InfoSecBulletin Cybersecurity for mankind
Frontier Communications, a Texas-based telecom company, reported a cyberattack to the Securities and Exchange Commission. The company offers internet services in over 25 states and had $5.75 billion in revenues in 2023.
The company said it detected unauthorized access to its IT systems on April 14 and began instituting “containment measures” that included “shutting down certain of the Company’s systems.” The shutdowns caused operational disruption that the company said “could be considered material.”
CVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
Apple Releases Patch for two Actively Exploited Zero-Day
Maxar Space Data Leak, Company admit, Investigation ongoing!
GitHub CLI Vulnerability Could Allow RCE
“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data
BugHunt 2024: A Milestone Cyber security Competition held at Dhaka
TP-Link DHCP Vulnerability Allow Attackers Takeover Routers Remotely
WSJ reports
T-Mobile hacked in massive breach of telecom networks
Palo Alto Networks Confirms critical RCE zero-day actively exploited
CISA, FBI Warns
Hacker compromised multiple teleco network at US
The company statement reads, On April 14, 2024, Frontier Communications Parent, Inc. (the “Company”) detected that a third party had gained unauthorized access to portions of its information technology environment. Upon detection, the Company initiated its previously established cyber incident response protocols and took measures to contain the incident. As part of this process, the containment measures, which included shutting down certain of the Company’s systems, resulted in an operational disruption that could be considered material. Based on the Company’s investigation, it has determined that the third party was likely a cybercrime group, which gained access to, among other information, personally identifiable information.
As of the date of this filing, the Company believes it has contained the incident and has restored its core information technology environment and is in the process of restoring normal business operations.
The Company continues to investigate the incident, has engaged cybersecurity experts, and has notified law enforcement authorities. The Company does not believe the incident is reasonably likely to materially impact the Company’s financial condition or results of operations.
On its website, Frontier says it is experiencing technical issues with its internal support systems and provided a phone number for those in need of assistance.
As of Thursday afternoon, no hacking group has claimed responsibility for the incident. Recently, many telecommunication companies have been targeted by cybercriminals and nation-states, who are conducting more frequent attacks on companies that possess large amounts of consumer data.
AT&T recently revealed a data breach that affected over 51 million people. The breach exposed customer information such as Social Security numbers, AT&T account numbers, and AT&T passcodes.
The Federal Communications Commission (FCC) updated its data breach rules in December. This is the first time in 16 years that the rules have been updated. The updates expand the regulations on how telecommunication companies report cybersecurity incidents.
FCC Chairwoman Jessica Rosenworcel argued that the rules the agency created more than 15 years ago are no longer compatible with a modern world where telecommunication carriers have access to a “treasure trove of data about who we are, where we have traveled, and who we have talked to.”
Source: UNITED STATES SECURITIES AND EXCHANGE COMMISSION WEBSITE & THE RECORD
