Security News

New Stealthy 'Krasue' Linux Trojan Targeting Telecom Firms in Thailand
2023-12-07 06:15

A previously unknown Linux remote access trojan called Krasue has been observed targeting telecom companies in Thailand by threat actors to main covert access to victim networks at lease since...

Chilean telecom giant GTD hit by the Rorschach ransomware gang
2023-10-25 22:05

On the morning of October 23rd, GTD suffered a cyberattack that impacted numerous services, including its data centers, internet access, and Voice-over-IP. "We understand the importance of proactive and fluid communication in the face of incidents in accordance with what we previously discussed on the phone, I would like to inform you that we are experiencing a partial impact on services as a result of a cybersecurity incident," reads a GTD security incident notification. Today, Chile's Computer Security Incident Response Team confirmed that GTD suffered a ransomware attack.

CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks
2023-10-17 05:46

The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that threat actors "interfered" with at least 11 telecommunication service providers in the country between May and September...

ToddyCat hackers use 'disposable' malware to target Asian telecoms
2023-10-12 14:09

A newly discovered campaign dubbed "Stayin' Alive" has been targeting government organizations and telecommunication service providers across Asia since 2021, using a wide variety of "Disposable" malware to evade detection. The attacks appear to originate from the Chinese espionage actor known as 'ToddyCat,' which relies on spear-phishing messages carrying malicious attachments to load a variety of malware loaders and backdoors.

Researchers Uncover Ongoing Attacks Targeting Asian Governments and Telecom Giants
2023-10-12 06:20

High-profile government and telecom entities in Asia have been targeted as part of an ongoing campaign since 2021 that's designed to deploy basic backdoors and loaders for delivering next-stage...

Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents
2023-09-21 19:55

A previously undocumented threat actor dubbed Sandman has been attributed to a set of cyber attacks targeting telecommunic koation providers in the Middle East, Western Europe, and the South Asian...

Telecom firms hit with novel backdoors disguised as security software
2023-09-21 12:28

Researchers have unearthed new backdoors leveraged to maintain long-term access in the networks of telecom firms in the Middle East. HTTPSnoop and PipeSnoop - as the two implants have been dubbed by Cisco Talos researchers - have been disguised as components of Palo Alto Networks' Cortex XDR solution.

Hackers backdoor telecom providers with new HTTPSnoop malware
2023-09-19 15:14

New malware named HTTPSnoop and PipeSnoop are used in cyberattacks on telecommunication service providers in the Middle East, allowing threat actors to remotely execute commands on infected devices. The HTTPSnoop malware interfaces with Windows HTTP kernel drivers and devices to execute content on the infected endpoint based on specific HTTP(S) URLs, and the PipeSnoop accepts and executes arbitrary shellcode from a named pipe.

ShroudedSnooper's HTTPSnoop Backdoor Targets Middle East Telecom Companies
2023-09-19 12:35

Telecommunication service providers in the Middle East are the target of a new intrusion set dubbed ShroudedSnooper that employs a stealthy backdoor called HTTPSnoop. "HTTPSnoop is a simple, yet effective, backdoor that consists of novel techniques to interface with Windows HTTP kernel drivers and devices to listen to incoming requests for specific HTTP(S) URLs and execute that content on the infected endpoint," Cisco Talos said in a report shared with The Hacker News.

Chinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and Telecom
2023-08-29 14:54

A suspected Chinese-nexus hacking group exploited a recently disclosed zero-day flaw in Barracuda Networks Email Security Gateway appliances to breach government, military, defense and aerospace, high-tech industry, and telecom sectors as part of a global espionage campaign. What's more, FOXTROT shares overlaps with an open-source rootkit called Reptile, which has been extensively used by multiple Chinese hacking crews in recent months.