SIM Cards attacks using Over-the-Air Updates
July 22, 2013 | Posted in News | By admin
Comments Off on SIM Cards attacks using Over-the-Air Updates
The attack is a combination of both insecure communication method of SIM cards update with OTA STK procedure; and vulnerability in Java version running on the SIM card.
Industry reality is:
- Number of affected card is not very high, limited to old cards. Often it’s 3DES being used.
- The Binary SMS required to deliver the attack are often filtered at operator’s boundary, thus stopping the attack.
Hijacking SIM Cards through Over-the-Air Updates | Symantec Connect Community.
DES encryption leaves SIM cards vulnerable to exploitation | ZDNet.
News and Threat Research Millions of SIM cards vulnerable to remote compromise | Fortinet Blog.
Huawei routers cracked open. The best backdoor may be a plausible-looking vulnerability
October 11, 2012 | Posted in News | By admin
Comments Off on Huawei routers cracked open. The best backdoor may be a plausible-looking vulnerability
Felix “FX” Lindner from Recurity / Phenoelit has found many vulnerabilities into the Huawei low-end to middle-end routers.
Huawei’s problem? It ain’t the secret backdoors but wide-open front doors | David Akin’s On the Hill.
FX’s slides on Huawei routers vulnerabilities
http://www.youtube.com/watch?v=w-K1YpJp07s
http://www.youtube.com/watch?v=KUC_FduwWxU