Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label SIM. Show all posts

TRAI Updates Regulations to Prevent SIM Swap Fraud in Telecom Porting

 

The Telecom Regulatory Authority of India (TRAI) recently announced updated regulations aimed at combating SIM swap fraud in the telecom sector. According to the new regulations, telecom subscribers will be prohibited from porting out of their current network provider if they have recently "swapped" their SIM card due to loss or damage within the past seven days. 

This amendment is intended to prevent fraudulent activities by disallowing the issuance of a "unique porting code" (UPC), which is the initial step in changing providers using mobile number portability. 

The TRAI highlighted that this measure is part of its broader efforts to address concerns related to fraudulent and spam calls, which have been on the rise in recent years. In addition to SIM swap fraud, spam calls and messages have become a significant nuisance for telecom subscribers, leading to increased efforts by regulatory authorities to combat such activities. 

Previous anti-spam measures undertaken by TRAI include the establishment of a do-not-disturb registry, the release of an app for filing complaints against telemarketers, and the enforcement of regulations on transactional SMS messages by businesses. 

However, despite these efforts, fraudulent activities continue to pose challenges for both regulators and consumers. In addition to the prohibition on porting after SIM card swapping, TRAI has recommended to the Department of Telecommunications (DoT) the implementation of a feature that would display the legally registered name of every caller on recipients' handsets. This proposal aims to enhance transparency and enable recipients to identify the origin of incoming calls more accurately. 

However, the proposal has faced criticism on privacy grounds, with concerns raised about the potential misuse of caller identification information. To further address concerns related to fraudulent communication, the DoT has introduced its own portal called Chakshu for reporting suspected fraud communication. This platform allows users to report instances of suspected fraud, helping regulatory authorities to track and investigate fraudulent activities more effectively. 

Furthermore, the TRAI is considering a suggestion from the DoT regarding the verification of subscriber identity during the porting process. Currently, porting requires only the possession of an unblocked SIM, with know-your-customer (KYC) processes conducted anew. This policy has implications for minors and other dependents whose SIMs may not be registered in their names. 

The suggestion to double-check KYC during porting will be examined separately by TRAI. Overall, TRAI's efforts to strengthen regulations in the telecom sector aim to enhance security and protect consumers from fraudulent activities such as SIM swap fraud. By implementing measures to prevent unauthorized porting and enhancing transparency in caller identification, TRAI seeks to safeguard the interests of telecom subscribers in India. However, as fraudsters continue to evolve their tactics, regulatory authorities will need to remain vigilant and adapt their strategies accordingly to stay ahead of emerging threats.

Canadian Telecom Provider Telus is Reportedly Breached

 

One of Canada's biggest telecommunications companies, Telus, is allegedly investigating a system breach believed to be fairly severe when malicious actors exposed samples of what they claimed to be private corporate information online.

As per sources, the malicious actors posted on BreachForums with the intention of selling an email database that claimed to include the email addresses of every Telus employee. The database has a $7000 price tag. For $6,000, one could access another database purported to provide payroll details for the telecom companies' top executives, including the president.

A data bundle with more than 1,000 private GitHub repositories allegedly belonging to Telus was also offered for sale by the threat actor for $50,000. A SIM-swapping API was reportedly included in the source code that was for sale. SIM-swapping is the practice of hijacking another person's phone by switching the number to one's own SIM card.

Although the malicious actors have described this as a Complete breach and have threatened to sell everything connected to Telus, it is still too early to say whether an event actually happened at TELUS or whether a breach at a third-party vendor actually occurred.

A TELUS representative told BleepingComputer that the company is looking into accusations that some information about selected TELUS team members and internal source code has leaked on the dark web.

The Telus breach would be the most current in recent attacks on telecom companies if it occurred as the malicious actors claimed. Three of the biggest telecommunications companies in Australia, Optus, Telestra, and Dialog, have all been infiltrated by attackers since the beginning of the year.

Customer data was used in a cyberattack that affected the Medisys Health Group business of Telus in 2020. The company claimed at the time that it paid for the data and then securely retrieved it. Although TELUS is still keeping an eye on the potential incident, it has not yet discovered any proof that corporate or retail customer data has been stolen.



Apple Claims "SIM not Supported" Bug Hits iPhone 14 Series

Apple's 14th-generation iPhone launch has not gone all too well as anticipated. In its most recent announcement, Apple acknowledged that iPhone 14 users are affected by the SIM problem in iOS 16.

Apple has confirmed a new iOS 16 bug that is causing owners of the iPhone 14 inconvenience. A  message is displayed on their device that reads 'SIM not supported.' The business acknowledged the flaw and declared it is looking into the matter.

Apple strongly advises against restoring the device if the notice remains. The tech giant prefers that customers seek technical support from authorized Apple service providers or visit the nearest Apple Store. According to reports, Apple is developing a patch for this flaw and may deliver it by the end of the month.

Apple confirms in the memo that it is looking into the issue and that it is not a hardware-related one even if a fix is still pending. Since a software repair is possible, the affected iPhone 14 units would not need to be recalled. Apple advises iPhone 14 customers to wait until a fix is available because, occasionally, the error message will go away and the phones will start working normally again.

The business advised customers to 'upgrade to the current version of iOS to address the issue' if they experienced problems with Messages or FaceTime after configuring their new iPhone.

Apple stated that updating to the most recent version of iOS would fix any issues with iMessage and FaceTime not fully activating on the iPhone 14 and iPhone 14 Pro. 

Therefore, experts recommend holding off on upgrading to an iPhone 14 model until Apple has fixed more of these problems. The iOS 16.1 update is currently being developed by Apple and is anticipated to go live by the end of the month. The upcoming version will most likely include numerous new features, adjustments, and changes. A recent iOS 16.0.3 update from Apple is expected to fix a number of problems.

Laws Regulating SIM Card Registration may Violate Private Data

The law protecting personal data in the Philippines was in the works, and it was ultimately passed. A wave of data security breaches in the nation, according to the administration, makes the new data protection measures essential.

Although it's fair to be concerned about internet theft, a progressive group called Bagong Alyansang Makabayan (Bayan) warned on Monday that the new law requiring SIM card registration could be abused to invade people's privacy.

"While abandoning privacy is a more difficult reaction, we are aware of the latest worries around internet scams. Any policy that would jeopardize the right to privacy should be viewed as dangerous," according to Renato Reyes, secretary-general of the Bayan organization. The Philippine government has a long history of violating human rights.

"The SIM register could develop into a huge network of surveillance used against people. Given that the Philippine government has experienced data leaks in the past, the data that is collected might not be kept secure," Renato Reyes stated.

President Ferdinand Marcos gave the SIM card law his first official signature since assuming office on June 30 early that day. It demonstrated the purpose of the Marcos administration to safeguard Filipinos from cybercrime, as per House Speaker Ferdinand Martin Romualdez.

Users of mobile phones are required by Republic Act No. 11934 to register their SIM cards with telecommunications companies. They would then be required to present legitimate identification cards as well as a fully completed registration form.

Those who were unable to produce a legitimate ID might instead show a clearance from the National Bureau of Investigation, a police clearance, or a birth certificate that had been approved by the Philippine Statistics Authority and had an ID photo on it.

Since authorities will be able to determine the owner of a SIM card used for the commission of a crime, even terrorism, supporters of the proposal believe it may be a tool against internet scams. Legislators recently found during hearings on text scams and spam messages sent to cell phones that insufficient regulations made it difficult for law enforcement to pursue cybercriminals.

HPE Patches the Zero-Day Vulnerabiity in Systems Insight Manager Software for Windows

 

Hewlett Packard Enterprise (HPE) has released a security update to patch critical zero-day remote code execution (RCE) vulnerability in its HPE Systems Insight Manager (SIM) software for Windows that it initially revealed in December 2020.

HPE updated its original security advisory on Wednesday. However, the SIM hotfix update kit which resolves the flaw was published more than a month ago, on April 20. HPE SIM is a management and remote support automation tool for Windows and Linux intended to be used with the company's servers, storage, and networking products, including the HPE ProLiant Gen10 and HPE ProLiant Gen9. 

Security researchers labeled the flaw (CVE-2020-7200) as an ‘extremely high-risk’ flaw. It allows attackers with no privileges to remotely execute the code and is commonly found in the latest versions (7.6.x) of HPE’s SIM software and specifically targets the Windows version. This bug allows low-complexity attacks that don’t require user interaction.

“This module exploits this vulnerability by leveraging an outdated copy of Commons Collection, namely 3.2.2, that ships with HPE SIM, to gain remote code execution as the administrative user running HPE SIM,” according to Packet Storm. The lack of proper validation of user-supplied data can lead to the deserialization of untrusted data, enabling attackers to execute code on servers running vulnerable SIM software.

HPE has released a security advisory for the system admins who are unable to deploy the CVE-2020-7200 security update on vulnerable systems. To safeguard your devices, HPE has provided mitigation measures that involve removing the “Federated Search” & “Federated CMS Configuration” features that allowed the vulnerability.

System admins who use the HPE SIM management software have to use the following procedure to block CVE-2020-7200 attacks: 

1. Stop HPE SIM Service 

2. Delete file from sim installed path del /Q /F C:\Program Files\HP\Systems Insight Manager\jboss\server\hpsim\deploy\simsearch.war 

3. Restart HPE SIM Service

4. Wait for HPE SIM web page "https://SIM_IP:50000" to be accessible and execute the following command from command prompt. mxtool -r -f tools\multi-cms-search.xml 1>nul 2>nul

By following the above procedures system admins can be prevented from being exploited by potential attackers, it will also mean that HPE SIM users can no longer use the federated search feature.