Telecommunications


  • Airports Council International and The Aviation Information Sharing and Analysis Center enter cooperative agreement

    January 23, 2020

    Airports Council International (ACI) World and A-ISAC announced today they have signed an agreement that better enables ACI members to join the A-ISAC for access to airport-specific cyber threat intelligence and actionable data that will enhance their ability to build cyber resiliency. Both organizations play an active role in supporting the global aviation network; by increasing ...

  • Ransomware hits Spanish companies sparking WannaCry panic

    November 4, 2019

    Two major Spanish companies have been hit by ransomware today. Both infections occurred on the same day, sparking memories of the WannaCry outbreak. Spain was one of the first countries alongside the UK, where the WannaCry ransomware infections were spotted for the first time back on May 12, 2017. Affected at the time were Spanish newspaper El ...

  • EU Report Highlights Cybersecurity Risks in 5G Networks

    October 14, 2019

    The extent with which 5G networks use software is one of the top security issues for mobile networks as well as devices and current technologies (for example, 3G, 4G) that use or incorporate it, according to an EU report supported by the European Commission and European Union Agency for Cybersecurity. 5G networks are unique compared to ...

  • New SIM card attack disclosed, similar to Simjacker

    September 27, 2019

    A team of security researchers has detailed a second SMS-based attack that can allow malicious actors to track users’ devices by abusing little-known apps that are running on SIM cards. This new attack, named WIBattack, is identical to Simjacker, an attack disclosed at the start of the month by mobile security firm AdaptiveMobile. Both attacks work in the ...

  • Simjacker attack exploited in the wild to track users for at least two years

    September 12, 2019

    Security researchers have disclosed today an SMS-based attack method being abused in the real world by a surveillance vendor to track and monitor individuals. “We are quite confident that this exploit has been developed by a specific private company that works with governments to monitor individuals,” security researchers from AdaptiveMobile Security said in a report released today. “We ...

  • A Chinese APT is now going after Pulse Secure and Fortinet VPN servers

    September 5, 2019

    A group of Chinese state-sponsored hackers is targeting enterprise VPN servers from Fortinet and Pulse Secure after details about security flaws in both products became public knowledge last month. The attacks are being carried out by a group known as APT5 (also known as Manganese), ZDNet has learned from sources familiar with the attacks. According to a ...

  • Adwind Remote Access Trojan Hits Utilities Sector

    August 19, 2019

    Attackers are targeting entities from the utility industry with the Adwind Remote Access Trojan (RAT) malware via a malspam campaign that uses URL redirection to malicious payloads. Adwind (also known as jRAT, AlienSpy, JSocket, and Sockrat) is distributed by its developers to threat actors under a malware-as-a-service (MaaS) model and it is capable of evading detection by most major anti-malware ...

  • Lax Telco Security Allows Mobile Phone Hijacking and Redirects

    May 9, 2019

    As anyone who has called into a bank or utility provider lately knows, security for customer service routines – the prescribed ways in which support reps verify the identity of customers that call in – are being continually upgraded. Two-factor authentication, voice passwords, various security questions (“what was the name of your first pet,” for ...

  • Metro Bank targeted with 2FA-bypassing SS7 attacks

    February 1, 2019

    Metro Bank has reportedly fallen victim to a sophisticated two-factor authentication (2FA) bypass attack after hackers infiltrated a telecoms firm’s text messaging protocol. The Signalling Systems No. 7 (SS7) protocol is used by telecom firms to coordinate how texts and calls are routed around the world. But according to Motherboard, hackers are more actively exploiting SS7, and ...

  • British spies ‘hacked into Belgian telecoms firm on ministers’ orders’

    September 21, 2018

    British spies are likely to have hacked into Belgium’s biggest telecommunications operator for at least a two-year period on the instruction of UK ministers, a confidential report submitted by Belgian prosecutors is said to have concluded. The finding would support an allegation made by the whistleblower Edward Snowden five years ago when he leaked 20 slides exposing the ...

  • Smartphones From 11 OEMs Vulnerable to Attacks via Hidden AT Commands

    August 25, 2018

    Millions of mobile devices from eleven smartphone vendors are vulnerable to attacks carried out using AT commands, a team of security researchers has discovered. AT (ATtention) commands, or the Hayes command set, is a collection of short-string commands developed in the early 1980s that were designed to be transmitted via phone lines and control modems. Different AT ...

  • T-Mobile Hacked — 2 Million Customers’ Personal Data Stolen

    August 23, 2018

    T-Mobile today confirmed that the telecom giant suffered a security breach on its US servers on August 20 that may have resulted in the leak of “some” personal information of up to 2 million T-Mobile customers. The leaked information includes customers’ name, billing zip code, phone number, email address, account number, and account type (prepaid or postpaid). However, the ...

  • Researchers Uncover New Attacks Against LTE Network Protocol

    June 29, 2018

    If your mobile carrier offers LTE, also known as the 4G network, you need to beware as your network communication can be hijacked remotely. A team of researchers has discovered some critical weaknesses in the ubiquitous LTE mobile device standard that could allow sophisticated hackers to spy on users’ cellular networks, modify the contents of their ...

  • Telco intercepts should be expanded to OTT providers: AGD

    May 14, 2018

    The Attorney-General’s Department (AGD) has argued in favour of extending Australia’s telecommunications interception laws from telcos to over-the-top providers. Speaking before the Joint Committee on Law Enforcement on Friday, AGD Assistant Secretary Andrew Warnes said this expansion would help combat the “challenge of encryption”. Read more… Source:  

  • China’s ZTE deemed a ‘national security risk’ to UK

    April 17, 2018

    Britain’s cyber-security watchdog has warned telecommunications companies against dealing with the Chinese manufacturer ZTE, citing “potential risks” to national security. The US commerce department has imposed a seven-year-ban on companies selling products and services to ZTE – which makes mobile phones and network equipment – alleging it failed to crack down on personnel who sold sensitive ...

  • DHS, FBI describe North Korea’s use of FALLCHILL malware

    November 14, 2017

    The North Korean government has likely been using the malware since 2016 to target the aerospace, telecommunications, and finance industries, the US government says. The federal government on Tuesday issued an alert detailing the North Korean government’s use of malware known as FALLCHILL, warning that North Korea has likely been using the malware since 2016 to target the ...

  • Hackers Can Silently Control Siri, Alexa & Other Voice Assistants Using Ultrasound

    September 6, 2017

    What if your smartphone starts making calls, sending text messages, and browsing malicious websites on the Internet itself without even asking you? This is no imaginations, as hackers can make this possible using your smartphone’s personal assistant like Siri or Google Now. A team of security researchers from China’s Zhejiang University have discovered a clever way of ...

  • Holiday cyber threat: GCHQ says take extra steps to secure smartphones

    August 26, 2017

    British holidaymakers should take extra measures to secure smartphones and laptops abroad following a series of cyber attacks on hotel Wi-Fi networks across Europe, GCHQ has warned. The agency’s National Cyber Security Centre (NCSC) said travellers should avoid “insecure” WiFi networks and set up “two-step verification” for emails, typically meaning that accounts can only be accessed using a ...

  • Telco sector’s new cyber regulation

    August 17, 2017

    The Federal Government has got new legislation through the Senate that will compel telcos to notify authorities when they make changes to their networks after a range of amendments were made that increase dialogue and decrease government over-reach. The Telecommunications Sector Security Reforms (TSSR) Bill passed through the Senate earlier this week and has been generally accepted ...

  • Many Factors Conspire in ICS/SCADA Attacks

    August 11, 2017

    Critical infrastructure operators can’t be blamed for a perpetual case of whiplash. They are mired between hackers targeting internet-facing and air-gapped systems with equal precision, and vendors and management unwilling to properly tackle security for fear of downtime and incompatibility. “The space of ICS/SCADA has not changed much, so you can find devices running old OSes ...