#telecom-security — Public Fediverse posts

The FCC wants United States citizens to provide a valid ID to get a phone number.

I am providing multiple links to tell the whole story.

https://www.sgtreport.com/2026/05/the-fcc-wants-your-id-before-you-get-a-phone-number/

https://docs.fcc.gov/public/attachments/FCC-26-27A1.pdf

https://www.ecomm-alliance.org/blog/a-new-era-for-caller-id-and-consent/

#telecommunicationsindustry
#telecommunications
#TelecomInfrastructure
#telecomsecurity
#TelecommunicationsServicesIndustry
#knowyourcustomer
#fcc #fccpolicy #fccchairbrendancarr
#fccthreat

Citizen Lab exposes global telecom exploitation: multi-vector signalling & SIM-based tracking, operator infrastructure abused across 20+ countries; persistent campaigns reveal weak intercarrier OPSEC and urgent need for accountability. Read: https://citizenlab.ca/research/uncovering-global-telecom-exploitation-by-covert-surveillance-actors/ 🔍📡 #Surveillance #TelecomSecurity
#Privacy #Security

UNC3886 leveraged ORB infrastructure for stealthy telecom targeting.

Per Cyber Security Agency of Singapore:
• Zero-day firewall compromise
• Rootkit persistence mechanisms
• GOBRAT & TINYSHELL C2 nodes
• ORB-tagged IP clustering in Singapore ASNs
• NetFlow-confirmed router-to-ORB communications
• Pre-positioned reconnaissance

Attribution aligned with assessments from Mandiant linking activity to China-sponsored espionage.

ORB networks blur the line between botnets and residential proxy ecosystems, increasing attribution friction and collateral risk.

Defensive priorities:
• Threat intel enrichment
• Edge device patch enforcement
• ASN anomaly detection
• Zero-trust segmentation
• IoT telemetry visibility

How mature are ORB detection capabilities in your SOC?

Engage below.

Source: https://cyberpress.org/orb-networks-masks-attacks/

Follow @technadu for advanced threat analysis.

#ThreatIntel #UNC3886 #ORBNetworks #IoTSecurity #ZeroDay #C2Infrastructure #NetFlow #TelecomSecurity #BlueTeam #ThreatHunting #APTActivity #CyberOperations #Infosec

Two former Cisco Networking Academy students have been linked to the Salt Typhoon campaign, which has compromised 80+ global telecom providers. Investigators say the attackers used technical skills learned directly from Cisco’s curriculum to target IOS and ASA devices.

This case reignites debate over whether corporate training programs in politically tense regions may inadvertently strengthen future threat actors.

Source: https://cybersecuritynews.com/chinese-hackers-attacking-cisco-devices/

Curious how the community views this risk.
Follow TechNadu for more verified cybersecurity reporting.

#CyberSecurity #Infosec #CiscoSecurity #ThreatIntel #SaltTyphoon #TelecomSecurity #SecurityResearch

DoT has clarified that the Telecom Cyber Security (TCS) Amendment Rules 2025 remain active, despite a duplicate Gazette publication being withdrawn.

The updates introduce MNV-based identity validation, enhanced IMEI verification for resold devices, and tighter coordination with TIUEs handling telecom identifiers - all with data-protection guardrails.

Thoughts from the security community on the practical impact?

Source: https://www.business-standard.com/industry/news/dot-withdraws-duplicate-notice-confirms-amended-cyber-security-rules-stand-125112700954_1.html

Follow @technadu for more vendor-neutral policy and infosec reporting.

#infosec #cybersecurity #telecomsecurity #DoT #DigitalIndia #fraudprevention #policy

Ribbon Communications was breached by nation-state hackers who lurked undetected for months—revealing just how deep and stealthy modern cyber espionage can be. How vulnerable is our digital infrastructure?

https://thedefendopsdiaries.com/inside-the-ribbon-communications-breach-anatomy-of-a-nation-state-cyberattack/

#nationstateattack
#cyberespionage
#telecomsecurity
#cyberthreats
#ribboncommunications

A global scam network renting out tens of thousands of phone numbers—Europol’s SIMCARTEL bust uncovered glaring telecom vulnerabilities and sparked international teamwork against cybercrime. How will this change our digital world?

https://thedefendopsdiaries.com/europols-simcartel-takedown-a-blueprint-for-global-cybercrime-defense/

#cybercrime
#europol
#telecomsecurity
#publicprivatepartnership
#infosec
#simbox
#cybersecurity
#lawenforcement
#forensicanalysis

Weekly output: Ford’s EV strategy, Open RAN security risks, Waymo + Spotify

After a week and a half on the West Coast that began with Black Hat, I can now turn my attention to catching up on the talks I had to skip at that conference, since on-demand video is now available for all but a handful of its sessions. Video of some DEF CON talks is also now starting to pop up, and I’m looking forward in particular to seeing the Voting Village talks that I missed because I bugged out of Vegas Friday afternoon of that week.

Patreon readers got a recap of Black Hat that included some observations about Washington’s wilted presence at this security conference and the generally skeptical take of conference speakers on AI hype.

8/11/2025: Ford Announces $5B Plan to Make EVs Cheaper, Starting With $30,000 Pickup, PCMag

With PCMag’s automotive writer traveling, I stepped in to write this breakdown of the automaker’s ambitious plan to reinvent electric-vehicle production. I hope Ford can deliver on this, and I hope the coming family of cheaper EVs will include a four-door hatchback (even if they call it an SUV or a crossover because it’s a little taller than a sedan).

8/14/2025: Researchers recap some security downsides to open RAN, Light Reading

This Black Hat briefing on Thursday of the previous week about possible vulnerabilites in Open RAN (Radio Access Network) sites went much deeper in the weeds than I usually get when covering telecom infrastructure. So I took an extra couple of days to look over the presentation again, read the reports linked to from it, listen again to my recording of the session, and briefly quiz researchers Tianchang Yang and Kai Tu over e-mail. And then I somehow typed two numbers wrong in the same graf, both of which I’d had correct in my notes. Fortunately, my editor quickly fixed those flubs after Yang brought them to my attention.

8/16/2025: Waymo Picks Up Spotify: Cue Up Personal Playlists on Robotaxi Rides, PCMag

I found out about this change to the Waymo ride experience not from one of that Alphabet subsidiary’s social-media posts, a note from any of its publicists, or an announcement on its site, but from an e-mail I got as a Waymo customer Friday morning. I felt a little bad learning that Waymo had posted this news on four different social platforms Tuesday, but then I realized that earlier news coverage had not mentioned Waymo’s removal of online documentation about an older, jankier way to play music from your phone through a Waymo robotaxi’s speakers.

#5G #BlackHat #correction #electricCars #electricVehicles #EVs #Ford #OpenRAN #robotaxi #Spotify #streamingMusic #telecomSecurity #Waymo

The FBI is sounding the alarm: state-backed hackers are using custom malware and zero-day exploits to slip past telecom defenses. How are these tactics evading detection, and what does it mean for our security? Read more.

https://thedefendopsdiaries.com/unmasking-salt-typhoon-the-cyber-threat-to-telecom-networks/

#salt_typhoon
#cybersecurity
#telecomsecurity
#apt
#malware

Hackers Using VPNs To Exploit Restrictions & Steal Mobile Data https://gbhackers.com/hackers-vpns-exploit-restrictions-steal-data/ #CyberSecurityNews #TelecomSecurity #cybersecurity #VPNExploits #DataTheft #vpn

RT by @enisa_eu: Erka Koivunen, CISO at Finavia - speaks about the evolution of crypto, at the ENISA Telecom security forum, here in Helsinki: "We are now in the golden age of encrypted communications." #telecomsecurity #cybersecurity @ekoivune @enisa_eu

[2024-05-15 07:10 UTC]

Today is starting the 13th edition of GISEC GLOBAL, the Middle East and Africa’s largest cybersecurity event. 🛡 🤝 Join us there with other industry leaders, startups, and experts to drive innovation in cybersecurity.

#GISECGLOBAL #CybersecurityEvent #GISEC2024 #DubaiCybersecurity #MEAcybersecurity #CyberInnovation #CyberTechExpo #CISOsUnite #CyberSecLeaders #BFSIcyber #OilGasCyber #TelecomSecurity #DefenceCyber #CyberCompetitions #HackDemonstrations #CyberInsights

https://www.relianoid.com/about-us/events/gisec-global-dubai-2024/

🚀 5G Security - entdecke pySCASso: Ein Python-Framework zur Automatisierung von GSMA NESAS SCAS Tests! Vom Team BSI entwickelt als Blaupause und Beispiel, lädt es zum Stöbern, zur Inspiration und zur Zusammenarbeit ein. Plattformunabhängig – Produktagnostische Testimplementierung - Minimalinvasiv. Besuche unser Projekt auf GitHub, um mehr zu erfahren und mitzuwirken: https://github.com/BSI-Bund/pySCASso #pySCASso #TelecomSecurity

"🔍 Unveiling Sandman APT: The Silent Menace Targeting Global Telcos 🎯"

SentinelLabs has unearthed a new threat actor dubbed Sandman APT, primarily targeting telecommunication providers across the Middle East, Western Europe, and South Asia. This enigmatic group employs a novel modular backdoor named LuaDream, utilizing the LuaJIT platform, a rarity in the threat landscape. The meticulous movements and minimal engagements hint at a strategic approach to minimize detection risks. The LuaDream malware, a well-orchestrated and actively developed project, is designed for system and user info exfiltration, paving the way for precision attacks. The intriguing part? The attribution remains elusive, hinting at a private contractor or a mercenary group akin to Metador. The activities observed are espionage-driven, with a pronounced focus on telcos due to the sensitive data they harbor. The meticulous design of LuaDream showcases the continuous innovation in the cyber espionage realm, urging for a collaborative effort within the threat intelligence community to navigate the shadows of the threat landscape.

Source: SentinelOne Labs

Tags: #SandmanAPT #LuaDream #TelecomSecurity #CyberEspionage #ThreatActor #CyberSecurity #LuaJIT #SentinelLabs #APT 🌐🔐🎯

Indicators of Compromise (IoCs):

• Domains: mode.encagil[.]com, ssl.explorecell[.]com
• File Paths: %ProgramData%\FaxConfig, %ProgramData%\FaxLib
• SHA1:
  • fax.dat: 1cd0a3dd6354a3d4a29226f5580f8a51ec3837d4
  • fax.Application: 27894955aaf082a606337ebe29d263263be52154
  • ualapi.dll: 5302c39764922f17e4bc14f589fa45408f8a5089
  • fax.cache: 77e00e3067f23df10196412f231e80cec41c5253
  • UpdateCheck.dll: b9ea189e2420a29978e4dc73d8d2fd801f6a0db2
  • updater.ver: fb1c6a23e8e0693194a365619b388b09155c2183
  • fax.module: ff2802cdbc40d2ef3585357b7e6947d42b875884

Author: Aleksandar Milenkoski, a seasoned threat researcher at SentinelLabs, has meticulously dissected the activities of Sandman APT, shedding light on the LuaDream backdoor. His expertise in reverse engineering and malware research is evident in the detailed analysis provided.

RT @marnixdekker: We kicked off the #ENISA Telecom security forum here in Lisbon - Trey Guinn @Cloudflare Field CTO, with a great talk about what is needed to have a secure global internet @treyguinn @enisa_eu #cybersecurity #telecomsecurity https://t.co/BvCQ8O6smK

🐦🔗: https://n.respublicae.eu/enisa_eu/status/1661323009674625029