John McAfee’ Twitter account hack: “Most likely my phone was compromised”

By Waqas
The official Twitter account of security guru John McAfee was apparently
This is a post from HackRead.com Read the original post: John McAfee’ Twitter account hack: “Most likely my phone was compromised”
Continue reading John McAfee’ Twitter account hack: “Most likely my phone was compromised”

Israeli Firm Offering WiFi Interception Service to Law Enforcement Agencies

By Waqas

Israel is home to world’s most advanced surveillance tools industry

This is a post from HackRead.com Read the original post: Israeli Firm Offering WiFi Interception Service to Law Enforcement Agencies

Continue reading Israeli Firm Offering WiFi Interception Service to Law Enforcement Agencies

How SS7 Flaw Can Be Used to Hack Gmail and Bitcoin Wallet

By Waqas
An old vulnerability in the Signalling System No. 7 (SS7)
This is a post from HackRead.com Read the original post: How SS7 Flaw Can Be Used to Hack Gmail and Bitcoin Wallet
Continue reading How SS7 Flaw Can Be Used to Hack Gmail and Bitcoin Wallet

Wyden demands answers from telecom giants, NSA over SS7 vulnerabilities

Democratic Sen. Ron Wyden is demanding to know how America’s largest telecommunications companies plan to stop hackers from exploiting vulnerabilities in an outdated mobile-data transfer framework that remains fundamental to how cellphones function. Wyden sent a series of letters Thursday to the chief executives of AT&T, Sprint, Verizon and T-Mobile to learn about their efforts to mitigate risks associated with weak points in Signaling System No 7, or SS7, a set of protocols that allow for different mobile phone networks to connect to one another. In addition, the Oregon senator sent a letter to the NSA director, Adm. Michael Rogers, requesting information about past attempts by adversaries to hack into SS7 for the purpose of spying on Americans, including military personnel, civilians and companies. The Daily Beast was the first to report on Wyden’s multiple letters. There are well-known security issues with SS7, including reported cases of intelligence agencies exploiting vulnerabilities in […]

The post Wyden demands answers from telecom giants, NSA over SS7 vulnerabilities appeared first on Cyberscoop.

Continue reading Wyden demands answers from telecom giants, NSA over SS7 vulnerabilities

Criminals are Now Exploiting SS7 Flaws to Hack Smartphone Two-Factor Authentication Systems

I’ve previously written about the serious vulnerabilities in the SS7 phone routing system. Basically, the system doesn’t authenticate messages. Now, criminals are using it to hack smartphone-based two-factor authentication systems: In short, the issue with SS7 is that the network believes whatever you tell it. SS7 is especially used for data-roaming: when a phone user goes outside their own provider’s… Continue reading Criminals are Now Exploiting SS7 Flaws to Hack Smartphone Two-Factor Authentication Systems

It finally happened: Criminals exploit SS7 vulnerabilities, prompting concerns about 2FA

Cybersecurity researchers warned us that this would happen, eventually. Earlier this year, hackers were able to remotely pilfer German bank accounts by taking advantage of vulnerabilities evident in an important yet outdated communications protocol known as Signaling System 7, or SS7, which enables global cellular networks to communicate with one another. The high-tech robbery, initially reported last week by German newspaper Süddeutsche Zeitung, represents the first known, real-world case of thieves exploiting SS7 to intercept confirmation codes that are typically sent by banks to validate actions taken by online banking customers. Recently disclosed intrusions showcase a unique and sophisticated hacking operation that leveraged a combination of both targeted phishing emails and SS7 exploits to essentially bypass two-factor authentication, or 2FA, protection. Telecommunications giant O2-Telefonica confirmed details of the SS7-based cyberattacks to Süddeutsche Zeitung. The multi-stage cybercrime campaign required that the hackers steal user credentials to access individual bank accounts in […]

The post It finally happened: Criminals exploit SS7 vulnerabilities, prompting concerns about 2FA appeared first on Cyberscoop.

Continue reading It finally happened: Criminals exploit SS7 vulnerabilities, prompting concerns about 2FA