CyberSecurityBoard
Sponsor Register Login

Vulnerability in Critical Cellular Devices Could Allow Snooping on Telecom Networks

A researcher has discovered a critical vulnerability in Baicells Technologies' wireless communication base stations that can be exploited to cause disruption in telecom networks or take complete control of data and voice traffic. Baicells Technologies is a US-based telecommunications equipment provider for 4G and 5G networks, with over 100,000 of its base stations deployed across 64 countries. The vulnerability, tracked as CVE-2023-24508, is a command injection vulnerability that can be exploited remotely without authentication by sending specially crafted HTTP requests to the targeted device. If exploited, an attacker can run shell commands with root privileges and take complete control of the device, shutting it down to cause disruption or obtaining information such as phone numbers, IMEI, and location data. According to the researcher, there are more than 1,150 devices exposed to the internet, mostly located in the United States. Baicells released a patch for the vulnerability on January 24, which affects Nova 227, 233, 243 and 246 base stations. The US Cybersecurity and Infrastructure Security Agency also released an advisory about the vulnerability. The researcher also recently discovered serious vulnerabilities in Econolite EOS traffic controller software, which can be exploited to control traffic lights.

This Cyber News was published on www.securityweek.com. Publication date: Mon, 06 Feb 2023 18:42:02 +0000


Cyber News related to Vulnerability in Critical Cellular Devices Could Allow Snooping on Telecom Networks

HackersEra Launches Telecom Penetration Testing to Eliminate Cyber Threats - Cybercriminals have attacked telecom infrastructure, particularly as it shifts to an IP-based design with the introduction of Long-Term Evolution networks, also referred to as LTE or 4G. Persistent attackers could spy on users' cellular networks and ...
11 months ago Cysecurity.news
Why cellular-first SASE is defining the future of distributed enterprises - Startups seeing double-digit growth rates tell VentureBeat that combining networking and security in the same platform is essential for protecting every identity, endpoint, and threat surface that gets exposed as their companies quickly grow. ...
6 months ago Venturebeat.com
Palo Alto Networks and IBM to Jointly Provide AI-Powered Security Offerings - PRESS RELEASE. SANTA CLARA, Calif. and ARMONK, N.Y., May 15, 2024 /PRNewswire/ - Palo Alto Networks, the global cybersecurity leader, and IBM, a leading provider of hybrid cloud and AI, today announced a broad-reaching partnership to deliver ...
7 months ago Darkreading.com
Wi-Fi 7's mission-critical role in enterprise, industrial networking - As we transition from Wi-Fi 6 to the more advanced Wi-Fi 7, we uncover the significant enhancements in speed, efficiency, and spectrum usage that set it apart from its predecessors. Rodrigues examines the crucial role of AI and machine learning in ...
11 months ago Helpnetsecurity.com
Claroty Team82: 63% of Known Exploited Vulnerabilities Tracked by CISA Are on Healthcare Organization Networks - PRESS RELEASE. NEW YORK and ORLANDO, Fla., March 12, 2024/PRNewswire/ -Claroty, the cyber-physical systems protection company, released today at the annual HIMSS24 conference a new report that uncovered concerning data about the security of medical ...
9 months ago Darkreading.com
Google Fi User Data Breached Through T-Mobile Hack - According to Google Fi's email sent to its customers on Monday, a limited amount of their customer data was exposed in T-Mobile's breach after suspicious activity was noted in a system that contained Google Fi's customer data. Google Fi, Google's ...
1 year ago Hackread.com
Vulnerability in Critical Cellular Devices Could Allow Snooping on Telecom Networks - A researcher has discovered a critical vulnerability in Baicells Technologies' wireless communication base stations that can be exploited to cause disruption in telecom networks or take complete control of data and voice traffic. Baicells ...
1 year ago Securityweek.com
CVE-2021-41769 - A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < ...
2 years ago
Future of wireless technology: Key predictions for 2024 - Wi-Fi technology continues to evolve in ways that anticipate the needs of consumers, businesses, enterprise verticals, smart cities, and service providers, according to the Wireless Broadband Alliance. Tiago Rodrigues, CEO of the Wireless Broadband ...
11 months ago Helpnetsecurity.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
TRAI Updates Regulations to Prevent SIM Swap Fraud in Telecom Porting - The Telecom Regulatory Authority of India recently announced updated regulations aimed at combating SIM swap fraud in the telecom sector. The TRAI highlighted that this measure is part of its broader efforts to address concerns related to fraudulent ...
9 months ago Cysecurity.news
Coming Soon to a Network Near You: More Shadow IoT - News of former Microsoft head of product Panos Panay's exit caused a small stir in the tech industry when it was learned he would join Amazon to lead that company's product division. Precisely what Amazon and Panay have in mind for that ecosystem has ...
11 months ago Securityweek.com
IoT Security for Business: Safeguarding Connected Devices - In this discussion, we will explore the significance of IoT security for businesses and effective strategies for safeguarding connected devices. With the increasing number of connected devices in business environments, the need for effective IoT ...
10 months ago Securityzap.com
Palo Alto Networks and Deloitte Expand Strategic Alliance Globally - 1, 2024 /PRNewswire/ -- Palo Alto Networks (NASDAQ: PANW) and Deloitte today announced an expansion of their strategic alliance into EMEA and JAPAC regions, making Palo Alto Networks® AI-powered cybersecurity solutions and joint offerings available ...
2 months ago Darkreading.com
A Leader in 2024 Forrester Enterprise Firewall Solutions Wave - Palo Alto Networks has long recognized these challenges, which is why we’ve built a network security platform that not only protects but also fosters business growth and innovation in today’s complex environment. We believe the recognition of ...
2 months ago Paloaltonetworks.com
Nozomi Networks Delivers Multi-Spectrum Wireless Security Sensor for Global OT and IoT Environments - PRESS RELEASE. SAN FRANCISCO, January 24, 2024 - Nozomi Networks Inc., the leader in OT and IoT security, today introduced Guardian Air™, the industry's only wireless spectrum sensor purpose-built for OT and IoT environments worldwide. With 80 ...
10 months ago Darkreading.com
The Future of Modern Networks Is Automated Threat Intelligence. - Every new device added to the network, be it an employee home laptop, an IoT sensor, a machine vision camera, or a cloud-based server, brings a new security threat to the company. All of these changes are making network security a critical defense ...
11 months ago Cyberdefensemagazine.com
Cyber Insights 2023: ICS and Operational Technology - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. At the same time, ICS/OT is facing an expanding attack surface caused by ...
1 year ago Securityweek.com
IoT Security in the Age of Cyber Threats - These vast neural networks enable IoT devices to seamlessly connect the mundane and the sophisticated into the digital fabric of the internet. This range of devices includes everything right from kitchen appliances and industrial machinery to smart ...
11 months ago Feeds.dzone.com
Why BYOD Is the Favored Ransomware Backdoor - These devices exist outside of direct corporate management and provide a ransomware gang with unchecked platforms for encrypting data. Microsoft's fourth annual Digital Defense Report for 2023 reveals that 80% of all ransomware compromises come from ...
11 months ago Esecurityplanet.com
Vulnerability Recap 5/13/24: F5, Citrix & Chrome - The most dangerous vulnerabilities might be the lesser known Tinyproxy and Cinterion Cellular Modem flaws. The stress and high expense of attacks can be avoided by proactively tracking assets, staying informed, and allocating some resources to ...
7 months ago Esecurityplanet.com
Research Shows 163% ROI with Palo Alto Networks Software Firewalls - Good news is here for cloud and network security professionals who need proven, cost-effective solutions that substantially reduce downtime and breaches across a range of cloud and virtualized environments. Palo Alto Networks software firewalls not ...
1 year ago Paloaltonetworks.com
"Sierra:21" vulnerabilities impact critical infrastructure routers - A set of 21 newly discovered vulnerabilities impact Sierra OT/IoT routers and threaten critical infrastructure with remote code execution, unauthorized access, cross-site scripting, authentication bypass, and denial of service attacks. The flaws ...
1 year ago Bleepingcomputer.com
IoT Security: Safeguarding Business IoT Devices - The security of IoT devices is of utmost importance as businesses increasingly rely on them to streamline operations and enhance productivity. In this discussion, we will explore the importance of IoT security in safeguarding business IoT devices and ...
10 months ago Securityzap.com
What is WPA3? | Definition from TechTarget - WPA3 is designed to improve Wi-Fi security by enabling better authentication over WPA2, providing expanded cryptographic strength and increasing the resiliency of critical networks. The WPA3 protocol provides new features for personal and enterprise ...
2 months ago Techtarget.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)