telecommunications Archives

Winsage

June 12, 2025

UEFI Vulnerabilities Galore

The FAA is requesting a budget allocation of .0 billion for fiscal year 2026, in addition to a previously committed .0 billion, to address critical infrastructure needs. The agency aims to modernize its outdated telecommunications infrastructure, including the air traffic control (ATC) system, which currently relies on antiquated technology such as paper strips, floppy disks, and Windows 95 computers. The FAA has a four-year timeline for overhauling the ATC system, which poses significant challenges and risks to aviation safety. Additionally, there is a need to replace the existing radar system and transition to a modern IP-based network, requiring careful consideration of security measures and operational dynamics.

AppWizard

May 30, 2025

Vietnam to block messaging app Telegram over ‘anti-state’ contents

The Vietnamese government has instructed telecommunications companies to block the Telegram messaging app, citing security concerns and the dissemination of "anti-state" content. This directive was issued by the Telecommunications Department and requires service providers to report compliance by June 2. A document from the Ministry of Public Security indicated that 68% of approximately 9,600 Telegram channels and groups in Vietnam were classified as “bad and toxic,” involved in activities such as anti-state messaging, fraud, and drug trafficking. The government referenced Article 9 of the Telecommunications Law and Decree 147 to justify the ban, claiming Telegram had not complied with regulations. Despite the ban, Telegram remained accessible in Vietnam as of the report date. Telegram expressed surprise at the government's actions and confirmed it is responding to legal requests from Vietnam.

AppWizard

May 29, 2025

Vietnam orders ban on Telegram messaging app over security concerns

Vietnam's telecommunications providers have been instructed to block access to Telegram due to national security concerns and alleged non-compliance with local laws. The Ministry of Information and Communications claims that 70% of Telegram channels in Vietnam are linked to illicit activities, including fraud and drug trafficking. Officials allege that Telegram has failed to remove illegal content and provide user data for investigations. A spokesperson for Telegram stated that the company had responded to legal requests from Vietnam. Vietnam has a history of enforcing strict online content controls, previously threatening to block Facebook and discussing a ban on TikTok. Pavel Durov, the founder of Telegram, was arrested in France earlier this year over allegations related to cybercrime and expressed his commitment to improving the platform's security in light of its rapid user growth to 950 million.

AppWizard

May 26, 2025

Vietnam acts to block messaging app Telegram, government document seen by Reuters shows

Vietnam's technology ministry has instructed telecommunications providers to block the messaging app Telegram due to its lack of cooperation in addressing criminal activities by its users. A government document revealed that 68 percent of the 9,600 Telegram channels and groups in Vietnam violate local laws, involving serious offenses such as fraud, drug trafficking, and potential terrorism links. Service providers must implement blocking measures and report progress to the ministry by June 2.

AppWizard

May 24, 2025

Vietnam acts to block messaging app Telegram

Vietnam's technology ministry has instructed telecommunication service providers to block the messaging app Telegram due to its lack of cooperation in combating criminal activities among users. This directive, issued on May 21, mandates that service providers implement the block and report their actions by June 2. Findings from the cyber-security department indicated that 68% of the 9,600 Telegram channels and groups in Vietnam were violating laws, including serious offenses like fraud, drug trafficking, and suspected terrorism activities. A representative from the ministry confirmed the document's authenticity, citing Telegram's failure to provide user data during criminal investigations. As of the latest update, Telegram remained accessible in Vietnam despite the directive.

AppWizard

May 24, 2025

Vietnam orders ban on popular messaging app Telegram

Vietnam's Ministry of Science and Technology has accused the messaging app Telegram of not cooperating in addressing criminal activities conducted by its users. The ministry has instructed internet service providers to restrict Telegram's operations in the country, citing that nearly 70 percent of the 9,600 channels on the app disseminate harmful information and engage in illegal activities such as selling user data and drug trafficking. A Telegram representative stated the company has been timely in addressing legal requests from Vietnam and is processing a recent request. Despite the government's actions, Telegram was still accessible in Vietnam as of Friday. In Vietnam, approximately 11.8 million users use Telegram, while the app has nearly one billion users globally.

AppWizard

May 14, 2025

Marbled Dust leverages zero-day in Output Messenger for regional espionage

Since April 2024, the threat actor Marbled Dust has been exploiting a zero-day vulnerability (CVE-2025-27920) in the Output Messenger chat application, targeting user accounts that have not applied necessary fixes. This exploitation has resulted in the collection of sensitive data from users in Iraq, specifically linked to the Kurdish military. Microsoft has high confidence in this assessment and notes that Marbled Dust conducts reconnaissance to identify potential targets using Output Messenger. Marbled Dust has successfully utilized this vulnerability to deploy malicious files and exfiltrate data. Microsoft notified the application’s developer, Srimax, about the vulnerability, leading to the release of a software update. A second vulnerability (CVE-2025-27921) was also found, but no exploitation of this second flaw has been observed. The zero-day vulnerability allows an authenticated user to upload malicious files to the server's startup directory. Marbled Dust has exploited this flaw to place a backdoor file, OMServerService.vbs, in the startup folder, enabling them to access communications and sensitive data indiscriminately. The attack chain begins with Marbled Dust gaining access to the Output Messenger Server Manager, likely through DNS hijacking or other credential interception techniques. Once inside, they exploit the vulnerability to drop malicious files, including a GoLang backdoor, which connects to a Marbled Dust command-and-control domain for data exfiltration. To mitigate this threat, Microsoft recommends updating to the latest version of Output Messenger, activating various security protections, and implementing rigorous vulnerability management strategies. Microsoft Defender XDR customers can identify potential threat activity through specific alerts related to Marbled Dust and utilize advanced hunting queries for detection. Indicators of compromise include traffic to the domain api.wordinfos[.]com, associated with Marbled Dust activities.

AppWizard

March 25, 2025

Signal event: Why US and European officials rely on the messaging app

A recent incident involved The Atlantic's editor-in-chief in a Signal chat among senior officials from the Trump administration discussing military actions in Yemen. Signal was chosen for its robust security features, including end-to-end encryption that prevents interception by intermediaries. Signal operates as an independent non-profit, unlike WhatsApp, which is owned by Meta. Its popularity is growing in political circles, with recommendations from both the European Commission and Parliament for secure communications. The guidelines noted an increase in threats to telecommunications infrastructure and recommended Signal when corporate tools are unavailable. A recent leak of U.S. national defense plans was due to human error, not Signal's encryption flaws.

AppWizard

March 25, 2025

Signal is ‘as safe as messaging apps get’, but not for national security

End-to-end encrypted messaging app Signal is recognized for its security features but is advised against for use by government officials discussing national security. A breach occurred when members of former President Donald Trump's national security team mistakenly included a journalist in a group chat sharing sensitive military information. Cybersecurity experts express concerns about the potential legal implications of using apps like Signal for classified communications, as it could violate the Espionage Act. High-ranking officials were involved in this incident, which exposed sensitive details, including air-strike targets and the identity of a CIA officer. Typically, government officials use Secure Compartmentalized Information Facilities (SCIFs) for classified information, and there are specific government-approved systems for transmitting such information that do not include Signal.

Winsage

March 21, 2025

Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day

Trend Micro has identified a zero-day vulnerability in Microsoft Windows, tracked as ZDI-CAN-25373, which allows attackers to execute hidden malicious commands through .lnk files. This vulnerability has been exploited since 2017, primarily by state-sponsored groups, affecting at least 300 organizations and thousands of devices. North Korean groups APT43 and APT37 are mainly responsible for these exploits, with nearly half of the attacks linked to them. Other state-backed groups from Iran, Russia, and China account for about 20% of the attacks. Microsoft has advised users to be cautious with files from unverified sources but does not classify the issue as severe enough for immediate action. Trend Micro's research shows that attackers disguise malicious .lnk files as different file types, using hidden command line arguments. Microsoft acknowledges the research but downplays the implications, while experts suggest that addressing the vulnerability may require significant changes to .lnk file functionality.