Washington Post: How the NSA infers relationships based on mobile location data from SS7 and GRX

May 4, 2014 | Posted in News | By

Comments Off on Washington Post: How the NSA infers relationships based on mobile location data from SS7 and GRX

A new article shows preoccupying combination of SS7 and GRX interception, OTT app HTTP calls eavedropping and datawarehousing to extract subscriber privacy details from Telecom and Mobile operators.

Washington Post: New documents show how the NSA infers relationships based on mobile location data.

 

Read More →

Belgacom hacks and spying show the needs to strongly improve telecom security

October 25, 2013 | Posted in News | By

Comments Off on Belgacom hacks and spying show the needs to strongly improve telecom security

“Several of us around the table had been subject to surveillance,” he told reporters.”The least we can expect is the countries and security services involve change their practices.”

“According to De Standaard, […] the spying was carried out by the U.S. National Security Agency and involved tracking international telephone calls for two years. It was focused on BICS, the Belgacom unit which provides wholesale telecom infrastructure services–in particular in Africa and the Middle East.”

Belgacom claims it was spied on by NSA.

Belgium latest to seek answers on spying allegations.

 

Read More →

France in the NSA’s crosshair : phone networks under surveillance

October 21, 2013 | Posted in News | By

Comments Off on France in the NSA’s crosshair : phone networks under surveillance

Le Monde article on NSA spying on France telecom networks based on Snowden leaks.

“According to the documents retrieved from the NSA database […] telephone communications of French citizens are intercepted on a massive scale.”

“The techniques used for these interceptions appear under the codenames ‘DRTBOX’ and ‘WHITEBOX’. Their characteristics are not known either. But we do know that, thanks to DRTBOX, 62.5 million data were collected in France and that WHITEBOX enables the recording of 7.8 million elements. ”

http://www.lemonde.fr/technologies/article/2013/10/21/france-in-the-nsa-s-crosshair-phone-networks-under-surveillance_3499741_651865.html

 

Read More →

New report: Is Huawei in Ericsson’s shoes when Athens Affair hit?

October 18, 2013 | Posted in News | By

Comments Off on New report: Is Huawei in Ericsson’s shoes when Athens Affair hit?

Huawei is trying to clear its name from the allegations of spying. But is Huawei really worse and compromised than Ericsson.

Ericsson backdoored products were used by intelligence agencies to spy on Greek government officials and hundred of VIP mobile phones, yet Ericsson did not suffer from the same level of ban and bad press that Huawei did get.

Is it a cultural bias against Huawei? A political and economical against chinese manufacturer? Or the level of compromission of Huawei is much higher, prompting this reaction.

Huawei is nevertheless trying to clear its name from these allegations with the following report “Cyber Security Perspectives” by John Suffolk, Huawei SVP & Global Cyber Security Officer.

PDF Report: Huawei Cyber Security White Paper (Oct. 2013)

Huawei: We are not spying on you.

 

Read More →

SIM Cards attacks using Over-the-Air Updates

July 22, 2013 | Posted in News | By

Comments Off on SIM Cards attacks using Over-the-Air Updates

The attack is a combination of both insecure communication method of SIM cards update with OTA STK procedure; and vulnerability in Java version running on the SIM card.

Industry reality is:

  • Number of affected card is not very high, limited to old cards. Often it’s 3DES being used.
  • The Binary SMS required to deliver the attack are often filtered at operator’s boundary, thus stopping the attack.

Hijacking SIM Cards through Over-the-Air Updates | Symantec Connect Community.

Rooting SIM cards.

DES encryption leaves SIM cards vulnerable to exploitation | ZDNet.

News and Threat Research Millions of SIM cards vulnerable to remote compromise | Fortinet Blog.

 

Read More →

Operation Tempora: GCHQ taps fibre-optic cables for secret access to world’s communications | UK news | The Guardian

June 21, 2013 | Posted in News | By

Comments Off on Operation Tempora: GCHQ taps fibre-optic cables for secret access to world’s communications | UK news | The Guardian

Operation Tempora: GCHQ taps fibre-optic cables for secret access to world’s communications.

“Britain’s spy agency GCHQ has secretly gained access to the network of cables which carry the world’s phone calls and internet traffic”.

“The sheer scale of the agency’s ambition is reflected in the titles of its two principal components: Mastering the Internet and Global Telecoms Exploitation, aimed at scooping up as much online and telephone traffic as possible. ”

“GCHQ was handling 600m “telephone events” each day, had tapped more than 200 fibre-optic cables and was able to process data from at least 46 of them at a time.”

GCHQ taps fibre-optic cables for secret access to world’s communications | UK news | The Guardian.

Read More →

Kindsight Protecting Mobile Subscribers solution now part of Alcatel Lucent

April 2, 2013 | Posted in News | By

Comments Off on Kindsight Protecting Mobile Subscribers solution now part of Alcatel Lucent

Kindsight Protecting Mobile Subscribers solution has been acquired beginning of April by Alcatel Lucent to improve its capability with detection and remediation of mobile subscriber security problems.

Protecting Mobile Subscribers | Kindsight.

Read More →

O2 is terminating Ericsson CUD systems due to crashes

October 17, 2012 | Posted in News | By

Comments Off on O2 is terminating Ericsson CUD systems due to crashes

O2 has said it its ripping out its Ericsson CUD systems after two failures caused loss of services to customers resulting in reputational and financial damage to the operator.

“(O2) CTO Derek McManus, writing on a company blog, said, “We are removing the Central User Database provided by one of our suppliers, which has suffered two different faults in the last few months. We are not prepared to risk this happening to our customers for a third time and are implementing a proven alternative solution.”  That central user database refers to the Ericsson-supplied database that was blamed by O2 for its July outage. ”

http://www.mobileeurope.co.uk/News-Analysis/o2-to-replace-ericsson-cud-after-second-failure

 

Read More →

Huawei routers cracked open. The best backdoor may be a plausible-looking vulnerability

October 11, 2012 | Posted in News | By

Comments Off on Huawei routers cracked open. The best backdoor may be a plausible-looking vulnerability

Felix “FX” Lindner from Recurity / Phenoelit has found many vulnerabilities into the Huawei low-end to middle-end routers.

Huawei’s problem? It ain’t the secret backdoors but wide-open front doors | David Akin’s On the Hill.

FX’s slides on Huawei routers vulnerabilities

http://www.youtube.com/watch?v=w-K1YpJp07s

http://www.youtube.com/watch?v=KUC_FduwWxU

Read More →

Huawei: Former Pentagon analyst says China has backdoors to 80% of telecoms

July 14, 2012 | Posted in News | By

Comments Off on Huawei: Former Pentagon analyst says China has backdoors to 80% of telecoms

Allegation that Huawei and ZTE have backdoors to enable chinese covert access to telecom infrastructure.

Former Pentagon analyst: China has backdoors to 80% of telecoms | ZDNet.

Huawei and ZTE deny backdoor allegations | The Inquirer.

The Secret Ways of Little Known Chinese Telecoms Giant Huawei | SPIEGEL ONLINE.

Huawei: worried about cyber-espionage backdoors? You can look at our code | Ars Technica.

The nightmare backdoor , reflections on the case Huawei | Security Affairs.

Huawei Initiating Int’l Network Security Standards | PR site

U.S. lawmakers to American companies: Don’t do business with Huawei or ZTE | Killer Apps.

 

Read More →