Security News

Boffins based in China and the UK have devised a telecom network attack that can expose call metadata during VoLTE/VoNR conversations. Researchers Zishuai Cheng and Baojiang Cui, with the Beijing University of Posts and Telecommunications, and Mihai Ordean, Flavio Garcia, and Dominik Rys, with the University of Birmingham, have found a way to access encrypted call metadata - VoLTE activity logs that describe call times, duration, and direction for mobile network conversations.

" I don't even think turning your cell phone off would help in this instance. Oh and do not think that "Turning the phone off" actually works, it does not, the phone remains powered up but supposadly in some quiescent mode.

The US government's New Year's resolution for 2023: no more TikTok at work. In an email to members and staff Tuesday, the Committee on House Administration banned the use of TikTok from House-managed mobile devices.

"You still have a lot of soldiers bringing cellphones to the frontline who want to talk to their families and they are either being intercepted as they go through a Ukrainian telecommunications provider or intercepted over the air," said Alperovitch. "That doesn't pose too much difficulty for the Ukrainian security services."

Argishti Khudaverdyan, the former owner of a T-Mobile retail store, was sentenced to 10 years in prison for a $25 million scheme where he unlocked and unblocked cellphones by hacking into T-Mobile's internal systems. "Removing the unlock allowed the phones to be sold on the black market and enabled T-Mobile customers to stop using T-Mobile's services and thereby deprive T-Mobile of revenue generated from customers' service contracts and equipment installment plans."

A high-risk stack overflow vulnerability may allow attackers to DoS or possibly even execute code remotely on Cisco 7800 and 8800 Series IP phones, the company has confirmed. Cisco's PSIRT is also aware that proof-of-concept exploit code is available for the vulnerability and that the flaw has been publicly discussed, but they are not aware of active attacks exploiting it.

Cisco has released a new security advisory warning of a high-severity flaw affecting IP Phone 7800 and 8800 Series firmware that could be potentially exploited by a remote attacker to cause remote code execution or a denial-of-service condition. The networking equipment major said it's working on a patch to address the vulnerability, which is tracked as CVE-2022-20968 and stems from a case of insufficient input validation of received Cisco Discovery Protocol packets.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products.With your permission we and our partners may use precise geolocation data and identification through device scanning.

According to research from cybersecurity company ESET, the APT 37 threat group used the newly discovered malware against very specific entities. The researchers say that the hackers delivered their commands to Dolphin by uploading them on Google Drive.