#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Stingray spying tool | Breaking Cybersecurity News | The Hacker News

New Attacks Against 4G, 5G Mobile Networks Re-Enable IMSI Catchers

New Attacks Against 4G, 5G Mobile Networks Re-Enable IMSI Catchers

Feb 25, 2019
At NDSS Symposium 2019, a group of university researchers yesterday revealed newly discovered cellular network vulnerabilities that impact both 4G and 5G LTE protocols. According to a paper published by the researchers, " Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information, " the new attacks could allow remote attackers to bypass security protections implemented in 4G and 5G, re-enabling IMSI catching devices like " Stingrays " to intercept users' phone calls and track their location. Here below, we have described all the three attacks, how they work, what are their impacts, and why you should be concerned about these attacks. ToRPEDO Attack — Location Verification, DoS, Inject Fake Alerts Short for "TRacking via Paging mEssage DistributiOn," TorPEDO is the most concerning attack that leverages paging protocol, allowing remote attackers to verify a victim device's location, inject fabricated paging mess
New York Police Used Cell Phone Spying Tool Over 1000 Times Without Warrant

New York Police Used Cell Phone Spying Tool Over 1000 Times Without Warrant

Feb 12, 2016
The New York Police Department (NYPD) has admitted that it used controversial cell phone spying tool " Stingrays " more than 1,000 times since 2008 without warrants. In the documents obtained by the New York Civil Liberties Union (NYCLU) , the NYPD acknowledged that the department has used Stingrays to intercept personal communications and track the locations of nearby mobile phone users. What are Stingrays? In my previous article , I have explained the scope of Stingrays along with its working, how it cracks encryption and how the police agencies are using these cell phone spying devices equipped in its military surveillance technology DRTBox  in order to: Track people Intercept thousands of cellphone calls Quietly eavesdrop on conversations Eavesdrop on emails and text messages Stingrays are small cell phone surveillance devices that work by imitating cellphone towers, forcing all nearby phones to connect to them and revealing the owners' locat
How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

Feb 15, 2024SaaS Security / Risk Management
With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security (Wing), a SaaS security company, conducted an analysis of 493 SaaS-using companies in Q4 of 2023.  Their study reveals  how companies use SaaS today, and the wide variety of threats that result from that usage. This unique analysis provides rare and important insights into the breadth and depth of SaaS-related risks, but also provides practical tips to mitigate them and ensure SaaS can be widely used without compromising security posture.  The TL;DR Version Of SaaS Security 2023 brought some now infamous examples of malicious players leveraging or directly targeting SaaS, including the North Korean group UNC4899, 0ktapus ransomware group, and Russian Midnight Blizzard APT, which targeted well-known organizat
Police Using Planes Equipped with Dirtbox to Spy on your Cell Phones

Police Using Planes Equipped with Dirtbox to Spy on your Cell Phones

Jan 29, 2016
The Anaheim Police Department of California — Home of Disneyland — admitted that they used special Cell Phone surveillance technology, known as DirtBox , mounted on aircraft to track millions of mobile users activities. More than 400 pages of new documents [ PDF ] published Wednesday revealed that Local Police and federal authorities are using, DRTBox , an advanced version of Dirtbox developed by Digital Receiver Technology ( Boeing's  Maryland-based  subsidiary ). DRTBox — Spies in the Sky DRTBox is a military surveillance technology that has capabilities of both Stingray as well as Dirtbox, allowing the police to track, intercept thousands of cellphone calls and quietly eavesdrop on conversations, emails, and text messages. According to the report, DRTBox model is also capable of simultaneously breaking the encryption hundreds of cellphone communications at once, helping Anaheim Police Department track criminals while recording innocent citizens' inform
cyber security

Are You Vulnerable to Third-Party Breaches Through Interconnected SaaS Apps?

websiteWing SecuritySaaS Security / Risk Management
Protect against cascading risks by identifying and mitigating app2app and third-party SaaS vulnerabilities.
Local Police Listening Your Cell-Phone Without a Warrant

Local Police Listening Your Cell-Phone Without a Warrant

Apr 10, 2015
By now, everyone knows that the major federal agencies and big organisations like FBI, NSA and CIA are spying on you under their massive global surveillance programmes. But here's the Kicker: Your local police might be spying on your activities, too. According to the recent details published by the New York Civil Liberties Union (NYCLU), the police department of Erie County, New York, has used the controversial " Stingray " spying tool nearly 46 times since 2010 without any warrant. Also, the police department of Baltimore used the latest version of the Stingray surveillance device, called Hailstorm , more than 4,000 times in recent years, reports the Baltimore Sun. Late last year, we reported how US Marshals Service gathered data from millions of mobile phones by using a little device, nicknamed " Dirtbox ," in order to track criminals while recording innocent citizens' information. Dirtbox was used in spy airplanes to mimic mobile phone
Cybersecurity Resources