Security News
Four Princeton University eggheads have published a report showing that the five major US mobile carriers implement weak authentication techniques, leaving customers vulnerable to SIM-swapping attacks that transfer victims' phone numbers to devices controlled by scammers. In a paper [PDF] titled, "An Empirical Study of Wireless Carrier Authentication for SIM Swaps," Kevin Lee, Ben Kaiser, Jonathan Mayer, and Arvind Narayanan looked at how AT&T, T-Mobile US, Tracfone, US Mobile, and Verizon Wireless handle requests to change the SIM card associated with mobile phone numbers.
Names, addresses, phone numbers, call and text message records and account PINs were all caught up in a cloud misconfiguration.
Companies subject to PCI DSS security requirements are audited once per year, yet many of these companies continue to be breached. It is not that PCI DSS fails, but that companies fail to maintain...
Many companies around the world that accept card payments are failing to continually maintain compliance with the PCI Data Security Standard, according to the new Verizon 2019 Payment Security...
Mobile carriers in the United States will finally offer a universal cross-carrier communication standard for the next-generation RCS messaging service that is meant to replace SMS and has the...
Vulnerabilities discovered by a security researcher in Verizon Wireless systems could have been exploited by hackers to gain access to 2 million customer contracts. read more
'Small Heart Attack' Incident Points to Problems Keeping Internet Infrastructure SecureCloudflare was unsparing in its criticism of Verizon over a BGP snafu that hampered 15 percent of its global...
C-level executives are 12 times more likely to be the target of social incidents and nine times more likely to be the target of social breaches. This is among the key findings of the latest...