Exploitation of vulnerability affecting Palo Alto… – NCSC.GOV.UK – National Cyber Security Centre
Exploitation of vulnerability affecting Palo Alto… – NCSC.GOV.UK National Cyber Security Centre
Exploitation of vulnerability affecting Palo Alto… – NCSC.GOV.UK National Cyber Security Centre
US telecom provider Frontier Communications was forced to shut down a number of its internal systems after detecting an unauthorized third party in its IT environment, shuttering internet access for millions.
Frontier Communications said it first detected the unauthorized access on 14 April 2024, before reporting the incident to the SEC on 15 April. The company said it had taken its systems down as part of its incident response protocols in an effort to contain the breach.
Frontier reported it believes it has contained the incident, with its core IT environment already restored, adding that it has also begun efforts to restore normal business operations, but this process is still ongoing.
Frontier serves customers in 25 US states, with 3 million broadband subscribers and a fiber optic network consisting of 5.2 million locations, as threat actors continue to target critical national infrastructure organizations to maximize the impact of their attacks.
Frontier says the third party, which it believes was likely a cyber crime group, was able to gain access to personally identifiable information (PII), among other information.
The telecom provider was unable to provide any further information on the specific types of sensitive information accessed by the attackers, or whether the PII pertained to customers or employees.
Some customers took to social media to voice their concern after being without internet for three days since Frontier took its systems down, reporting they cannot access technical support through Frontier’s app, website chat, or their phone line.
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security – newly updated for 2024.
Frontier announced it was experiencing technical issues with its internal support systems and provided a phone number for those who require assistance.
This incident comes hot on the heels of a series of high-profile cyber incident affecting telecom companies.
A huge cache of AT&T customer data was published on the dark web on 30 March 2024, with the personal…
If you are using an Android device, it’s crucial to be aware that the Indian government’s Computer Emergency Response Team has issued a warning regarding ‘high’ security risk vulnerabilities in Android. The team emphasises that these exploits have the potential to allow attackers to gain sensitive information and execute arbitrary code on your phone.
Which Android Versions Are Affected?
These vulnerabilities are found in Android versions 11, 12, 13, and 14. This implies that even if you have the latest Android version, you are not exempt from these risks.
CERT-In highlights that multiple vulnerabilities exist within the framework, system, arm components, and MediaTek components, Unisoc components, Qualcomm components, and Qualcomm close-sourced components.
How To Protect Yourself?
To safeguard your device, you will need to have Android “Security patch levels of 2024-02-05 or later to address all of these issues.” So, when the OEM of your device releases the said update, simply download the latest available update.
Considering the ‘high’ severity rating, it’s advisable to focus on additional security-enhancing features. Enable two-factor authentication, use a robust passcode, and maintain good digital hygiene practices.
These Are The Vulnerabilities Affecting the Aforementioned Android versions
CVE-2023-32841, CVE-2023-32842, CVE-2023-32843, CVE-2023-33046, CVE-2023-33049, CVE-2023-33057, CVE-2023-33058, CVE-2023-33060, CVE-2023-33072, CVE-2023-33076, CVE-2023-40093, CVE-2023-40122, CVE-2023-43513, CVE-2023-43516, CVE-2023-43518, CVE-2023-43519, CVE-2023-43520, CVE-2023-43522, CVE-2023-43523,CVE-2023-43533, CVE-2023-43534, CVE-2023-43536, CVE-2023-49667, CVE-2023-49668, CVE-2023-5091, CVE-2023-5249, CVE-2023-5643, CVE-2024-0014, CVE-2024-0029, CVE-2024-0030, CVE-2024-0031, CVE-2024-0032, CVE-2024-0033, CVE-2024-0034, CVE-2024-0035, CVE-2024-0036, CVE-2024-0037, CVE-2024-0038, CVE-2024-0040, CVE-2024-0041, CVE-2024-20003, CVE-2024-20006, CVE-2024-20007, CVE-2024-20009, CVE-2024-20010, CVE-2024-20011.
top videos
Samsung Will Bring Its AI Features To These Old Galaxy
Will AI Take Jobs? Microsoft CEO Satya Nadella Explains
Meta To Start Labelling AI-Generated Images on Its…
20 January 2024
One of Tietoevry’s several datacenters in Sweden has become partially subject to a ransomware attack. The incident is affecting the services for some of Tietoevry’s customers in Sweden on different levels.
Tietoevry has taken immediate and highest level of action to investigate, mitigate and resolve the situation. At this point, it is not possible to say how long the work will take.
We sincerely apologise for the inconvenience the situation is causing to our customers.
We are also working with the appropriate local authorities to address the situation.
For further information, please contact:
Tietoevry Newsdesk, +358 40 5704072, [email protected]