdgeMarc Enterprise Session Border Controller edge devices.

A Pakistani fraudster was sentenced to 12 years in prison earlier this week after AT&T, the world's largest telecommunications company, lost over $200 million after he and his co-conspirators coordinated a seven-year scheme that led to the fraudulent unlocking of almost 2 million phones. Throughout this operation, Muhammad Fahd - the scheme leader - bribed multiple AT&T employees to do his bidding, including unlocking phones, giving him access to their credentials, and installing malware that gave him remote access to the mobile carrier's servers.

The ringleader of a seven-year phone-unlocking and malware scheme will head to the clink for 12 years, according to the Department of Justice, after effectively compromising AT&T's internal networks to install credential-thieving malware. "Unlocking a phone effectively removes it from AT&T's network, thereby allowing the account holder to avoid having to pay AT&T for service or to make any payments for purchase of the phone," it said.

AT&T says that they did not suffer a data breach after a well-known threat actor claimed to be selling a database containing the personal information of 70 million customers. The hacker states that they are willing to sell it immediately for $1 million.

Cisco and AT&T are making it easier for businesses to adapt to the future of work, whatever it may be. "Our Webex solutions transformed the cloud calling experience and combine enterprise-calling features with market-leading virtual meetings and collaboration technology - all within the Webex App. And we're proud to work with AT&T to provide its customers and employees with the tools and technologies they require to thrive in the new hybrid workplace."

As public safety's partner, AT&T is committed to evolving FirstNet to meet first responders' needs and supporting innovative new technologies to help them stay mission ready. That's just a few ways 5G on FirstNet could help public safety achieve their life-saving missions in the future.

AT&T shared long-term goals to bring AT&T's fast, reliable and secure 5G to more consumers, businesses and first responders across key areas: sports and venues, entertainment, travel and transportation, business transformation, and security and public safety. As the first to power a 5G stadium experience at AT&T Stadium, we plan to continue giving fans richer sports experiences by deploying 5G+ in 17 venues across the country by the end of 2021 including stadiums, arenas and practice facilities.

Tyto Athene has entered into an agreement to acquire AT&T Government Solutions which comprises AT&T's Department of Defense IT professional services business and select other contracts. Tyto Athene is a full-service systems integrator that provides design, installation, and support of complex voice, data, and security networks for customers in the Federal Government, Department of Defense, State and Local Governments, communities, first responders and organizations across the United States and around the globe.

More than 200 Google Forms impersonate top brands - including Microsoft OneDrive, Office 365, and Wells Fargo - to steal victims' credentials. Researchers are warning of phishing attacks that leverage Google Forms as a landing page to collect victims' credentials.