Security News

Two Russian internet service providers have received notices from Google that the global caching servers on their network have been disabled. A caching server is an ISP-bound node for fast serving Google content faster to internet subscribers and maintain high access reliability even during outages.

The Federal Trade Commission today proposed an order requiring Connecticut-based internet service provider Frontier Communications to stop "Lying" to its customers and support its high-speed internet claims. "Today's proposed order requires Frontier to back up its high-speed claims. It also arms customers lured in by Frontier's lies with free, easy options for dropping their slow service."

ESET Research discovered a still-ongoing cyberespionage campaign using a previously undocumented Korplug variant by the Mustang Panda APT group. The current campaign exploits the war in Ukraine and other European news topics.

Security analysts have uncovered a malicious campaign from China-linked threat actor Mustang Panda, which has been running for at least eight months with a new variant of the Korplug malware called Hodur and custom loaders. Also tracked as TA416, Mustang Panda is known to serve China-aligned interests and has been recently associated with phishing and espionage operations that targeted European diplomats.

A new regulation coming in the form of an amendment in the Telecommunications Act of Germany could radically change the relationship between consumers and internet service providers. According to the draft, users will be able to test their internet speeds and, if there's a too large deviation between their real-world results and what their ISPs promised, they will be eligible for a bill discount.

A state-sponsored threat actor allegedly affiliated with Iran has been linked to a series of targeted attacks aimed at internet service providers and telecommunication operators in Israel, Morocco, Tunisia, and Saudi Arabia, as well as a ministry of foreign affairs in Africa, new findings reveal. The intrusions, staged by a group tracked as Lyceum, are believed to have occurred between July and October 2021, researchers from Accenture Cyber Threat Intelligence group and Prevailion's Adversarial Counterintelligence Team said in a technical report.

The Iranian state-supported APT known as 'Lyceum' targeted ISPs and telecommunication service providers in the Middle East and Africa between July and October 2021. Apart from Israel, which is permanently in the crosshairs of Iranian hackers, researchers have spotted Lyceum backdoor malware attacks in Morocco, Tunisia, and Saudi Arabia.

The Federal Trade Commission found that the six largest internet service providers in the U.S. collect and share customers' personal data without providing them with info on how it's used or meaningful ways to control this process. "Many internet service providers collect and share far more data about their customers than many consumers may expect-including access to all of their Internet traffic and real-time location data-while failing to offer consumers meaningful choices about how this data can be used," the FTC said.

UK telecom and broadcasting regulator, Ofcom has mandated new requirements for Internet Service Providers and phone companies to provide additional services for users with special needs. These include companies in the sector-even those not typically providing telephony services to offer an emergency video relay service that users with hearing or speech impairments can rely on.

How it gets onto servers is unclear though systems infected by Kobalos have their SSH client tampered with to steal usernames and passwords, and presumably server addresses, that are typed into it. These details could be used by the malware's masterminds to log into those systems to propagate their malware.