From thehackernews.com
The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that threat actors “interfered” with at least 11 telecommunication service providers in the country between May and September 2023.
The agency is tracking the activity under the name UAC-0165, stating the intrusions led to service interruptions for customers.
The starting point of the attacks is a reconnaissance phase in which a telecom company’s network is scanned to identify exposed RDP or SSH interfaces and potential entry points.
“It should be noted that reconnaissance and exploitation activities are carried out from previously compromised servers located, in particular, in the Ukrainian segment of the internet,” CERT-UA said.