A Chinese-speaking advanced persistent threat group called Gallium has been discovered utilising a newfound remote access trojan, PingPull malware, for its cyber-espionage campaigns. The group is known for attacking different industries in Europe, Africa, and Southeast Asia (SEA). The PingPull malware is a very challenging backdoor for researchers to detect since it uses the Internet...Continue Reading
A state-backed APT group from Iran, Lyceum, has been utilising [.]NET-based DNS backdoor in targeting firms from the telecom and energy industries. Also known by their other names, Hexane and Spilrin, the Lyceum APT group had a history of attacking communication service companies from the Middle East through DNS-tunneling backdoors. From an analyst’s recent study...Continue Reading
Chinese-based cybercriminals are currently rampaging to target organisations with cyberespionage attacks – a report that several federal law enforcement agencies have warned about. CISA, NSA, and FBI recently released a joint advisory regarding the rising rate of Chinese threat groups attacking several sectors worldwide, including the most targeted telecommunications industry. According to the released...Continue Reading
The TCP Middlebox Reflection method is a new amplification technique for conducting a Distributed Denial-of-Service attack. Researchers stated that this type of attack is a massive emerging threat that can infect many organisations. Moreover, the new attack abused flawed firewalls and content filtering systems to reflect and increase the TCP traffic in their target’s devices....Continue Reading
Telecom service providers from Central Asia are the newest targets of a China-based cyberespionage group dubbed Moshen Dragon after cybersecurity experts detected new waves of malicious activities from them. Security researchers found some common grounds between Moshen Dragon and other threat groups like Nomad Panda and RedFoxtrot since they have all utilised similar malware variants...Continue Reading
Several Android gadgets operating on Qualcomm and MediaTek chipsets were at risk against remote code execution (RCE) after security experts found vulnerabilities in the Apple Lossless Audio Codec (ALAC) implementation. Apple Lossless Audio Codec or ALAC is a tool provided by Apple, an audio coding format for lossless audio compression, made available in 2011. Since...Continue Reading
The Enemybot and the Fodcha botnets have been trying to compromise numerous targets globally by abusing multiple flaws in routers, modems, and Internet of Things (IoT) devices. These two newly discovered botnets can perform distributed denial-of-service attacks on any location. Enemybot and Fodcha are the newest addition to the long lists of botnets that will...Continue Reading
Several T-Mobile customers have recently filed reports about being targeted by a new SMS-phishing (SMiShing) campaign that attacks the victims with malicious links using unblockable texts via bulk or group sent messages. The public warning advisory was released by the New Jersey Cybersecurity & Communications Integration Cell (NJCCIC), an organisation that focuses on cybersecurity incident...Continue Reading
Another data wiper malware dubbed AcidRain was recently discovered by cybersecurity experts that attacked a telecommunication satellite called KA-SAT, owned by the Viasat company. The attack has impacted thousands of Ukrainian citizens alongside various countries in Europe. The new sophisticated wiper malware was found in the middle of March and can brute-force file names and...Continue Reading
Researchers have identified three critical security flaws impacting the Pascom Cloud Phone System that malicious threat actors could merge to attain a complete pre-authenticated code operation of affected systems. The critical vulnerabilities inside the CPS can be linked together, resulting in an unauthenticated malicious threat actor obtaining root privileges on affected devices. Pascom Cloud Phone...Continue Reading
