Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Verizon. Show all posts
Verizon
911 service AT&T Consumer Cellular customer complaints Cyber Security Downdetector FBI mobile phone Outage service interruptions T-Mobile USCellular Verizon

Cell Service Restored Following Extensive AT&T Outage

 

AT&T has resolved issues affecting its mobile phone customers following widespread outages on Thursday, according to a company announcement.Throughout the day, tens of thousands of cell phone users across the United States reported disruptions.

Reports on Downdetector.com, a platform monitoring outages, indicated instances of no service or signal after 04:00 EST (09:00 GMT).

AT&T issued an apology to its customers and confirmed that services were fully operational again by early afternoon. The company stated its commitment to taking preventive measures to avoid similar incidents in the future. The cause of the outage is currently being investigated.

Verizon and T-Mobile informed the BBC that their networks were functioning normally. However, they acknowledged that some customers may have experienced service issues while attempting to communicate with users on different networks.

According to Downdetector, AT&T received over 74,000 customer complaints, with significant clusters in southern and eastern regions of the country.

Smaller carriers like Cricket Wireless, UScellular, and Consumer Cellular also reported interruptions in service. Complaints ranged from difficulties with calls, texts, to internet access, with many users reporting no service or signal.

Downdetector's data showed that major cities including Los Angeles, Chicago, Houston, and Atlanta experienced high numbers of outages.

Some individuals also faced challenges with 911 services, prompting officials to advise the use of landlines, social media, or cell phones from alternative carriers in emergencies.

The widespread outage has garnered the attention of the US government, with the FBI and Department of Homeland Security launching investigations, as confirmed by John Kirby, spokesperson for the US National Security Council.

Eric Goldstein, executive assistant director for cybersecurity at the US Cybersecurity and Infrastructure Security Agency, stated that they are collaborating with AT&T to understand the root cause of the outage and are ready to provide assistance as necessary.

Although a confidential memo reported by ABC News suggested no signs of malicious activity, CISA officials are actively investigating the incident.
Read more »
Verizon
Cyber Security and Privacy Data Breach data security Information Leak insider data breaches Verizon

Unraveling the Aftermath of Verizon's Insider Data Breach Impacting 63,000 Employees

In the fast-paced world of digital connectivity, data breaches have become an unfortunate reality that businesses must constantly guard against. Recently, telecommunications giant Verizon found itself in the throes of a security crisis as it grappled with the fallout of an insider data breach, putting critical information of over 63,000 employees at risk.  

The breach, which sent shockwaves through the cybersecurity community, shed light on the vulnerability that even industry leaders face in the evolving landscape of digital threats. As businesses rely more than ever on interconnected systems and digital platforms, the risks associated with insider breaches become increasingly pronounced. Verizon, known for its commitment to providing cutting-edge telecommunications services, has traditionally been at the forefront of cybersecurity measures. However, no organization is immune to the risks posed by insider threats, as demonstrated by this recent breach. 

The incident, first identified by Verizon's internal security team, revealed unauthorized access to sensitive employee data. The compromised information included personal details, employee identification records, and potentially even financial data. With the scale of the breach affecting a significant portion of the workforce, the potential for identity theft, financial fraud, and other malicious activities looms large. 

One of the most concerning aspects of insider breaches is the breach of trust within the organization. Employees, the lifeblood of any company, entrust their personal information to their employers, expecting it to be safeguarded with the utmost care. When this trust is violated, the consequences extend beyond the immediate data compromise. Morale and confidence within the workforce can plummet, impacting productivity and overall company culture. 

Verizon, in response to the breach, swiftly initiated an internal investigation to ascertain the extent of the damage and identify the individuals responsible. The company also promptly notified the affected employees, providing guidance on steps to mitigate potential risks, such as monitoring financial accounts for suspicious activity and enabling additional security measures. The incident serves as a stark reminder of the critical need for robust cybersecurity measures, not only against external threats but also from within the organization. 

As companies increasingly embrace remote work and digital collaboration tools, the attack surface for potential breaches widens, making it imperative for organizations to implement comprehensive security protocols. The aftermath of this breach highlights the importance of continuous employee training on cybersecurity best practices. Employees are often the first line of defense against insider threats, and fostering a culture of awareness and vigilance is crucial in mitigating the risk of such incidents. Regular security audits, access controls, and monitoring systems can also play a pivotal role in preventing unauthorized access to sensitive data. 

The Verizon insider data breach serves as a wake-up call for businesses across industries. The incident underscores the need for a proactive approach to cybersecurity that encompasses not only external threats but also the potential risks lurking within the organization. As technology continues to advance, organizations must adapt and strengthen their security measures to safeguard their most valuable asset – their data – and maintain the trust of their employees and customers alike.

Read more »
Verizon
Cyber Security Law Enforcement Phishing Attacks Ransomware Attacks. Sensitive data Unauthorized access Verizon

Verizon DBIR: Social Engineering Breaches Surge, Driving Ransomware Costs

The annual Verizon Data Breach Investigations Report (DBIR) has revealed a significant increase in social engineering breaches, which have resulted in a surge in ransomware costs. The report highlights the growing threat landscape and the urgent need for organizations to bolster their security measures against these evolving attacks.

According to the DBIR, social engineering breaches have doubled in frequency compared to the previous year. Attackers are increasingly leveraging phishing, pretexting, and impersonation to manipulate individuals within organizations and gain unauthorized access to sensitive data. This alarming rise in social engineering attacks has led to a corresponding spike in ransomware incidents.

Ransomware attacks, in particular, have become a significant concern for businesses of all sizes. The report reveals that the median cost of ransomware breaches has doubled, contributing to the escalating financial impact of cyberattacks. These attacks not only result in financial losses from paying the ransom but also lead to significant operational disruptions, reputational damage, and potential legal liabilities.

The Verizon DBIR emphasizes the importance of proactive measures to mitigate the risk of social engineering and ransomware attacks. Organizations need to invest in comprehensive security awareness training programs to educate employees about the latest attack techniques and how to identify and report suspicious activities. Additionally, implementing strong email security measures, such as robust spam filters and multi-factor authentication, can help prevent phishing attacks.

Regular patching and software updates are critical to addressing known vulnerabilities, as attackers often exploit outdated systems. Network segmentation and robust access controls can limit the lateral movement of attackers within an organization's infrastructure, minimizing the potential impact of a breach.

Furthermore, organizations are advised to establish an incident response plan that outlines the steps to be taken in the event of a security incident. This plan should include procedures for isolating affected systems, notifying relevant stakeholders, and working with law enforcement and incident response teams.

The Verizon DBIR is a stark reminder that social engineering breaches and ransomware attacks continue to pose significant threats to organizations worldwide. With the financial and operational consequences on the rise, it is imperative for businesses to prioritize cybersecurity measures and invest in technologies and practices that can effectively detect, prevent, and mitigate such attacks.

By adopting a multi-layered approach to security, integrating employee training, implementing robust technical controls, and maintaining a proactive incident response capability, organizations can better defend against social engineering and ransomware attacks, safeguarding their critical assets and minimizing the potentially devastating impact of a breach.
Read more »
Verizon
Cloud Security Cyber Security data security Security Breach Security Observability SIEM Verizon

Security Observability: How it Transforms Cloud Security


Security Observability 

Security Observability is an ability to gain recognition into an organization’s security posture, including its capacity to recognize and address security risks and flaws. It entails gathering, analyzing, and visualizing security data in order to spot potential risks and take preventative action to lessen them. 

The process involves data collection from varied security tools and systems, like network logs, endpoint security solutions, and security information and event management (SIEM) platforms, further utilizing the data to observe potential threats. In other words, unlike more conventional security operations tools, it informs you of what is expected to occur rather than just what has actually occurred. Security observability is likely the most significant advancement in cloud security technology that has occurred in recent years because of this major distinction. 

Though, a majority of users are still unaware of security observability, which is something that raises concerns. According to a 2021 Verizon Data Breach Investigations Report, cloud assets were included in 24% of all breaches analyzed, up from 19% in 2020. 

It is obvious that many people working in cloud security are responding slowly to new risks, and a select few need to act more quickly. This is likely to get worse as multi-cloud apps that leverage federated architectures gain popularity and cloud deployments become more varied and sophisticated. The number of attack surfaces will keep growing, and attackers' ingenuity is starting to take off. 

Organizations can embrace cloud security observability to get a more complete understanding of their cloud security position, allowing them to: 

  • Detect and Respond to Threats More Quickly: Cloud security allows firms to recognize and respond to threats fasters, in a much proactive manner, all by collecting data from numerous security tools and systems. 
  • Identity Vulnerabilities and Secure Gaps: With a better knowledge about the potential threats, organizations can take upbeat measures to address the issues before the bad actors could manage to exploit them. 
  • Improve Incident Response: Cloud security observability can help organizations improve their incident response skills and lessen the effect of attacks by giving a more thorough view of security occurrences. 
  • Ensure Compliance: Cloud security observability further aids organizations in analyzing and monitoring their cloud security deployment/posture to maintain compliance with industry rules and regulations, also supporting audits and other legal accounting.  

Read more »
Verizon
Data Leak Privacy User Security User Data User Privacy User Safety Verizon

Hacker Steals Database of Verizon Employees

 

A hacker stole a database including hundreds of Verizon workers' complete names, email addresses, corporate ID numbers, and phone numbers. By calling phone numbers in the database, Motherboard was able to confirm that at least part of the data is genuine. Four persons confirmed their complete identities and email addresses, as well as their employment at Verizon. It's uncertain whether all of the info is correct or up to date.

Another person validated the information and stated that she used to work for the company. A dozen more numbers received voicemails that included the names in the database, implying that they are also correct. Last week, the hacker contacted Motherboard to provide the information. 

The data was obtained, according to the unidentified hacker, by convincing a Verizon employee to grant them remote access to their company computer. At that time, the hacker claimed to have gotten access to a Verizon internal tool that displays employee data and to have developed a script to query and scrape the database. 

“These employees are idiots and will allow you to connect to their PC under the guise that you are from internal support,” they told Motherboard in an online chat. The hacker stated they reached out to Verizon and shared the email that he sent to the company. 

“Please feel free to respond with an offer not to leak you’re [sic] entire employee database,” the hacker wrote in the email, according to a screenshot of it. The hacker stated they would like Verizon to pay them $250,000 as a reward. A Verizon spokesperson confirmed the hacker has been in contact with the company. 

“A fraudster recently contacted us threatening to release readily available employee directory information in exchange for payment from Verizon. We do not believe the fraudster has any sensitive information and we do not plan to engage with the individual further,” the spokesperson told Motherboard in an email. 

“As always, we take the security of Verizon data very seriously and we have strong measures in place to protect our people and systems.” 

While the stolen information does not include Social Security numbers, passwords, or credit card details, it is nonetheless potentially harmful. It might be beneficial for hackers who wish to target corporate employees—or mimic one while speaking with another—in order to get access to internal tools. An attack of this type would offer hackers the opportunity to impersonate Verizon personnel and, if successful, complete access to networks that would allow them to look up individuals' information and transfer their phone numbers, a practice known as SIM swapping. 

For years, hackers have gained access to victims' phone numbers, allowing them to change the target's email password, for example. As a result, the hackers get access to the victim's bank or cryptocurrency account. Hundreds, if not thousands, of people have been victimised by this type of breach in recent years. Several persons have been arrested and indicted in the United States for allegedly participating in these types of cyberattacks.
Read more »
Verizon
Mobile Security Personal Information Phishing scam Spam SMS Verizon

Verizon Phishing Scam Uses Text Messages to Target Customers

 

Verizon subscribers had started to get malicious texts from unknown senders, according to a report published by Phone Arena on Saturday, October 9. Sending messages to a receiver using a suspicious phone number is a phishing technique. The precise contact number is 562-666-1159, and it informs users that their prior month's fee has already been paid. The exact message reads as follows: "Verizon Free Message: Sept bill is paid. Thanks, (first name of the customer)! Here's a little gift for you." 

According to Phone Arena, the majority of Verizon customers have already paid their September bills. As a result, the old invoice suggested that the hacker's message was entirely fictitious. In addition, Verizon is unlikely to deliver a gift to users who have paid their bills in advance. This current phishing attack could indicate that the user's personal information is about to be stolen. 

This attack was similar to what T-Mobile customers experienced previously. Phone Arena said it's conceivable that the phone numbers used to send the phoney messages came from T-Mobile's recent data hack, which affected 48 million members. The text pretended to be from T-Mobile and promised the recipients of the message a $100 free gift as compensation for an outage that occurred somewhere around that time. 

The way T-Mobile was spelled as Tmobile was one of the obvious clues that the whole affair was a hoax. The truth was hidden in the tiny print: the SMS was sent by a marketing firm with no ties to T-Mobile, and the firm was attempting to acquire information about T-Mobile consumers, presumably gathering confirmed phone numbers of the carrier's subscribers.

Coming back to Verizon, the cybercriminals behind the text message will request personal information from subscribers. If a subscriber falls for this ruse, his or her security number, bank account number, and other personal data will be stolen. The threat actor would have access to the required details of a subscriber's Verizon account if this happened. Once the scam is successful, the hackers will order a phone that the user will have to pay for. 

If customers are concerned whether a text or email is real, they should phone the carrier and inquire if someone from that company sent them the message in question, according to Phone Arena. They also recommended that anyone having a wireless account set up a password or PIN to keep their account safe from prying eyes.
Read more »
Vzwpix
Cofense Cyber Attacks Phishing Campaign Verizon Vzwpix

Cofense Report Analysis on Phishing Campaign Utilizing Vzwpix

 

Researchers at the Cofense Phishing Defense Center (PDC) have been able to dig further into the addressing characteristics of one of the phishing attempt that used Verizon's multimedia messaging service - Vzwpix – employing Cofense Vision. 

Verizon's Vzwpix is a genuine multimedia messaging service. It allows users to send emails from mobile phones, which often include the sender's contact number. Fraudsters exploit the popularity of this service by faking an original email address via spoofing. 

Cyber attackers could use these services to mass deliver SMS that comes from a mobile number but does not include the sender's name and identity. If somehow the recipient does not recognize the mobile number, then they might be left speculating who had sent these emails. 

Hundreds of complaints about Verizon's Vzwpix service domain have been obtained by the Cofense PDC over the last week. 

A majority of these messages would be texts or pictures, but investigators are continuously on the lookout for potential risks. Malicious actors used Vzwpix to target potential audiences in a range of sectors throughout the last week. 

According to Cofense PDC, the message received by the users were all in plain text and without any formatting or pictures. It leads to a new voicemail and employs a monetary enticement via ACH transfers.

The link is provided as plain text, informing users of where they will be redirected. It was smart enough to avoid the first assessment from the secure email gateway (SEG) by employing a valid survey application; nevertheless, certain SEGs would've been able to verify the content of the survey via link click. 

The cyber attackers employed Alchemer, a survey form generator that makes it very convenient to design a survey form for users to answer. 

Further research shows that the survey is erroneously designed as a OneDrive login page, although most of the consumers were probably able to assume that this isn't a genuine Microsoft OneDrive login page. 

The continue button is likewise off to the side, giving the impression that the site wasn't intended to be read with a PC web browser. 

While using it from a smartphone, the form layouts are noticeably different. The modified phishing page is displayed within a white box, as well as the button is placed between the entry fields. 

Utilizing Cofense Vision, Researchers were easily able to detect several individuals who received a similar email at their organization. Even though each email originated from the very same phone number, the message IDs were all unique. All the message IDs were indeed associated with the Verizon phone number which sent messages. Each message ID correlates to a separate group of recipients which was listed in the email's "To" address section. 

In the analysis, every group appeared to have a minimum of 10 email accounts, comprising PDC customers and other external domains as well. After excluding the unique domains, researchers were able to ascertain that 50% of all recipients worked in the food production industry. 

The PDC client in these groups worked in the manufacturing industry, however, one of the major subsidiaries in the food manufacturing industry. Another 25% of the targeted domains are in the supply chain and media industries.
Read more »
Subscribe to: Posts (Atom)