Latest coverage for Service Provider

Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the European Union. The two men were the focus of a 2025 KrebsOnSecurity story about how their hosting companies had assumed control over the technical infrastructure of Stark Industries Solutions, an Internet service provider sanctioned last year by the EU as a frequent staging ground for cyber mischief from Russia's intelligence agencies.

Russian Hybrid Warfare Illuminates Debate Over Defending Cyber Poor OperatorsA spate of pro-Russian hacktivists attacks against Polish water facilities have illuminated a debate about the best way to defend water utilities and other critical service providers below the cyber poverty line, meaning they face a threat that they cannot afford to defend against.

A previously unknown threat actor has been observed targeting government and military entities in Southeast Asia, alongside a smaller cluster of managed service providers (MSPs) and hosting providers in the Philippines, Laos, Canada, South Africa, and the U.S., by exploiting the recently disclosed vulnerability in cPanel

Berlin Proposes 3 Month Requirement to Store IP AddressesThe German government says it's unlocked the secret to passing a law that would require internet service providers to keep customer data without running afoul of privacy and security concerns that sunk earlier attempts. Critics say that's impossible

Ericsson data breach affects 15k employees/customers after third-party service provider compromise

Crooks used simple phone scam to compromise vendor account, spilling personal and financial data belonging to more than 15,000 people A voice-phishing scam targeting one of Ericsson's service providers has exposed the personal data of more than 15,000 individuals after attackers sweet-talked an employee into handing over access.…

Ericsson Inc., the U.S. subsidiary of Swedish networking and telecommunications giant Ericsson, says attackers have stolen data belonging to an undisclosed number of employees and customers after hacking one of its service providers. [...]

A China-linked advanced persistent threat actor tracked as UAT-9244 has been targeting telecommunication service providers in South America since 2024, compromising Windows, Linux, and network-edge devices. [...]

DIY store chain ManoMano is notifying customers of a data breach personal data, which was caused by hackers compromising a third-party service provider. [...]

The Chinese threat actor tracked as UNC3886 breached Singapore's four largest telecommunication service providers, Singtel, StarHub, M1, and Simba, at least once last year. [...]

Photo-sharing platform Flickr is notifying users of a potential data breach after a vulnerability at a third-party email service provider exposed their real names, email addresses, IP addresses, and account activity. [...]

Your cloud security must stand alone Partner Content As cloud adoption accelerates, many organizations are increasingly relying on the native security features offered by cloud service providers (CSPs). The ability to manage web application firewalls (WAF), data encryption, and key management (KMS) within a single provider ecosystem appears efficient and convenient. However, when security and reliability are viewed through the lens of enterprise risk management, this convenience may come at a significant cost.…

Just a few years ago, the cloud was touted as the “magic pill” for any cyber threat or performance issue. Many were lured by the “always-on” dream, trading granular control for the convenience of managed services

Lumen Spotted More Than 500 Command and Control Servers Since OctoberA major U.S. internet service provider said it's blocked incoming traffic to more than 550 command and control servers botnets identified over the past four months that administer the Kimwolf and Aisuru botnets.

A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider's own GitHub repositories, including its AWS JavaScript SDK, putting every AWS environment at risk

Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service (PBaaS) economy

Crimson Collective claims 'sophisticated attack' that allows them to 'disconnect every user from their mobile service' Internet service provider Brightspeed confirmed that it's investigating criminals' claims that they stole more than a million customers' records and have listed them for sale for three bitcoin, or about $276,370. …

More Than 100,000 Affected by Hack Detected on Dec. 30The New Zealand government is probing a year-end ransomware hack of private healthcare service provider Manage My Health that impacted thousands of patients. Digital extortion group Kazu has claimed responsibility and threatened to leak the data on Jan. 15 unless it receives a $60,000 ransom.

Most MSPs and MSSPs know how to deliver effective security. The challenge is helping prospects understand why it matters in business terms. Too often, sales conversations stall because prospects are overwhelmed, skeptical, or tired of fear-based messaging

The vulnerability, which was assigned two CVEs with maximum CVSS scores of 10, may affect more than a third of cloud service providers.