Author - Elvis

What is an IMSI catcher?

An IMSI catcher – also known as a cell-site simulator, fake cell tower, rogue base station, StingRay or dirtbox, to name a few of its many descriptors – is a portable device designed to mimic a real cell tower in order to capture cellular data (like locations and call/text metadata) from a connected smartphone. The device does this in part by “catching” the phone’s international mobile subscriber identity (IMSI). At a basic level, an IMSI catcher consists of two main [...]

Tough Economy Heightens Insider Threat

As companies downsize, they need to keep an eye out for disgruntled employees With a faltering economy resulting in increased jobs cuts and corporate belt tightening, security analysts are warning companies to be especially vigilant about protecting their data and networks against disgruntled employees. As it is, one of the biggest threats to corporate data and systems traditionally has come from insiders, who with their privileged access to data and systems have the potential ability to do more accidental or malicious [...]

Researchers: Wi-Fi Probe Requests Expose User Data

A group of academic researchers from the University of Hamburg in Germany has discovered that mobile devices leak identifying information about their owners via Wi-Fi probe requests. Mobile devices use these probe requests to receive information about nearby Wi-Fi access points and establish connections to them when a probe response is received. Attackers that can sniff network traffic, the academics say, can use these probe requests to track and identify devices, and even pinpoint their location. According to them, roughly a quarter [...]

Street-Level Surveillance

Cell-Site Simulators, IMSI Catchers, Dirtbox, Hellstorm,Fake Base Station are often used by intelligence and law enforcement agencies, however, legislation around the use of this technology is too ambiguous, so on multiple occasions the law has preferred to suspend proceedings offences containing evidence obtained by this means. Law enforcement agencies refuse to acknowledge the existence of such devices, although this is precisely one of the reasons why they are used in practice. Over the past few years’ surveillance using IMSI-catchers has [...]

BadUSB explained: How rogue USBs threaten your organization

The FBI has warned of an attack campaign that sends USB drives containing malicious software to employees. Here is what you need to know about BadUSB and mitigating its risks. In January 2022, the FBI issued a public warning over a USB attack campaign in which numerous USB drives, laced with malicious software, were sent to employees at organizations in the transportation, defense, and insurance sectors between August and November 2021. The USBs came with fake letters impersonating the Department [...]