Most mobile calls around the world are made over the Global System for Mobile Communications standard; in the US, GSM underpins any call made over AT or T-Mobile's network.
And the vulnerability has been around for decades.
Regular GSM calls aren't fully end-to-end encrypted for maximum protection, but they are encrypted at many steps along their path, so random people can't just tune into phone calls over the air like radio stations.
"GSM is a well documented and analyzed standard, but itâs an aging standard and it's had a pretty typical cybersecurity journey," says Campbell Murray, the global head of delivery for BlackBerry Cybersecurity.
"The weaknesses we found are in any GSM implementation up to 5G.
Regardless of which GSM implementation youâre using there is a flaw historically created and engineered that youâre exposing."
You know what that means: WIRED is back in Las Vegas for the annual Black Hat and Defcon security conferences, where weâre digging into the latest and greatest hacks on display.
A researcher found itâs possible to break into one just by sending a text message.
To help uncover similar vulnerabilities in the future, Apple is handing out new, hacker-friendly iPhones to its favorite security researchers, and paying up to $1.5 million in bug bounties.
Boeingâs 787 jets might not be very secure, it turns outâAndy Greenberg talked to a security researcher who found multiple serious flaws in the code for one of the planeâs components.
Lily Hay Newman also looked at two very old bugs that have continued to persist, one in desk phones and another in a ubiquitous encryption algorithm.
Lastly, check out this very cool fake hospital, where real medical devices get hacked on purpose.
But if voting machine security standards don't change by the 2020 presidential election, Sen. Ron Wyden warns, the consequences could be far worse than the cyberattacks in 2016.
The Democrat from Oregon, who is a member of the Senate Intelligence committee, told the Defcon hacking conference that US voting infrastructure was failing to keep elections secure from potential cyberattacks.
Wyden had proposed an election security bill requiring paper ballots in 2018.
A House bill passed ,but was blocked in the Senate by Mitch McConnell, the majority leader.
McConnell, a Republican from Kentucky, called it partisan legislation.
On Friday, Wyden blasted McConnell, calling him the reason why Congress hasn't been able to fix election security issues.
If you can pull off a very specific iPhone hack, Apple has a million dollars for you.
Apple announced a big changes to its bug-bounty program it launched in 2016.
The biggest is a new $1 million reward if you find a very specific exploit.
The $1 million will go to security researchers (or group of researchers) that are able to carry out a âzero-click full chain kernel execution attack with persistence,â Techcrunch reports.
Itâs an attack that would result in the hacker getting to the core of Appleâs operating system, iOS, and gaining control of the iPhone in question without any user interaction.
If someone (or several someones) are able to pull the hack off and share how they did with Apple, theyâll get $1 million.
Here's our gentle guide for you
Backgrounder Managed security services are â by revenue â the fastest expanding field of cyber security, according to IDC, which reckons they should grow at a compound annual growth rate of 14.2 per cent to 2022.
One is the continuing global shortage of cyber-security professionals that makes skilled staff difficult to find and expensive to hire.
Rather than go it alone, many have put their trust in managed security service providers (MSSPs), who they hope will have the knowledge and experience to help them avoid a costly data breach.
MSSPs routinely deliver a wealth of common security functions that include antivirus and spyware detection, web and email content filtering, endpoint protection, identity access management, virtual private network connectivity, and data encryption, to name just a few.
Patch management and upgrades are staple features of managed security services, along with monitoring and alerting tools for threat detection and weekly security reports.
Eighteen-year-old Bill Demirkapi, a recent high school graduate in Boston, Massachusetts, spent much of his latter school years with an eye on his own student data.
Through self-taught pen testing and bug hunting, Demirkapi found several vulnerabilities in a his schoolâs learning management system, Blackboard, and his school districtâs student information system, known as Aspen and built by Follett, which centralizes student data, including performance, grades, and health records.
The former student reported the flaws and revealed his findings at the Def Con security conference on Friday.
Among one of the more damaging issues Demirkapi found in Follettâs student information system was an improper access control vulnerability, which if exploited could have allowed an attacker to read and write to the central Aspen database and obtain any studentâs data.
Blackboardâs Community Engagement platform had several vulnerabilities, including an information disclosure bug.
A debugging misconfiguration allowed him to discover two subdomains, which spat back the credentials for Apple app provisioning accounts for dozens of school districts, as well as the database credentials for most if not every Blackboardâs Community Engagement platform, said Demirkapi.
Security researchers have warned that the humble desk phone could be putting businesses at risk of cyberattack.
According to new findings from McAfee, a decade-old bug found in an Avaya desk phone may allow hackers to hijack the device to capture audio, and even potentially bug the phone to listen in on conversations.
The model of phone in question (the Avaya 9600 series IP Deskphone) is reportedly used in 90 percent of Fortune 100 companies, as well as many more businesses of all sizes around the world.
McAfee says that the flaw is due to the presence of a Remote Code Execution (RCE) vulnerability in a piece of open source software that Avaya likely copied and modified 10 years ago, and then subsequently failed to apply appropriate security patches to.
The bug was first reported as affected the phone's Linux software back in 2009, yet its presence in the firmware remained unnoticed until now, demonstrating the potentially huge effect such devices could have on a company's cybersecurity.
âLegacy code and technical debt can be found everywhere in our increasingly connected world; if left unpaid, the resulting âinterestâ can be detrimental," said Raj Samani, chief scientist and McAfee fellow.
He was surprised to discover a fully unprotected server on Boeing's network, seemingly full of code designed to run on the company's giant 737 and 787 passenger jets, left publicly accessible and open to anyone who found it.
He suggests that for a hacker, exploiting those bugs could represent one step in a multistage attack that starts in the planeâs in-flight entertainment system and extends to highly protected, safety-critical systems like flight controls and sensors.
But he and other avionics cybersecurity researchers who have reviewed his findings argue that while a full-on cyberattack on a plane's most sensitive systems remains far from a material threat, the flaws uncovered in the 787's code nonetheless represent a troubling lack of attention to cybersecurity from Boeing.
An attacker could potentially pivot, Santamarta says, from the in-flight entertainment system to the CIS/MS to send commands to far more sensitive components that control the plane's safety-critical systems, including its engine, brakes, and sensors.
But he says his research nonetheless represents a significant step toward showing the possibility of an actual plane-hacking technique.
"IOActiveâs scenarios cannot affect any critical or essential airplane system and do not describe a way for remote attackers to access important 787 systems like the avionics system," the company's statement reads.
You know what that means: WIRED is back in Las Vegas for the annual Black Hat and Defcon security conferences, where weâre digging into the latest and greatest hacks on display.
A researcher found itâs possible to break into one just by sending a text message.
To help uncover similar vulnerabilities in the future, Apple is handing out new, hacker-friendly iPhones to its favorite security researchers, and paying up to $1.5 million in bug bounties.
Boeingâs 787 jets might not be very secure, it turns outâAndy Greenberg talked to a security researcher who found multiple serious flaws in the code for one of the planeâs components.
Lily Hay Newman also looked at two very old bugs that have continued to persist, one in desk phones and another in a ubiquitous encryption algorithm.
Lastly, check out this very cool fake hospital, where real medical devices get hacked on purpose.
But if voting machine security standards don't change by the 2020 presidential election, Sen. Ron Wyden warns, the consequences could be far worse than the cyberattacks in 2016.
The Democrat from Oregon, who is a member of the Senate Intelligence committee, told the Defcon hacking conference that US voting infrastructure was failing to keep elections secure from potential cyberattacks.
Wyden had proposed an election security bill requiring paper ballots in 2018.
A House bill passed ,but was blocked in the Senate by Mitch McConnell, the majority leader.
McConnell, a Republican from Kentucky, called it partisan legislation.
On Friday, Wyden blasted McConnell, calling him the reason why Congress hasn't been able to fix election security issues.
Apple is expanding the scope and the financial rewards of its bug bounty programme, offering up to $1 million to security researchers that find flaws in its full range of products.
The company launched a bug bounty programme for iOS three years ago, offering up to $200,000 to ethical hackers that responsibly reported vulnerabilities.
Now, the programme has been extended to cover Mac OS, Apple TV, Apple Watch and iPad OS.
At present, iPads run iOS, but a new operating system will be rolled out to compatible tablets later this year.
For all devices, the maximum $1 million bounty will be available to those who find advanced security flaws, while $500,000 will be given for reporting flaws that could potentially result in the loss of user data.
There will also be a 50 per cent bonus if the vulnerability is discovered in a beta version of any software.
Apple is giving away up to $1 million for cybersecurity experts who will find the loopholes in the security of the iPhone.
As the Reuters news agency reports, this is a slightly unusual initiative for Apple, which so far had offered rewards only to selected researchers.
This time, instead, the possibility will be for to all researchers and will not only concern iPhone and cloud backups but also Mac software and other areas.
Also varies the list of rewards made available to those who will make the most interesting discoveries from the point of view of security: the 1 million dollars will be won only by those who will find a way to access the kernel of an iPhone remotely without the need to take any action on the userâs smartphone.
To this end, Apple will provide researchers with special iPhones to facilitate their search for bugs.
It is, as anticipated, the highest reward that Apple has ever offered on this front.
A huge vulnerability in group dating app 3fun has been found by security researchers which allowed anyone to find the personal information, chat data, private photos, and real time location data of any of the other appsâ 1.5 million users.
The discovery was made by Pen Test Partners, who said that 3fun has âprobably the worst security for any dating app weâve ever seen.â
The discovery comes as dating apps are facing renewed scrutiny over the amounts of intensely personal information they hold about their users.
TechCrunch notes that multiple dating apps including Jewish dating app JCrush, conservative dating app Donald Daters, and Coffee Meets Bagel have all reported data breaches in the past couple of years, and there are ongoing concerns over Grindrâs ownership by a Chinese company.
Pen Test Partnerâs security researchers discovered that 3fun was storing its users location data in the app itself, rather than keeping it securely on its servers.
This meant it was a trivial task for the researchers to reveal the data on the client side, even when users are supposedly restricting their location data.
At the beginning of July, share price in Symantec surged north as the rumour mill started turning.
It was nothing but gossip at the time, though the first rumours have turned out to be true.
Broadcom is not giving-up on semiconductors whatsoever, but it is diversifying the revenue streams.
Adding Symantec into the mix simply continues the drive towards enterprise IT.
Looking at the investor presentation, in two and a half years Broadcom has undergone considerable evolution.
After the closure of the Symantec acquisition, semiconductors will account for 71% of the total revenues, with software solutions taking the remaining 29%.
Security researchers have cracked Appleâs FaceID biometric system yet again.
But thereâs an unusual caveat to this trick: to successfully unlock an iPhone, the attackers first need to make sure the victim is out cold.
The attack involves putting a pair of modified glasses on the victimâs face.
That, coupled with carefully placing a piece of tape over the glassesâ lenses, makes it possible to circumvent FaceID and log into a victimâs iPhone.
Of course, the exploit is fairly difficult to pull off considering the attackers would need to figure out how to put the glasses on a victim without waking them up.
The attack leverages a biometrics function called âlivenessâ detection, designed to tell apart âfakeâ versus ârealâ features on people.
Hackers have attempted to steal information from Chinese government employees by faking email login pages for several high profile agencies and state-owned enterprises, cybersecurity researchers say.
Why it matters: The apparent espionage attempt may be linked to an advanced persistent threat (APT) group, an organization that accesses private information for a prolonged period while remaining undetected.
The offensive began as early as the second half of 2018.
The hackers targeted Chinaâs Ministry of Foreign Affairs, state planner the National Development and Reform Commission, and the Ministry of Commerce, among others.
âBy stealing email credentials, and accessing internal email content, it would be possible to gain insight into what decisions are being made within the target organization and could lead to the theft of sensitive information.â
âCybersecurity researchers said in a report published on Thursday
Probably the worldâs most exclusive iPhone
Ivan KrstiÄ, Appleâs head of security engineering provided big insights into Appleâs platform security during his presentation at Black Hat U.S. 2019.
The pre-jailbroken device lacks some of the layers of security Apple wraps around iPhones, so it is much easier for researchers to explore these systems for security weaknesses.
[ Take this mobile device management course from PluralSight and learn how to secure devices in your company without degrading the user experience. ]
Similar devices are widely used in Appleâs factories for testing and quality control, which has spawned a black market in them among security researchers, governments and others -- they are often spirited out of factories for sale.
The idea is that by opening up the platform a little, security pros will find it worthwhile to probe it for vulnerabilities and the black market in such devices will erode.
Of course, these candidates practically donât exist, nor do they necessarily make strong team members.
As data science teams have grown, businesses have moved away from trying to find that one person to fill different roles; instead, companies have realized the benefits of hiring employees with specialized, complementary skills.
Data scientists are still in high demand.
It seems that no industry is immune to this data scientist shortage, as global companies continually seek qualified talent.
Bob Rogers, the chief data scientist at Intelâs Big Data Solutions, recognized this change back in 2015.
âBut, in any company, you wonât find just one data scientist doing it allâjust like Michael Jordan couldnât have scored so many points without Scotty Pippen at his side, data scientists all bring their own skills to the table that together build an ideal team.â
For all weâve made fun of Appleâs walled garden here, every once in a while, the company opens up just a bit.
Case in point: today the company revealed it would be producing a limited amount of iOS âSecurity Research Devices.â These appear to basically be iPhones with far deeper access than available to everyday users, including access to ssh, root shell, and âadvanced debug capabilities.â A jailbroken iPhone without having to do any jailbreaking.
Apple giving out pre-jailbroken research iPhones to security researchers starting next year, and will pay up to $1M for zero click remote chain with persistence pic.twitter.com/uiJNhb8AD8
â Billy Ellis @ Blackhat/Defcon (@bellis1000) August 8, 2019
The company made the announcement at the Black Hat conference today, an update to the bug bounty program it launched three years ago.
The deeper access should make researchersâ lives a lot easier, able to access deeper iOS functions without waiting for a jailbreak to be available for every update.
Now Apple is taking an unprecedented step: distributing a more hacker-friendly iPhone to its favorite researchers, letting them hack the phone on "easy mode" in the interests of making it harder for everyone else.
Its iOS bug bounty will pay out up to $1.5 million for a single attack technique that a researcher discovers and shares discreetly with Apple.
At the Black Hat security conference Thursday, Ivan KrstiÄ, Apple's head of security engineering and architecture, announced a broad revamping of the company's bug bounty program.
These devices will lack some layers of security protections so that their recipients may dig into the deeper, less examined core of the phone.
"We want to attract some of the exceptional researchers who have thus far been focusing their time on other platforms.
They'll also have debugging abilities that will allow researchers to easily scour the phone's code for flaws.
Apple is expanding the scope and the financial rewards of its bug bounty programme, offering up to $1 million to security researchers that find flaws in its full range of products.
The company launched a bug bounty programme for iOS three years ago, offering up to $200,000 to ethical hackers that responsibly reported vulnerabilities.
Now, the programme has been extended to cover Mac OS, Apple TV, Apple Watch and iPad OS.
At present, iPads run iOS, but a new operating system will be rolled out to compatible tablets later this year.
For all devices, the maximum $1 million bounty will be available to those who find advanced security flaws, while $500,000 will be given for reporting flaws that could potentially result in the loss of user data.
There will also be a 50 per cent bonus if the vulnerability is discovered in a beta version of any software.
A huge vulnerability in group dating app 3fun has been found by security researchers which allowed anyone to find the personal information, chat data, private photos, and real time location data of any of the other appsâ 1.5 million users.
The discovery was made by Pen Test Partners, who said that 3fun has âprobably the worst security for any dating app weâve ever seen.â
The discovery comes as dating apps are facing renewed scrutiny over the amounts of intensely personal information they hold about their users.
TechCrunch notes that multiple dating apps including Jewish dating app JCrush, conservative dating app Donald Daters, and Coffee Meets Bagel have all reported data breaches in the past couple of years, and there are ongoing concerns over Grindrâs ownership by a Chinese company.
Pen Test Partnerâs security researchers discovered that 3fun was storing its users location data in the app itself, rather than keeping it securely on its servers.
This meant it was a trivial task for the researchers to reveal the data on the client side, even when users are supposedly restricting their location data.
Security researchers have cracked Appleâs FaceID biometric system yet again.
But thereâs an unusual caveat to this trick: to successfully unlock an iPhone, the attackers first need to make sure the victim is out cold.
The attack involves putting a pair of modified glasses on the victimâs face.
That, coupled with carefully placing a piece of tape over the glassesâ lenses, makes it possible to circumvent FaceID and log into a victimâs iPhone.
Of course, the exploit is fairly difficult to pull off considering the attackers would need to figure out how to put the glasses on a victim without waking them up.
The attack leverages a biometrics function called âlivenessâ detection, designed to tell apart âfakeâ versus ârealâ features on people.
Probably the worldâs most exclusive iPhone
Ivan KrstiÄ, Appleâs head of security engineering provided big insights into Appleâs platform security during his presentation at Black Hat U.S. 2019.
The pre-jailbroken device lacks some of the layers of security Apple wraps around iPhones, so it is much easier for researchers to explore these systems for security weaknesses.
[ Take this mobile device management course from PluralSight and learn how to secure devices in your company without degrading the user experience. ]
Similar devices are widely used in Appleâs factories for testing and quality control, which has spawned a black market in them among security researchers, governments and others -- they are often spirited out of factories for sale.
The idea is that by opening up the platform a little, security pros will find it worthwhile to probe it for vulnerabilities and the black market in such devices will erode.
For all weâve made fun of Appleâs walled garden here, every once in a while, the company opens up just a bit.
Case in point: today the company revealed it would be producing a limited amount of iOS âSecurity Research Devices.â These appear to basically be iPhones with far deeper access than available to everyday users, including access to ssh, root shell, and âadvanced debug capabilities.â A jailbroken iPhone without having to do any jailbreaking.
Apple giving out pre-jailbroken research iPhones to security researchers starting next year, and will pay up to $1M for zero click remote chain with persistence pic.twitter.com/uiJNhb8AD8
â Billy Ellis @ Blackhat/Defcon (@bellis1000) August 8, 2019
The company made the announcement at the Black Hat conference today, an update to the bug bounty program it launched three years ago.
The deeper access should make researchersâ lives a lot easier, able to access deeper iOS functions without waiting for a jailbreak to be available for every update.
Apple is giving away up to $1 million for cybersecurity experts who will find the loopholes in the security of the iPhone.
As the Reuters news agency reports, this is a slightly unusual initiative for Apple, which so far had offered rewards only to selected researchers.
This time, instead, the possibility will be for to all researchers and will not only concern iPhone and cloud backups but also Mac software and other areas.
Also varies the list of rewards made available to those who will make the most interesting discoveries from the point of view of security: the 1 million dollars will be won only by those who will find a way to access the kernel of an iPhone remotely without the need to take any action on the userâs smartphone.
To this end, Apple will provide researchers with special iPhones to facilitate their search for bugs.
It is, as anticipated, the highest reward that Apple has ever offered on this front.
At the beginning of July, share price in Symantec surged north as the rumour mill started turning.
It was nothing but gossip at the time, though the first rumours have turned out to be true.
Broadcom is not giving-up on semiconductors whatsoever, but it is diversifying the revenue streams.
Adding Symantec into the mix simply continues the drive towards enterprise IT.
Looking at the investor presentation, in two and a half years Broadcom has undergone considerable evolution.
After the closure of the Symantec acquisition, semiconductors will account for 71% of the total revenues, with software solutions taking the remaining 29%.
Hackers have attempted to steal information from Chinese government employees by faking email login pages for several high profile agencies and state-owned enterprises, cybersecurity researchers say.
Why it matters: The apparent espionage attempt may be linked to an advanced persistent threat (APT) group, an organization that accesses private information for a prolonged period while remaining undetected.
The offensive began as early as the second half of 2018.
The hackers targeted Chinaâs Ministry of Foreign Affairs, state planner the National Development and Reform Commission, and the Ministry of Commerce, among others.
âBy stealing email credentials, and accessing internal email content, it would be possible to gain insight into what decisions are being made within the target organization and could lead to the theft of sensitive information.â
âCybersecurity researchers said in a report published on Thursday
Of course, these candidates practically donât exist, nor do they necessarily make strong team members.
As data science teams have grown, businesses have moved away from trying to find that one person to fill different roles; instead, companies have realized the benefits of hiring employees with specialized, complementary skills.
Data scientists are still in high demand.
It seems that no industry is immune to this data scientist shortage, as global companies continually seek qualified talent.
Bob Rogers, the chief data scientist at Intelâs Big Data Solutions, recognized this change back in 2015.
âBut, in any company, you wonât find just one data scientist doing it allâjust like Michael Jordan couldnât have scored so many points without Scotty Pippen at his side, data scientists all bring their own skills to the table that together build an ideal team.â
Now Apple is taking an unprecedented step: distributing a more hacker-friendly iPhone to its favorite researchers, letting them hack the phone on "easy mode" in the interests of making it harder for everyone else.
Its iOS bug bounty will pay out up to $1.5 million for a single attack technique that a researcher discovers and shares discreetly with Apple.
At the Black Hat security conference Thursday, Ivan KrstiÄ, Apple's head of security engineering and architecture, announced a broad revamping of the company's bug bounty program.
These devices will lack some layers of security protections so that their recipients may dig into the deeper, less examined core of the phone.
"We want to attract some of the exceptional researchers who have thus far been focusing their time on other platforms.
They'll also have debugging abilities that will allow researchers to easily scour the phone's code for flaws.