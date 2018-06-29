Security: LTE, Ticketmaster, Equifax and the "51% Attack"
LTE wireless connections used by billions aren’t as secure as we thought
The attacks work because of weaknesses built into the LTE standard itself. The most crucial weakness is a form of encryption that doesn’t protect the integrity of the data. The lack of data authentication makes it possible for an attacker to surreptitiously manipulate the IP addresses within an encrypted packet. Dubbed aLTEr, the researchers’ attack causes mobile devices to use a malicious domain name system server that, in turn, redirects the user to a malicious server masquerading as Hotmail. The other two weaknesses involve the way LTE maps users across a cellular network and leaks sensitive information about the data passing between base stations and end users.
LTE (4G) Flaw Allows Attackers To Redirect Browsers And Spy On You
The Long Term Evolution (LTE) standard for mobile communication, also known as 4G was designed to overcome security flaws of its predecessor standards and is used by millions of people across the globe.
However, researchers have now uncovered weaknesses in LTE that allows attackers to hijack browsing session which redirects users to malicious websites and spy on their online activity to find out which sites they visit through their LTE device.
UK researcher says one line of code caused Ticketmaster breach
Well-known British security researcher Kevin Beaumont says the breach of the British operations of American multinational ticket sales and distribution company Ticketmaster, that has led to the possible leak of tens of thousands of credit card details, was caused by the incorrect placement of a single line of code.
As iTWire reported, Ticketmaster UK blamed third-party supplier Inbenta Technologies for the incident. Inbenta, in turn, said that the breach had been caused by Ticketmaster directly applying a customised piece of JavaScript without notifying its (Inbenta's) team.
Plant Your Flag, Mark Your Territory
Some examples of how being a modern-day Luddite can backfire are well-documented, such as when scammers create online accounts in someone’s name at the Internal Revenue Service, the U.S. Postal Service or the Social Security Administration.
Other examples may be far less obvious. Consider the case of a consumer who receives their home telephone service as part of a bundle through their broadband Internet service provider (ISP). Failing to set up a corresponding online account to manage one’s telecommunications services can provide a powerful gateway for fraudsters.
Former Equifax Manager Allegedly Took Advantage of Data Breach Crisis with Insider Trading Scheme
Federal prosecutors and the Securities and Exchange Commission (SEC) announced charges Thursday against a former software development manager who allegedly took advantage of the chaos in order to run an insider trading scheme. The defendant is Sudhakar Reddy Bonthu, 44.
Former Equifax manager is charged with insider trading for selling shares before data breach was disclosed
Sudhakar Reddy Bonthu allegedly made more than US$75,000 after betting that his company’s shares would fall when the breach was revealed
Cryptocurrencies Have Limits
The Economic Limits Of Bitcoin And The Blockchain by Eric Budish is an important analysis of the economics of two kinds of "51% attack" on Bitcoin and other cryptocurrencies, such as those becoming endemic on Bitcoin Gold and other alt-coins:
