Major Spanish mobile carrier suffers three-hour outage after account takeover

One of Spain's biggest mobile carriers said it had restored services after a hacker caused an outage by manipulating crucial information about the company's internet infrastructure.
It was unclear if the internet outages directly affected the Madrid-based company's mobile phone service, but overall the internet-related outage lasted about three hours.
Cybersecurity experts who examined the incident marveled at some aspects of it.
Reports said that the initial breach was to the company's account on RIPE, the regional internet register for Europe.
First reported by BleepingComputer, the breach was claimed by a hacker who boasted of the attack on Twitter.
The attacker shared images of their administrative account access, and Orange España even responded to the tweet, acknowledging that it was addressing the issue.
With access to the RIPE account, the hacker was able to disrupt how Orange's internet addresses appeared to the Border Gateway Protocol, a cornerstone for the handling of global digital traffic.
BGP is essentially a set of rules that help determine the best routes for data.
More specifically, the hacker changed the autonomous system number associated with Orange's IP addresses.
When assigned properly, AS numbers allow networks to exchange information with the rest of the internet.
The attacker created an invalid Resource Public Key Infrastructure configuration for Orange.
RPKI is supposed to help secure BGP routing, but in this incident, the hacker used it to ensure that the switch to the AS number led to problems.
Internet access monitor Cloudflare said it observed a massive disruption to Orange's internet access and a 50% decrease in traffic.
Jonathan has worked across the globe as a journalist since 2014.
Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia.
He previously covered cybersecurity at ZDNet and TechRepublic.
Joe Warminsky is the news editor for Recorded Future News.
He has more than 25 years experience as an editor and writer in the Washington, D.C., area.
Most recently he helped lead CyberScoop for more than five years.
Prior to that, he was a digital editor at WAMU 88.5, the NPR affiliate in Washington, and he spent more than a decade editing coverage of Congress for CQ Roll Call.


This Cyber News was published on therecord.media. Publication date: Thu, 04 Jan 2024 16:10:29 +0000


Cyber News related to Major Spanish mobile carrier suffers three-hour outage after account takeover

Major Spanish mobile carrier suffers three-hour outage after account takeover - One of Spain's biggest mobile carriers said it had restored services after a hacker caused an outage by manipulating crucial information about the company's internet infrastructure. It was unclear if the internet outages directly affected the ...
10 months ago Therecord.media
Major T-Mobile outage takes down account access, mobile app - A major T-Mobile outage is preventing customers from logging into their accounts and using the company's mobile app. Customers saw a different error warning that the service routing the account. T-mobile.com host and the T-Mobile for Business ...
9 months ago Bleepingcomputer.com
Is Your Organization Infected by Mobile Spyware? - The surge in mobile device usage within organizations has inevitably opened the floodgates to a new kind of cyber threat-mobile spyware. The growing dependence on mobile technology has made it imperative for organizations to recognize and mitigate ...
10 months ago Blog.checkpoint.com
Ushering in the Next Phase of Mobile App Adoption: Bolstering Growth with Unyielding Security - In recent years, mobile apps have surged in popularity providing consumers with instant access to a variety of life essentials such as finances, education, and healthcare to life's pleasures such as shopping, sports, and gaming. With the popularity ...
10 months ago Cyberdefensemagazine.com
Mobile Insecurity: Unmasking the Vulnerabilities in Your Pocket - Mobile devices have become indispensable companions in our daily lives, offering us instant access to a world of information and services. On average, mobile users interact with more than 20 applications each day, making these handheld marvels ...
10 months ago Cyberdefensemagazine.com
Mobile Device Security: Protecting Your Smartphone - To ensure the safety of your smartphone and protect your personal data from unauthorized access, it is crucial to take proactive steps to enhance mobile device security. Enable device encryption: Enable device encryption on your smartphone to protect ...
9 months ago Securityzap.com
CVE-2023-38297 - An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of ...
6 months ago
SEC confirms X account was hacked in SIM swapping attack - The U.S. Securities and Exchange Commission confirmed today that its X account was hacked through a SIM-swapping attack on the cell phone number associated with the account. Earlier this month, the SEC's X account was hacked to issue a fake ...
9 months ago Bleepingcomputer.com
Google Fi User Data Breached Through T-Mobile Hack - According to Google Fi's email sent to its customers on Monday, a limited amount of their customer data was exposed in T-Mobile's breach after suspicious activity was noted in a system that contained Google Fi's customer data. Google Fi, Google's ...
1 year ago Hackread.com
FCC Warns Carriers to Protect Customers Against SIM Swaps - A month after issuing new rules to push back against SIM-swap and similar schemes, the Federal Communications Commission is warning mobile phone service providers of their obligations to protect consumers against the growing threat. SIM swapping - ...
10 months ago Securityboulevard.com
The Art of Securing Cloud-Native Mobile Applications - We will explore the dynamic intersection of cloud-native architecture and mobile application security, delving into the strategies and best practices essential for safeguarding sensitive data, ensuring user privacy, and fortifying against emerging ...
10 months ago Feeds.dzone.com
Top Security Trends and Predictions for 2024 - Approov stands at the forefront of mobile cybersecurity: Our expansive customer base, ongoing research initiatives and the insights we collect from our live threat metrics, give us unique visibility into trends in mobile security. First, let's talk ...
11 months ago Securityboulevard.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
Increase In Mobile Threats Calls for A Proactive Mindset. - Mobile threats are always evolving in the world of business. Threats to mobile security are increasing: More than 60% of cyber attacks now occur on mobile devices, including phishing and smishing scams and password theft within organisations. One ...
10 months ago Cyberdefensemagazine.com
Microsoft Teams outage causes connection issues, message delays - Microsoft is investigating an ongoing and widespread outage impacting the users of its Teams communication platform and causing connectivity issues, login problems, and message delays. While Redmond is still working on addressing these ongoing ...
9 months ago Bleepingcomputer.com
Majorca city Calvià extorted for $11M in ransomware attack - The Calvià City Council in Majorca announced it was targeted by a ransomware attack on Saturday, which impacted municipal services. Calvià is a historic town on the Spanish island of Majorca with a population of 50,000 and is one of Majorca's major ...
9 months ago Bleepingcomputer.com
Fewer cybersecurity professionals losing their jobs in breach 'blame' game - Cybersecurity job loss after a major incident is becoming less likely as organizations drop the "Blame" game for more practical approaches to breach prevention, a survey of 500 CISOs shows. More than 95% of CISOs reported their teams received greater ...
11 months ago Scmagazine.com
Unified Endpoint Management: What is it and What's New? - What began as Mobile Device Management has now transitioned through Mobile Application Management and Enterprise Mobility Management to culminate in UEM. This progression underscores the industry's response to the ever-growing challenges of modern IT ...
10 months ago Securityboulevard.com
Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide - In an era dominated by mobile technology, ensuring the security of consumer mobile devices has become paramount. Various certifications play a crucial role in establishing the trustworthiness of these devices, assuring users that their personal data ...
9 months ago Cybersecurity-insiders.com
Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide - In an era dominated by mobile technology, ensuring the security of consumer mobile devices has become paramount. Various certifications play a crucial role in establishing the trustworthiness of these devices, assuring users that their personal data ...
9 months ago Cybersecurity-insiders.com
Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide - In an era dominated by mobile technology, ensuring the security of consumer mobile devices has become paramount. Various certifications play a crucial role in establishing the trustworthiness of these devices, assuring users that their personal data ...
9 months ago Cybersecurity-insiders.com
Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide - In an era dominated by mobile technology, ensuring the security of consumer mobile devices has become paramount. Various certifications play a crucial role in establishing the trustworthiness of these devices, assuring users that their personal data ...
9 months ago Cybersecurity-insiders.com
Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide - In an era dominated by mobile technology, ensuring the security of consumer mobile devices has become paramount. Various certifications play a crucial role in establishing the trustworthiness of these devices, assuring users that their personal data ...
9 months ago Cybersecurity-insiders.com
Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide - In an era dominated by mobile technology, ensuring the security of consumer mobile devices has become paramount. Various certifications play a crucial role in establishing the trustworthiness of these devices, assuring users that their personal data ...
9 months ago Cybersecurity-insiders.com
Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide - In an era dominated by mobile technology, ensuring the security of consumer mobile devices has become paramount. Various certifications play a crucial role in establishing the trustworthiness of these devices, assuring users that their personal data ...
9 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)