#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

LTE Network Attacks | Breaking Cybersecurity News | The Hacker News

Category — LTE Network Attacks
New LTE Network Flaw Could Let Attackers Impersonate 4G Mobile Users

New LTE Network Flaw Could Let Attackers Impersonate 4G Mobile Users

Feb 26, 2020
A group of academics from Ruhr University Bochum and New York University Abu Dhabi have uncovered security flaws in 4G LTE and 5G networks that could potentially allow hackers to impersonate users on the network and even sign up for paid subscriptions on their behalf. The impersonation attack — named " IMPersonation Attacks in 4G NeTworks " (or IMP4GT ) — exploits the mutual authentication method used by the mobile phone and the network's base station to verify their respective identities to manipulate data packets in transit. "The IMP4GT attacks exploit the missing integrity protection for user data, and a reflection mechanism of the IP stack mobile operating system. We can make use of the reflection mechanism to build an encryption and decryption oracle. Along with the lack of integrity protection, this allows to inject arbitrary packets and to decrypt packets," the researchers explained. The research was presented at the Network Distributed System Se
Researchers Uncover New Attacks Against LTE Network Protocol

Researchers Uncover New Attacks Against LTE Network Protocol

Jun 30, 2018
If your mobile carrier offers LTE, also known as the 4G network, you need to beware as your network communication can be hijacked remotely. A team of researchers has discovered some critical weaknesses in the ubiquitous LTE mobile device standard that could allow sophisticated hackers to spy on users' cellular networks, modify the contents of their communications, and even can re-route them to malicious or phishing websites. LTE, or Long Term Evolution, is the latest mobile telephony standard used by billions of people designed to bring many security improvements over the predecessor standard known as Global System for Mobile (GSM) communications. However, multiple security flaws have been discovered over the past few years, allowing attackers to intercept user's communications, spy on user phone calls and text messages, send fake emergency alerts, spoof location of the device and knock devices entirely offline. 4G LTE Network Vulnerabilities Now, security researchers
Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Sep 10, 2024SaaS Security / Risk Management
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers.  Shadow apps may include instances of software that the company is already using. For example, a dev team may onboard their own instance of GitHub to keep their work separate from other developers. They might justify the purchase by noting that GitHub is an approved application, as it is already in use by other teams. However, since the new instance is used outside of the security team's view, it lacks governance. It may store sensitive corporate data and not have essential protections like MFA enabled, SSO enforced, or it could suffer from weak access controls. These misconfigurations can easily lead to risks like stolen source code and other issues. Types of Shadow Apps  Shadow apps can be categorized based on their interac
Expert Insights / Articles Videos
Cybersecurity Resources