#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Telecom company | Breaking Cybersecurity News | The Hacker News

U.S. Adds 2 More Chinese Telecom Firms to National Security Threat List

U.S. Adds 2 More Chinese Telecom Firms to National Security Threat List

Sep 21, 2022
The U.S. Federal Communications Commission (FCC) has added Pacific Network Corp, along with its subsidiary ComNet (USA) LLC, and China Unicom (Americas) Operations Limited, to the list of communications equipment and services that have been deemed a threat to national security. The agency  said  the companies are subject to the Chinese government's exploitation, influence, and control, and could be forced to comply with requests for intercepting and misrouting communications, without the ability to challenge such requests. The Public Safety and Homeland Security Bureau further noted that equipment and services from ComNet and China Unicom could present an opportunity for the Chinese government to carry out espionage operations and gather intelligence against the U.S. Alternatively, they could also provide the Chinese government with a strategic capability to "target, collect, alter, block, and reroute network traffic." China Unicom also earned a place on the list fo
Researchers Disclose Rooting Backdoor in Mitel IP Phones for Businesses

Researchers Disclose Rooting Backdoor in Mitel IP Phones for Businesses

Jun 13, 2022
Cybersecurity researchers have disclosed details of two medium-security flaws in Mitel 6800/6900 desk phones that, if successfully exploited, could allow an attacker to gain root privileges on the devices. Tracked as  CVE-2022-29854  and  CVE-2022-29855  (CVSS score: 6.8), the access control issues were discovered by German penetration testing firm SySS, following which patches were shipped in May 2022. "Due to this undocumented backdoor, an attacker with physical access to a vulnerable desk phone can gain root access by pressing specific keys on system boot, and then connect to a provided Telnet service as root user," SySS researcher Matthias Deeg said in a statement shared with The Hacker News. Specifically, the issue relates to a previously unknown functionality present in a shell script ("check_mft.sh") in the phones' firmware that's designed to be executed at system boot. "The shell script 'check_mft.sh,' which is located in the direc
How to Find and Fix Risky Sharing in Google Drive

How to Find and Fix Risky Sharing in Google Drive

Mar 06, 2024Data Security / Cloud Security
Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn't anyone's fault; it's inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally.  For Security & Risk Management teams, the untenable risk of any Google Drive footprint lies in the toxic combinations of sensitive data, excessive permissions, and improper sharing. However, it can be challenging to differentiate between typical business practices and potential risks without fully understanding the context and intent.  Material Security, a company renowned for its innovative method of protecting sensitive data within employee mailboxes, has recently launched  Data Protection for Google Drive  to safeguard the sprawl of confidential information scattered throughout Google Drive with a powerful discovery and remediation toolkit. How Material Security helps organ
Virgin Media Data Leak Exposes Details of 900,000 Customers

Virgin Media Data Leak Exposes Details of 900,000 Customers

Mar 06, 2020
On the same day yesterday, when the US-based telecom giant T-Mobile admitted a data breach , the UK-based telecommunication provider Virgin Media announced that it has also suffered a data leak incident exposing the personal information of roughly 900,000 customers. What happened? Unlike the T-Mobile data breach that involved a sophisticated cyber attack, Virgin Media said the incident was neither a cyber attack nor the company's database was hacked. Rather the personal details of around 900,000 Virgin Media UK-based customers were exposed after one of its marketing databases was left unsecured on the Internet and accessible to anyone without requiring any authentication. "The precise situation is that information stored on one of our databases has been accessed without permission. The incident did not occur due to a hack, but as a result of the database being incorrectly configured," the company said in a note published on its website on Thursday night. Acc
cyber security

Uncover Critical Gaps in 7 Core Areas of Your Cybersecurity Program

websiteArmor PointCyber Security / Assessment
Turn potential vulnerabilities into strengths. Start evaluating your defenses today. Download the Checklist.
Hackers Compromise T-Mobile Employee' Email Accounts and Steal User' Data

Hackers Compromise T-Mobile Employee' Email Accounts and Steal User' Data

Mar 05, 2020
If you are a T-Mobile customer, this news may concern you. US-based telecom giant T-Mobile has suffered yet another data breach incident that recently exposed personal and accounts information of both its employees and customers to unknown hackers. What happened? In a breach notification posted on its website, T-Mobile today said its cybersecurity team recently discovered a sophisticated cyberattack against the email accounts of some of its employees that resulted in unauthorized access to the sensitive information contained in it, including details for its customers and other employees. Although the telecom company did not disclose how the breach happened, when it happened, and exactly how many employees and users were affected, it did confirm that the leaked information on its users doesn't contain financial information like credit card and Social Security numbers. What type of information was accessed? The exposed data of an undisclosed number of affected users incl
T-Mobile Suffers Data Breach Affecting Prepaid Wireless Customers

T-Mobile Suffers Data Breach Affecting Prepaid Wireless Customers

Nov 22, 2019
Are you a T-Mobile prepaid customer? If yes, you should immediately create or update your associated account PIN/passcode as additional protection. The US-based telecom giant T-Mobile today disclosed a yet another data breach incident that recently exposed potentially personal information of some of the customers using its prepaid services. What happened? In a statement posted on its website, T-Mobile said its cybersecurity team discovered a "malicious, unauthorized access" to information associated with an undisclosed number of its prepaid wireless account customers. However, the company did not disclose precisely how the breach happened, when it happened, and how the attackers unauthorizedly managed to access the private information of the company's prepaid customers. What type of information was accessed? The stolen data associated with customers' prepaid wireless accounts include their: names, phone numbers, billing addresses (if customers provided
Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages

Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages

Oct 31, 2019
A group of Chinese hackers carrying out political espionage for Beijing has been found targeting telecommunications companies with a new piece of malware designed to spy on text messages sent or received by highly targeted individuals. Dubbed " MessageTap ," the backdoor malware is a 64-bit ELF data miner that has recently been discovered installed on a Linux-based Short Message Service Center (SMSC) server of an unnamed telecommunications company. According to a recent report published by FireEye's Mandiant firm, MessageTap has been created and used by APT41 , a prolific Chinese hacking group that carries out state-sponsored espionage operations and has also been found involved in financially motivated attacks. In mobile telephone networks, SMSC servers act as a middle-man service responsible for handling the SMS operations by routing messages between senders and recipients. Since SMSes are not designed to be encrypted, neither on transmitting nor on the telec
T-Mobile Hacked — 2 Million Customers' Personal Data Stolen

T-Mobile Hacked — 2 Million Customers' Personal Data Stolen

Aug 24, 2018
T-Mobile today confirmed that the telecom giant suffered a security breach on its US servers on August 20 that may have resulted in the leak of "some" personal information of up to 2 million T-Mobile customers. The leaked information includes customers' name, billing zip code, phone number, email address, account number, and account type (prepaid or postpaid). However, the good news is that no financial information like credit card numbers, social security numbers, or passwords, were compromised in the security breach. According to a brief blog post published by the company detailing the incident, its cybersecurity team detected and shut down an "unauthorized capture of some information" on Monday, August 20. Although the company has not revealed how the hackers managed to hack into its servers neither it disclosed the exact number of customers affected by the data breach, a T-Mobile spokesperson told Motherboard that less than 3 percent of its 77 m
Record-breaking 1.9 Gbps Internet Speed achieved over 4G Mobile Connection

Record-breaking 1.9 Gbps Internet Speed achieved over 4G Mobile Connection

Aug 30, 2016
Elisa , one of the biggest Finnish Internet Service Providers (ISP), claims to have achieved a new world record for 4G network with 1.9 gigabit-per-second (Gbps) data download speed using Huawei technology. Currently, Sweden and the United Kingdom have been crowned as the top countries across the world when it comes to fastest mobile 3G and 4G speeds, but now Finland is also working hard to give them a tough competition. Elisa set this record-breaking benchmark with the help of technology provided by Chinese telecom giant Huawei that could allow real-world mobile 4G users to download a Blu-ray film in just 40-45 seconds. 4G and 5G Technology: The future of Mobile Networks In February last year, a team of researchers from the University of Surrey managed to achieve a record-breaking speed of 1 Terabit per second (1Tbps) during a test of 5G wireless data connections, which is over 500 times faster than Elisa's 4G speed. While, in June last year, the International Tele
Treasure Map — Five Eyes Surveillance Program to Map the Entire Internet

Treasure Map — Five Eyes Surveillance Program to Map the Entire Internet

Sep 15, 2014
The National Security Agency and its British counterpart, GCHQ , gained secret access to the German telecom companies' internal networks, including Deutsche Telekom and Netcologne, in an effort to " map the entire Internet — any device, anywhere, all the time. " As reported by German news publication Der Spiegel, citing the new set of leaked documents provided by former NSA contractor Edward Snowden, the five major intelligence agencies including NSA and GCHQ have been collaborating to get near-real-time visualization of the global internet as a part of NSA's ' Treasure Map ' surveillance program , also dubbed as "the Google Earth of the Internet." TREASURE MAP TRACKS YOU 'ANYWHERE AND ALL THE TIME' The data collected by the intelligence agencies doesn't just include information from large traffic channels, such as telecommunications cables. Rather, it also include information from every single device that is connected to the internet somewhere in the w
Belgium’s largest Telcom 'Belgacom' hacked; NSA could be behind the Attack

Belgium's largest Telcom 'Belgacom' hacked; NSA could be behind the Attack

Sep 16, 2013
Belgacom , the largest telecommunications company in Belgium today announced that their IT Systems were hacked and infected with an unknown Malware . In order to eliminate that virus effectively, they clean up the entire system. The company also highlights that they have no indication of any impact on their telecommunication services, customer and employee data. According to the complexity of the malware, it appears to be the work of a state-sponsored entity. Belgacom which handles some of the undersea cables that carry voice and data traffic around the world, so the NSA or Britain's GCHQ could be behind the intrusion. That traffic would be a likely target for an attacker. The attack reportedly affected a few dozen machines on Belgacom's network, including some servers and the intrusion had been active for as long as two years by the time the Belgian company discovered it. Hacked data might help intelligence agencies to gather data on communications coming from the li
Snowden : Seven Private Telecom Companies giving unlimited access to British spy agency

Snowden : Seven Private Telecom Companies giving unlimited access to British spy agency

Aug 02, 2013
The latest release from Edward Snowden shows that the Vodafone, BT, Verizon and some other total seven Private Telecom Companies have been secretly collaborating with the British spy agency, GCHQ and giving unlimited access to the details of phone calls, emails and Facebook entries. Another leak claimed that The US government has paid at least £100m to the UK spy agency GCH Q over the last three years to secure access to and influence over Britain's intelligence gathering programs. One of the PowerPoint presentations, dating 2009, mentions British Telecom, Verizon, Vodafone, Level 3, Global Crossing, Interoute and Viatel, and Sueddeutsche Zeitung calls them key partners of GCHQ. Snowden left the Moscow airport in a taxi, although his intended destination was not clear. The US said it was extremely disappointed by Russia's decision. According to Snowden, when handing over these documents, " It's not just a US problem " and he stated that, in fact, GCHQ is
Cybersecurity Resources