Tag

CYBER SECURITY

Browsing

More than 130,000 Telstra customers’ personal information has been made public online. According to the company, there was no cyberattack involved; rather, the issue was caused by a “misalignment of databases” as stated by Telstra. The incident is the most recent in a string of massive, unauthorized exposures of personal information in Australia.   The telecom giant confessed that the information, which included the names, addresses and phone numbers of customers who had requested that their information be kept confidential, had been published on the White Pages and Directory Assistance Services websites. Telstra’s routine auditing procedures revealed the data leak.    Following the finding, Telstra began contacting affected consumers and is providing free identity theft protection services. The corporation claims to have since deleted the consumer information from public view.   “Protecting our customers’ privacy is absolutely paramount, and for the customers impacted we understand this is an unacceptable breach…

The Orange subsidiary, Orange Cyberdefense, has purchased all of the shares of SCRT and Telsys, two Swiss businesses. These two sister companies, which have operations in Geneva and Bern, together with a joint headquarters in Morges, near Lausanne, employ over 100 professionals with expertise in cybersecurity and related services.   The growth of Orange Cyberdefense is a strategic goal for the Orange Group as it seeks to position itself as a top European cybersecurity business. The purchases, according to Orange, would strengthen the group’s cyberdefense business, which intends to generate 1 billion euros in revenue next year. The financial terms of this deal have not been disclosed.   Currently, Orange Cyberdefense operates in nine countries, including France, Belgium, Denmark, Germany, the Netherlands, Norway, Sweden, the United Kingdom and Switzerland.   With the acquisition of SCRT and Telsys, Orange Cyberdefense is now able to provide around-the-clock local assistance to Swiss organizations.…

According to an update from Optus, 2.1 million of the 9.8 million current and past customers whose data was exposed had at least one portion of an identification document, such as a license or passport number, accessed. In addition to personal data such as name, address, and date of birth, a current and legitimate form of identification was compromised for around 1.2 million people.  For the remaining 900,000 users, the breach compromised an out-of-date ID. Optus stated that it has contacted all of the affected individuals and instructed them on the steps to take so as to minimize the damage done by this hack. Optus has also promised to reimburse victims the cost of passport replacement.   The company has encouraged the remaining 7.7 million consumers to be cautious. Even though their identification documents were not stolen, the breach disclosed information such as email addresses, birth dates and phone…

TPx, a managed services company that offers cybersecurity, managed networks and cloud communications, has added Penetration Scanning to its Security Advisory Services offering.   TPx Penetration Scanning makes use of an automated scanning platform, which allows for quick turnaround times and cost-effective services. This advanced product expands on TPx’s Vulnerability Scanning, which examines network-connected devices in order to discover possible security leaks.   The combination of penetration and vulnerability scanning when used jointly offers a more thorough method of risk identification and security reinforcement. TPx Vulnerability and Penetration Scan simulates hacker behavior to assist clients evaluate the probability that a criminal will be able to successfully attack a company’s weaknesses in order to obtain access to systems or secret information on the network. Scanners track a company’s risk profile in almost real-time, with the  analysis being conducted as a one-time activity or on a regular basis.   Rick Mace, CEO…

In late July, Samsung Electronics experienced a cybersecurity incident that resulted in the exposure of personal data of some American customers. The business said it discovered the data breach on August 4.   Samsung claims that the customers’ social security numbers and credit card numbers were unaffected, but information such as names, contact information, demographic information, date of birth, and product registration information was compromised.   Samsung has already issued a warning to impacted consumers to be on the lookout for phishing emails that attempt to obtain additional personal data. These emails may be used for identity theft or to deceive recipients into installing malware on their computers.   The business did not, however, address how many consumers were impacted or why it took Samsung more than a month to alert customers regarding this breach, which was reported only hours before a Labor Day weekend in the United States.  …

Following a period of public debate, the UK government has decided on new security requirements for telecom providers. It now intends to introduce the Electronic Communications (Security) Measures Regulations 2022 and an accompanying Telecommunications Security Code of Practice to Parliament before the regulations take effect.   The new rules seek to better secure UK telecoms networks from cyberattacks. Once in effect, telecoms businesses will be expected to follow tight standards around network failure or the theft of sensitive data, with the regulatory agency Ofcom receiving additional powers to verify providers are adopting suitable and proportional security measures.   The government declared that the new telecommunications security legislation, designed in collaboration with the National Cyber Security Centre (NCSC), will be among the toughest in the world and will provide the UK with much stronger measures. They will strengthen the UK’s cyber resilience by incorporating strong security practices into providers’ long-term investment…

According to Google Cloud, it successfully stopped the greatest distributed denial-of-service (DDoS) assault ever, which reached a peak of 46 million requests per second (rps). One Google Cloud client who was utilizing the DDoS protection service Google Cloud Armor was the target of the assault on June 1.   The attackers blasted consumers’ HTTP/S Load Balancer with HTTPS requests for 69 minutes, starting with 10,000 rps and quickly scaling up to 100,000 rps until peaking at a stunning 46 million rps. The assault was notable not just for its surprisingly enormous level of traffic, but also for other factors. 5,256 source IPs from 132 different countries participated in the assault.   According to Google, it is the largest ever attack at Layer 7, which refers to the applications top layer in the Internet’s OSI model.   The assault on Google’s client was nearly twice as large as a June HTTPS…

Singtel has announced an additional US$100 million investment in Singtel Innov8, its corporate venture arm, in order to cultivate businesses with technology matched with the telco’s own priorities. The funds will also diversify their investments across regional and global markets.   The most recent cash infusion brings the Singapore carrier’s total investment in Innov8, which was founded in 2010, to $350 million. According to a statement released by Singtel on Tuesday, the VC arm has since invested in more than 95 companies, and has enjoyed 35 exits, four of which were unicorns.   Innov8 made investments in companies that match the group’s commercial interests, which include 5G, artificial intelligence (AI), sustainability, cybersecurity, the digital economy, and other cutting-edge technologies. The company uses an evergreen fund model of operation, reinvesting profits from portfolio sales into new assets. With this additional funding, Innov8 will diversify its investment portfolio even more, adding ventures…

DIDWW, a leading telecom operator that offers premium quality and fully compliant VoIP communications for businesses and telco carriers worldwide, has recently joined the Communications Fraud Control Association (CFCA). This membership will bring tangible benefits to the company and their customers in further strengthening protection against telecom fraud and dealing with new and emerging risks. Established in 1985, the CFCA is a non-profit international association focused on risk management, loss prevention and fraud control. With over 600 individual members, the association now includes over 115 different carriers, private network owners, end-users, law enforcement agencies, fraud management vendors and service providers from all around the world, who actively collaborate to combat and prevent communications fraud.   As a member of this association, DIDWW will cooperate and network with other professionals in the industry to share their expertise and focus on the competencies needed to confront increasing fraud challenges and effectively…

Chinese government-backed hackers have attacked major telecoms businesses throughout the world in a cyber-espionage effort that has lasted at least two years and has successfully compromised at least 13 telecommunications groups.   In a recent advisory, the FBI, NSA and CISA stated that hackers linked to the People’s Republic of China (PRC) had targeted and hacked major telecommunications businesses by exploiting simple and well-known network and system vulnerabilities.   According to the report, Chinese espionage is often initiated with hackers surveying target networks and exploring the manufacturers, models, versions, and known vulnerabilities of routers and networking equipment using open-source scanning tools such as RouterSploit and RouterScan. The Chinese government consistently disputes charges of hacking.   The statement from the American security agencies did not name the victims of the hacking, nor did it specify the extent of the damage. However, US authorities did list specific networking equipment, such as routers…