Mobile 360 – Digital Societies
We are proud to say that on September 25, Positive Technologies, among other security experts, is speaking at a seminar at Mobile 360—Digital Societies held by GSMA in Kuala Lumpur.
Telco Transformation LATAM
On September 18, meet our CTO Dmitry Kurbatov at Telco Transformation LATAM in Rio, Brazil.
HITB GSEC SINGAPORE 2019
Diameter is an authentication, authorization and accounting protocol that is widely used between the LTE core nodes by mobile network operators. While multiple methods for connecting subscribers to networks have been used over the years – including exchange and SS7 – Diameter is the latest protocol. While security vulnerabilities in SS7 are well known, it’s often assumed that Diameter is more secure. In this talk, our expert will describe experience in creating a tool for fuzzing Diameter protocols.
While 5G communication technologies rollout is underway, the vast majority of subscribers everywhere are still using GSM and UMTS networks relying on SS7. Mobile operators have learned to protect from basic threats in 2G/3G signaling networks. However, new vulnerabilities in the SS7 protocol allow bypassing existing security of even the safest mobile operators.
Security BSides CDMX conference
On July 26 Sergey Puzankov, Lead Security Researcher at Positive Technologies will be discussing his latest research on how SS7 vulnerabilities are being used to bypass any protection tools at Security BSides CDMX conference.
MWC Shanghai 2019
On 27th June, MWC19 Shanghai attracted more than 60,000 attendees from 550 leading companies across the globe. Positive Technologies came together with industry heavyweight titans at the Mobile World Congress to discuss the latest innovations such as 5G, IoT, AI and big data which are transforming the future of mobile. At the event, Positive Technologies experts led by CTO Dmitry Kurbatov showcased the company's research, analytics and pentesting exercises which highlighted the security flaws within 5G. They explored ways to mitigate potential risks, avoid repeating security mistakes of the past, and how to arm themselves against the myriad of challenges in the future
Positive Technologies researchers have discovered a number of vulnerabilities in a ZTE wifi router, used by 750-800 thousand devices globally. On June 5, Jimmy Jones, Telecoms Security Lead at Positive Technologies, will speak at InfoSecurity Europe in London.
DEF CON China 2019
The mobile world is moving to 5G. However, there are billions of subscribers who still use old 2G and 3G networks. These networks rely on the SS7 (Signaling System #7) protocol stack that was developed in the 1970s. The SS7 stack was supposed to be used as an isolated network within a small club of large telephone operators, so nobody thought about upper-layer security mechanisms. Further development of SS7 brought the possibility of sending signaling traffic over IP networks. Thus, the SS7 stack got vulnerabilities “by-design” that allow an external intruder to perform such attacks as location tracking, service disruption, SMS and voice call interception. Mobile operators, equipment vendors, and non-commercial organizations (such as the GSMA - the association of mobile operators) are aware of the problem. They develop and implement security solutions mitigating threats from SS7 networks.
Cybersecurity from La Plata River
Positive Technologies took part in a telecom cybersecurity event at La Plata University, La Plata City (Argentina) on June 4–5. The company's experts surveyed the current state of security of signaling networks and attack statistics, in addition to holding a hands-on workshop on signaling protocol vulnerabilities.