Olivia
Online
Ah Med
@A_Web_Plus
Sec|Telco|RF enthusiast
Joined July 2016
1.4K Following
1.8K Followers
649 Posts
We’ve just published our latest research on mobile core robustness under malformed signaling.
It looks at how small deviations in signaling from UE or gNB perspectives can lead to crashes in core functions like AMF, SMF, and MME.
One malformed signaling message can crash core functions that are not directly exposed.
Our latest write-up shows how stateful fuzzing exposes AMF, SMF, and MME crash paths across 5G and 4G.
Proprietary does not mean fuzz tested.
https://t.co/VXJDcXGWHl
🚨New research reveals how two sophisticated surveillance actors exploited the global telecom ecosystem and, for the first time, directly links combined 3G and 4G network attacks to mobile operator infrastructure.
Full report 👇
https://t.co/NfBNUuewdj
Ever heard of a 5G SMF crash from an UE perspective? It exists, consider a malicious UE sending a malformed NAS SM message that will lead to a network outage.
More on https://t.co/u5oftaKK5V
Open source drives telecom innovation. It also needs real protocol security testing. Our latest Ella Core findings are on https://t.co/kumBnAzjEP #TelecomSecurity #OpenSourceSecurity
🚨 Many telco vulns never get CVEs.
Vendors delay, ignore, or silently patch.
Operators? Left in the dark.
At @p1security, we follow a 180-day disclosure policy—document and publish in our private VKB when silence persists.
🔗 https://t.co/x0RWI1gS0T
#CVE #TelecomSecurity #VKB
Last month with @rj_gallagher we published an investigation into the shady SMS market and its implications for security. For those who want to go deeper @gabriels_geiger and I have written a more technical briefing https://t.co/qaBkNCW99G
https://t.co/ziJIAVAf6E: this hits hard!
Together with the paper: https://t.co/ADkIdg6b7k. Nice research and results
As someone learning Erlang / Elixir for telecom applications, this is an interesting read about Ericsson's use (or lack) of the language they created.
https://t.co/ACVtftZ3N1
I recently found two very interesting Linux binaries uploaded to Virustotal.
I call this malware 'GTPDOOR'.
GTPDOOR is a 'magic/wakeup' packet backdoor that uses a novel C2 transport protocol: GTP (GPRS Tunnelling Protocol), silently listening on the GRX network (1/n) 🧵
1/11
Today, we’re releasing details of a small but interesting mobile #vulnerability called MMS Fingerprint, reportedly used by #NSOGroup.
How this might work, and how we found it, is a bit unusual.
https://t.co/Lvg85E6IAF
@EneaAB @josephfcox @rj_gallagher @campuscodi @lorenzofb
Excellent document detailing the many location possibilities targeting mobile phones and modems. While the focus here is how handsets are tracked on the battlefield, most of the techniques described are known to be used quite generally, outside of any war context too.
“A fix is long overdue for … the technical vulnerabilities at the heart of the world’s mobile communications networks.”
@RonDeibert and Gary Miller from @citizenlab on the security deficiencies associated with cell phone “roaming.” https://t.co/cII4BHi0yM
Opening Critical Infrastructure: The Current State of Open RAN Security https://t.co/HjcdmlS6Yg #InfoSec #CyberSecurity #OpenRAN #Security
2 recent articles on mobile interconnect (https://t.co/vOLYu5mpZP) and CDR (https://t.co/J3T02uth5q), which show how much subscribers are exposed: good reads.
NEW REPORT: Finding YouThe Network Effect of Telecommunications Vulnerabilities for Location Disclosure 👇
https://t.co/w1LEtx3s75
A year ago we revealed how Italian surveillance company Tykelab was using phone networks in the Pacific for global tracking operations. Our friends at @occrp have an update https://t.co/CZ6gTl1d2R
Android 14 introduces first-of-its-kind cellular connectivity security features
#MobileSecurity #AndroidSecurity by @Google https://t.co/s8owMmzuhp
Serious findings ! The list of critical vulns in the Exynos baseband published in the last Android bulletin is quite long after all: https://t.co/r1ZHljZmRo.
I guess the Internet-to-baseband vulns relate to IKEv2/IPsec.
Some thoughts on telecom components security evaluation and GSMA NESAS certification: https://t.co/7GhmHn71I0
P1 Security Lab is happy to release hermes-dec, an open-source disassembler and decompiler for the React Native Hermes bytecode: https://t.co/rLkP9HLS3a. We hope this will foster the security research around mobile apps based on this environment. #telecomsecurity #android #ios
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.5M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.4M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.5M followers
Taylor Swift
@taylorswift13
81.4M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.7M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.6M followers