#telecomsecurity — Public Fediverse posts

The FCC wants United States citizens to provide a valid ID to get a phone number.

I am providing multiple links to tell the whole story.

https://www.sgtreport.com/2026/05/the-fcc-wants-your-id-before-you-get-a-phone-number/

https://docs.fcc.gov/public/attachments/FCC-26-27A1.pdf

https://www.ecomm-alliance.org/blog/a-new-era-for-caller-id-and-consent/

#telecommunicationsindustry
#telecommunications
#TelecomInfrastructure
#telecomsecurity
#TelecommunicationsServicesIndustry
#knowyourcustomer
#fcc #fccpolicy #fccchairbrendancarr
#fccthreat

UNC3886 leveraged ORB infrastructure for stealthy telecom targeting.

Per Cyber Security Agency of Singapore:
• Zero-day firewall compromise
• Rootkit persistence mechanisms
• GOBRAT & TINYSHELL C2 nodes
• ORB-tagged IP clustering in Singapore ASNs
• NetFlow-confirmed router-to-ORB communications
• Pre-positioned reconnaissance

Attribution aligned with assessments from Mandiant linking activity to China-sponsored espionage.

ORB networks blur the line between botnets and residential proxy ecosystems, increasing attribution friction and collateral risk.

Defensive priorities:
• Threat intel enrichment
• Edge device patch enforcement
• ASN anomaly detection
• Zero-trust segmentation
• IoT telemetry visibility

How mature are ORB detection capabilities in your SOC?

Engage below.

Source: https://cyberpress.org/orb-networks-masks-attacks/

Follow @technadu for advanced threat analysis.

#ThreatIntel #UNC3886 #ORBNetworks #IoTSecurity #ZeroDay #C2Infrastructure #NetFlow #TelecomSecurity #BlueTeam #ThreatHunting #APTActivity #CyberOperations #Infosec

DoT has clarified that the Telecom Cyber Security (TCS) Amendment Rules 2025 remain active, despite a duplicate Gazette publication being withdrawn.

The updates introduce MNV-based identity validation, enhanced IMEI verification for resold devices, and tighter coordination with TIUEs handling telecom identifiers - all with data-protection guardrails.

Thoughts from the security community on the practical impact?

Source: https://www.business-standard.com/industry/news/dot-withdraws-duplicate-notice-confirms-amended-cyber-security-rules-stand-125112700954_1.html

Follow @technadu for more vendor-neutral policy and infosec reporting.

#infosec #cybersecurity #telecomsecurity #DoT #DigitalIndia #fraudprevention #policy

A global scam network renting out tens of thousands of phone numbers—Europol’s SIMCARTEL bust uncovered glaring telecom vulnerabilities and sparked international teamwork against cybercrime. How will this change our digital world?

https://thedefendopsdiaries.com/europols-simcartel-takedown-a-blueprint-for-global-cybercrime-defense/

#cybercrime
#europol
#telecomsecurity
#publicprivatepartnership
#infosec
#simbox
#cybersecurity
#lawenforcement
#forensicanalysis

Weekly output: Ford’s EV strategy, Open RAN security risks, Waymo + Spotify

After a week and a half on the West Coast that began with Black Hat, I can now turn my attention to catching up on the talks I had to skip at that conference, since on-demand video is now available for all but a handful of its sessions. Video of some DEF CON talks is also now starting to pop up, and I’m looking forward in particular to seeing the Voting Village talks that I missed because I bugged out of Vegas Friday afternoon of that week.

Patreon readers got a recap of Black Hat that included some observations about Washington’s wilted presence at this security conference and the generally skeptical take of conference speakers on AI hype.

8/11/2025: Ford Announces $5B Plan to Make EVs Cheaper, Starting With $30,000 Pickup, PCMag

With PCMag’s automotive writer traveling, I stepped in to write this breakdown of the automaker’s ambitious plan to reinvent electric-vehicle production. I hope Ford can deliver on this, and I hope the coming family of cheaper EVs will include a four-door hatchback (even if they call it an SUV or a crossover because it’s a little taller than a sedan).

8/14/2025: Researchers recap some security downsides to open RAN, Light Reading

This Black Hat briefing on Thursday of the previous week about possible vulnerabilites in Open RAN (Radio Access Network) sites went much deeper in the weeds than I usually get when covering telecom infrastructure. So I took an extra couple of days to look over the presentation again, read the reports linked to from it, listen again to my recording of the session, and briefly quiz researchers Tianchang Yang and Kai Tu over e-mail. And then I somehow typed two numbers wrong in the same graf, both of which I’d had correct in my notes. Fortunately, my editor quickly fixed those flubs after Yang brought them to my attention.

8/16/2025: Waymo Picks Up Spotify: Cue Up Personal Playlists on Robotaxi Rides, PCMag

I found out about this change to the Waymo ride experience not from one of that Alphabet subsidiary’s social-media posts, a note from any of its publicists, or an announcement on its site, but from an e-mail I got as a Waymo customer Friday morning. I felt a little bad learning that Waymo had posted this news on four different social platforms Tuesday, but then I realized that earlier news coverage had not mentioned Waymo’s removal of online documentation about an older, jankier way to play music from your phone through a Waymo robotaxi’s speakers.

#5G #BlackHat #correction #electricCars #electricVehicles #EVs #Ford #OpenRAN #robotaxi #Spotify #streamingMusic #telecomSecurity #Waymo

"🔍 Unveiling Sandman APT: The Silent Menace Targeting Global Telcos 🎯"

SentinelLabs has unearthed a new threat actor dubbed Sandman APT, primarily targeting telecommunication providers across the Middle East, Western Europe, and South Asia. This enigmatic group employs a novel modular backdoor named LuaDream, utilizing the LuaJIT platform, a rarity in the threat landscape. The meticulous movements and minimal engagements hint at a strategic approach to minimize detection risks. The LuaDream malware, a well-orchestrated and actively developed project, is designed for system and user info exfiltration, paving the way for precision attacks. The intriguing part? The attribution remains elusive, hinting at a private contractor or a mercenary group akin to Metador. The activities observed are espionage-driven, with a pronounced focus on telcos due to the sensitive data they harbor. The meticulous design of LuaDream showcases the continuous innovation in the cyber espionage realm, urging for a collaborative effort within the threat intelligence community to navigate the shadows of the threat landscape.

Source: SentinelOne Labs

Tags: #SandmanAPT #LuaDream #TelecomSecurity #CyberEspionage #ThreatActor #CyberSecurity #LuaJIT #SentinelLabs #APT 🌐🔐🎯

Indicators of Compromise (IoCs):

• Domains: mode.encagil[.]com, ssl.explorecell[.]com
• File Paths: %ProgramData%\FaxConfig, %ProgramData%\FaxLib
• SHA1:
  • fax.dat: 1cd0a3dd6354a3d4a29226f5580f8a51ec3837d4
  • fax.Application: 27894955aaf082a606337ebe29d263263be52154
  • ualapi.dll: 5302c39764922f17e4bc14f589fa45408f8a5089
  • fax.cache: 77e00e3067f23df10196412f231e80cec41c5253
  • UpdateCheck.dll: b9ea189e2420a29978e4dc73d8d2fd801f6a0db2
  • updater.ver: fb1c6a23e8e0693194a365619b388b09155c2183
  • fax.module: ff2802cdbc40d2ef3585357b7e6947d42b875884

Author: Aleksandar Milenkoski, a seasoned threat researcher at SentinelLabs, has meticulously dissected the activities of Sandman APT, shedding light on the LuaDream backdoor. His expertise in reverse engineering and malware research is evident in the detailed analysis provided.