Security News

China's crackdown on cryptocurrencies has reached a new crescendo, with the nation's Ministry of Public Security on Wednesday proclaiming it has arrested over 1000 people and shut down 170 gangs that provided crypto-linked money-laundering services. Others are what China calls "Two cards" scammers, who funnel their ill-gotten gains to acquire phone cards that are shipped outside China, then use call credit stored in the cards to make scam calls back into the Middle Kingdom.

Their messages were some of 27 million that the FBI and law enforcement partners in Australia and elsewhere scooped up and decrypted, exposing global criminal networks to an unparallelled extent. FBI Special Agent Suzanne Turner said they were stunned at how openly traffickers exchanged information on the ANOM devices.

Police arrested more than 800 people worldwide in a huge global sting involving encrypted phones that were secretly planted by the FBI, law enforcement agencies said Tuesday. Australian police said the supposedly hardened encrypted devices were handed out to operatives within the mafia, Asian crime syndicates, drug cartels and outlaw motorcycle gangs as part of the elaborate FBI-led plot.

The Princeton team has a number of recommendations for T-Mobile and Verizon, noting that both carriers allow unlimited inquiries on their prepaid customer platforms online - meaning there is nothing to stop attackers from automating this type of number reconnaissance. The carriers could offer their own "Number parking" service for customers who know they will not require phone service for an extended period of time, or for those who just aren't sure what they want to do with a number.

The boffins' research paper, "Three Years Later: A Study of MAC Address Randomization In Mobile Devices And When It Succeeds," is scheduled to be presented at PETS, the Privacy Enhancing Technologies Symposium, in July, even though it will be four years later than the initial project [PDF]. Written by Naval Academy researchers Ellis Fenske, Dane Brown, Jeremy Martin, Travis Mayberry, Peter Ryan, and Erik Rye, the paper describes the analysis of 160 mobile phones and the extent to which these devices employ MAC address randomization to mitigate tracking vulnerabilities.

For Teams users, the new packages are specifically designed to complete the essential functionality of a fully integrated cloud communications platform by adding Unite's enterprise-grade business phone features to the Microsoft Teams business collaboration suite. This package is designed for business customers that are already using Teams for collaboration, but need the essential telephony features of a more robust business phone system.

In a research report published Thursday, cyber threat intelligence provider Check Point Research revealed certain details on a flaw it identified in 2020 in Qualcomm mobile station modem chips, including ones used in 5G devices. Mobile phone makers must apply the patch and roll out the fix to users, which means that any device not yet updated would still be vulnerable.

A high severity security vulnerability found in Qualcomm's Mobile Station Modem chips could enable attackers to access mobile phone users' text messages, call history, and listen in on their conversations. Qualcomm MSM is a series of 2G, 3G, 4G, and 5G capable system on chips used in roughly 40% of mobile phones by multiple vendors, including Samsung, Google, LG, OnePlus, and Xiaomi.

A Reg reader recreated this scene in real life using his Samsung Galaxy A20 phone - and the severed tip of his index finger, parted from his hand thanks to an industrial accident involving a crane. "I extracted from its grave of medicinal alcohol, dried it off and... eureka! ... managed to register my dead finger on my phone."

A new academic study has highlighted a number of privacy and security pitfalls associated with recycling mobile phone numbers that could be abused to stage a variety of exploits, including account takeovers, conduct phishing and spam attacks, and even prevent victims from signing up for online services. Nearly 66% of the recycled numbers that were sampled were found to be tied to previous owners' online accounts at popular websites, potentially enabling account hijacks by simply recovering the accounts tied to those numbers.