|
Simjacker
Simjacker is a cellular software exploit for SIM Cards discovered by AdaptiveMobile Security. 29 countries are vulnerable according to ZDNet. The vulnerability has been exploited primarily in Mexico, but also Colombia and Peru, according to the Wall Street Journal, where it was used to track the location of mobile phone users without their knowledge. History The vulnerability was discovered and reported to the GSM Association through its Coordinated Vulnerability Disclosure process by Cathal Mc Daid of AdaptiveMobile Security in 2019. It was first reported publicly on 12th September 2019. A technical paper and presentation was made available at the VirusBulletin conference on 3rd October 2019. Technical information The attack works by exploiting a vulnerability in a UICC/SIM Card library called the S@T Browser. A specially formatted binary text message is sent to the victim handset, which contains a set of commands to be executed by the S@T Browser environment in the UIC ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
SIM Card
file:SIM-Karte von Telefónica O2 Europe - Standard und Micro.jpg, A typical SIM card (mini-SIM with micro-SIM cutout) file:Sim card.png, A smart card taken from a Global System for Mobile Communications, GSM mobile phone file:Simkarte NFC SecureElement.jpg, T-Mobile nano-SIM card with NFC capabilities in the SIM tray of an iPhone 6s file:Tf sim both sides.png, A TracFone Wireless SIM card has no distinctive carrier markings and is only marked as a "SIM card" A SIM card (full form Subscriber Identity Module or Subscriber Identification Module) is an integrated circuit (IC) intended to securely store the international mobile subscriber identity (IMSI) number and its related key, which are used to identify and authenticate subscribers on mobile telephony devices (such as mobile phones and computers). Technically the actual physical card is known as a universal integrated circuit card (UICC); this smart card is usually made of PVC with embedded contacts and semiconductors, with the S ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Mobile Phone
A mobile phone, cellular phone, cell phone, cellphone, handphone, hand phone or pocket phone, sometimes shortened to simply mobile, cell, or just phone, is a portable telephone that can make and receive calls over a radio frequency link while the user is moving within a telephone service area. The radio frequency link establishes a connection to the switching systems of a mobile phone operator, which provides access to the public switched telephone network (PSTN). Modern mobile telephone services use a cellular network architecture and, therefore, mobile telephones are called ''cellular telephones'' or ''cell phones'' in North America. In addition to telephony, digital mobile phones ( 2G) support a variety of other services, such as text messaging, multimedia messagIng, email, Internet access, short-range wireless communications (infrared, Bluetooth), business applications, video games and digital photography. Mobile phones offering only those capabilities are known as fea ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Software Exploit
An exploit (from the English verb ''to exploit'', meaning "to use something to one’s own advantage") is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a software bug, bug or vulnerability (computer science), vulnerability to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic (usually computerized). Such behavior frequently includes things like gaining control of a computer system, allowing privilege escalation, or a denial-of-service attack, denial-of-service (DoS or related DDoS) attack. In lay terms, some exploit is akin to a 'hack'. Classification There are several methods of classifying exploits. The most common is by how the exploit communicates to the vulnerable software. A ''remote exploit'' works over a network and exploits the security vulnerability without any prior access to the vulnerable system. A ''local exploit'' requires prior access to the vulnerable system and usu ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ZDNet
ZDNET is a business technology news website owned and operated by Red Ventures. The brand was founded on April 1, 1991, as a general interest technology portal from Ziff Davis and evolved into an enterprise IT-focused online publication. History Beginnings: 1991 to 1995 ZDNET began as a subscription-based digital service called "ZiffNet" that offered computing information to users of CompuServe. It featured computer industry forums, events, features and searchable archives. Initially, ZiffNet was intended to serve as a common place to find content from all Ziff-Davis print publications. As such, ZiffNet was an expansion on an earlier online service called PCMagNet for readers of PC Magazine. Launched in 1988, PCMagNet in turn was the evolution of Ziff Davis' first electronic publishing venture, a bulletin board, which launched in 1985. On June 20, 1995, Ziff-Davis announced the consolidation of its online information services under a single name, ''ZD Net''. The service had ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
The Wall Street Journal
''The Wall Street Journal'' is an American business-focused, international daily newspaper based in New York City, with international editions also available in Chinese and Japanese. The ''Journal'', along with its Asian editions, is published six days a week by Dow Jones & Company, a division of News Corp. The newspaper is published in the broadsheet format and online. The ''Journal'' has been printed continuously since its inception on July 8, 1889, by Charles Dow, Edward Jones, and Charles Bergstresser. The ''Journal'' is regarded as a newspaper of record, particularly in terms of business and financial news. The newspaper has won 38 Pulitzer Prizes, the most recent in 2019. ''The Wall Street Journal'' is one of the largest newspapers in the United States by circulation, with a circulation of about 2.834million copies (including nearly 1,829,000 digital sales) compared with ''USA Today''s 1.7million. The ''Journal'' publishes the luxury news and lifestyle magazine ' ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
GSMA
The GSM Association (commonly referred to as 'the GSMA' or ''Global System for Mobile Communications'', originally ''Groupe Spécial Mobile'') is an industry organisation that represents the interests of mobile network operators worldwide. More than 750 mobile operators are full GSMA members and a further 400 companies in the broader mobile ecosystem are associate members. The GSMA represents its members via industry programmes, working groups and industry advocacy initiatives. History The GSMA was formed in 1995 as the 'GSM MoU Association' as a body to support and promote mobile operators using the GSM (Global System for Mobile communications) standard for cellular networks. It traces its history back to a memorandum of understanding signed in 1987 by 13 operators in 12 countries that committed to deploying GSM for mobile services. Membership and governance Full membership of the GSMA is open to licensed mobile operators using a GSM family technology. Approximately 750 su ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Responsible Disclosure
In computer security, coordinated vulnerability disclosure, or "CVD" (formerly known as responsible disclosure) is a vulnerability disclosure model in which a vulnerability or an issue is disclosed to the public only after the responsible parties have been allowed sufficient time to patch or remedy the vulnerability or issue. This coordination distinguishes the CVD model from the " full disclosure" model. Developers of hardware and software often require time and resources to repair their mistakes. Often, it is ethical hackers who find these vulnerabilities. Hackers and computer security scientists have the opinion that it is their social responsibility to make the public aware of vulnerabilities. Hiding problems could cause a feeling of false security. To avoid this, the involved parties coordinate and negotiate a reasonable period of time for repairing the vulnerability. Depending on the potential impact of the vulnerability, the expected time needed for an emergency fix or wor ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Virus Bulletin
''Virus Bulletin'' is a magazine about the prevention, detection and removal of malware and spam. It regularly features analyses of the latest virus threats, articles exploring new developments in the fight against viruses, interviews with anti-virus experts, and evaluations of current anti-malware products. History and profile ''Virus Bulletin'' was founded in 1989 as a monthly hardcopy magazine, and later distributed electronically in PDF format. The monthly publication format was discontinued in July 2014 and articles are now made available as standalone pieces on the web site. The magazine was originally located in the Sophos headquarters in Abingdon, Oxfordshire in the UK. It was co-founded and is owned by Jan Hruska and Peter Lammer, the co-founders of Sophos. ''Virus Bulletin'' claims to have full editorial independence and not to favour Sophos products in its tests and reviews. Technical experts from anti-virus vendors have written articles for the magazine, which also c ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Universal Integrated Circuit Card
A GSM mobile phone file:SIM-DXAI20210313172217.jpg, alt=Black and white image of the contacts area of a SIM card showing the internal construction, X-Ray of a SIM card showing small rectangular semiconductor chip (central small rectangle) and 5 bond wires leading to the connection pads file:Vodafone New Zealand SIM circa 2002.jpeg">A 25 × 15 mm Vodafone New Zealand SIM card The universal integrated circuit card (UICC) is the smart card (integrated circuit card) used in mobile terminals in Global System for Mobile Communications, GSM and Universal Mobile Telecommunications System, UMTS networks. The UICC ensures the integrity and security of all kinds of personal data, and it typically holds a few hundred kilobytes. The official definition for UICC is found in ETSI TR 102 216, where it is defined as a "smart card that conforms to the specifications written and maintained by the ETSI Smart Card Platform project". In addition, the definition has a note that states that "UICC is n ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Text Messaging
Text messaging, or texting, is the act of composing and sending electronic messages, typically consisting of alphabetic and numeric characters, between two or more users of mobile devices, desktops/laptops, or another type of compatible computer. Text messages may be sent over a cellular network, or may also be sent via an Internet connection. The term originally referred to messages sent using the Short Message Service (SMS). It has grown beyond alphanumeric text to include multimedia messages using the Multimedia Messaging Service (MMS) containing digital images, videos, and sound content, as well as ideograms known as emoji ( happy faces, sad faces, and other icons), and instant messenger applications (usually the term is used when on mobile devices). Text messages are used for personal, family, business and social purposes. Governmental and non-governmental organizations use text messaging for communication between colleagues. In the 2010s, the sending of short informal mes ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
International Mobile Equipment Identity
The International Mobile Equipment Identity (IMEI) is a numeric identifier, usually unique, for 3GPP and iDEN mobile phones, as well as some satellite phones. It is usually found printed inside the battery compartment of the phone but can also be displayed on-screen on most phones by entering *#06# MMI Supplementary Service code on the dialpad, or alongside other system information in the settings menu on smartphone operating systems. GSM networks use the IMEI number to identify valid devices, and can stop a stolen phone from accessing the network. For example, if a mobile phone is stolen, the owner can have their network provider use the IMEI number to blacklist the phone. This renders the phone useless on that network and sometimes other networks, even if the thief changes the phone's subscriber identity module (SIM). Devices without a SIM card slot or eSIM capability usually don't have an IMEI code. However, the IMEI only identifies the device and has no particular rela ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
