InfoSecBulletin Cybersecurity for mankind
Frontier Communications, a Texas-based telecom company, reported a cyberattack to the Securities and Exchange Commission. The company offers internet services in over 25 states and had $5.75 billion in revenues in 2023.
The company said it detected unauthorized access to its IT systems on April 14 and began instituting “containment measures” that included “shutting down certain of the Company’s systems.” The shutdowns caused operational disruption that the company said “could be considered material.”
Eight New ICS Advisories released by CISA
Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI
London-based company “Builder.ai” reportedly exposed 1.2 TB data
(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall
“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA
CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability
U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports
Daily Security Update Dated: 18.12.2024
CISA released best practices to secure Microsoft 365 Cloud environments
Data breach! Ireland fines Meta $264 million, Australia $50m
The company statement reads, On April 14, 2024, Frontier Communications Parent, Inc. (the “Company”) detected that a third party had gained unauthorized access to portions of its information technology environment. Upon detection, the Company initiated its previously established cyber incident response protocols and took measures to contain the incident. As part of this process, the containment measures, which included shutting down certain of the Company’s systems, resulted in an operational disruption that could be considered material. Based on the Company’s investigation, it has determined that the third party was likely a cybercrime group, which gained access to, among other information, personally identifiable information.
As of the date of this filing, the Company believes it has contained the incident and has restored its core information technology environment and is in the process of restoring normal business operations.
The Company continues to investigate the incident, has engaged cybersecurity experts, and has notified law enforcement authorities. The Company does not believe the incident is reasonably likely to materially impact the Company’s financial condition or results of operations.
On its website, Frontier says it is experiencing technical issues with its internal support systems and provided a phone number for those in need of assistance.
As of Thursday afternoon, no hacking group has claimed responsibility for the incident. Recently, many telecommunication companies have been targeted by cybercriminals and nation-states, who are conducting more frequent attacks on companies that possess large amounts of consumer data.
AT&T recently revealed a data breach that affected over 51 million people. The breach exposed customer information such as Social Security numbers, AT&T account numbers, and AT&T passcodes.
The Federal Communications Commission (FCC) updated its data breach rules in December. This is the first time in 16 years that the rules have been updated. The updates expand the regulations on how telecommunication companies report cybersecurity incidents.
FCC Chairwoman Jessica Rosenworcel argued that the rules the agency created more than 15 years ago are no longer compatible with a modern world where telecommunication carriers have access to a “treasure trove of data about who we are, where we have traveled, and who we have talked to.”
Source: UNITED STATES SECURITIES AND EXCHANGE COMMISSION WEBSITE & THE RECORD
