jm + telefonica   2

After years of warnings, mobile network hackers exploit SS7 flaws to drain bank accounts • The Register
Experts have been warning for years about security blunders in the Signaling System 7 protocol – the magic glue used by cellphone networks to communicate with each other. [...]

O2-Telefonica in Germany has confirmed to Süddeutsche Zeitung that some of its customers have had their bank accounts drained using a two-stage attack that exploits SS7.

In other words, thieves exploited SS7 to intercept two-factor authentication codes sent to online banking customers, allowing them to empty their accounts. The thefts occurred over the past few months, according to multiple sources.
o2  telefonica  germany  ss7  mobile  2fa  security  hacks  cellphones 
may 2017 by jm
Duplicate SSH Keys Everywhere
Poor hardware imaging practices, basically:
It looks like all devices with the fingerprint are Dropbear SSH instances that have been deployed by Telefonica de Espana. It appears that some of their networking equipment comes setup with SSH by default, and the manufacturer decided to re-use the same operating system image across all devices.
crypto  ssh  security  telefonica  imaging  ops  shodan 
february 2015 by jm

Copy this bookmark:



description:


tags: