Rich Tehrani : Communications and Technology Blog - Tehrani.com
Rich Tehrani
CEO
| Communications and Technology Blog - Latest news in IP communications, telecom, VoIP, call center & CRM space

Security

AdaptiveMobile: CSOs Flying Blind if They Can't Monitor Mobile Networks

October 8, 2017

SS7 is the signaling protocol for the world’s telecom networks and like the internet, it wasn’t really designed with security in mind. The assumption back in the day was the telecom operators were all trusted nodes on the network. It turns out over time, hackers have figured out how to penetrate the carrier network the way they have just about all others.

Bad actors can send spoofed SMS messages, track a user’s location or intercept messages used to authenticate a user as well as their phone calls.

Bitly Hack Destroys Trust in the Web

October 6, 2017



Bit.ly, the popular URL shortening service was hacked in 2014 and reports are now surfacing that millions of the these accounts are available online. This is an absolutely huge deal and will lead to the following problems:

  1. A total screw-up in how the Internet works in terms of links which are supposed to go to a certain place but will now be redirected to other locations. Let's say there are 10,000 clicks per year on a Bit.ly link each year. A person can take over the Bit.ly account and redirect this traffic elsewhere.
  2. A massive spread of malware will take place as hackers can redirect traffic to pages which are filled with malicious programs.
  3. A lost of trust in web links should take place as it is no longer safe to click on a link from a trusted source.




American Aerospace Technologies Provides Real-Time Imagery and Drone-Based LTE Service

October 2, 2017


The latest technology is changing the way companies, municipalities and other organizations are able to monitor critical infrastructure and provide communications in the aftermath of disasters such as the recent spate of hurricanes which have slammed our country and the Caribbean.

On June 20, airborne LTE connected first responders during a mock disaster exercise in Cape May County, N.J., to a first-of-its-kind “flying cell site,” which was mounted on a RS-20 long-endurance Unmanned Aerial System (UAS) and made calls, sent text messages, photos and video from a simulated “communications-denied” environment back to command centers across the state.  American Aerospace also assisted Cape May in securing FAA approval for the test use of an unmanned aircraft flying beyond the line of site to its land-based pilot and crew. Verizon was the wireless partner for this test providing their Airborne LTE Service.



This tweet has been sent via @verizon's "flying cell site" aboard our RS-20 UAS.

The future is here.

The Urban Drone War is Here

September 27, 2017



In February of 2014 we warned of the impending urban drone wars:

Criminals will soon realize a single flying gadget won’t help them so much and will be drawn into a drone arms race requiring each side to ramp up their drone numbers in order to win any encounter.

Moreover, once criminals discover the drone is a near-perfect murder weapon, they will start to invest in these devices and subsequently pull off murders without getting caught. Once again, police will have to counter with more drones which are constantly surveilling the air.

Finally, many of the drone-based murders will likely take place as night as these devices have night-vision and humans do not.




Equifax Reminds us Cybersecurity is a Corporate, not IT Problem

September 26, 2017


The largest consumer breach of all time - until now comes to us courtesy of Equifax. Americans think criminal hacking is the greatest technology risk to their health, safety and prosperity and they are right. What makes this breach so bad is this hack of the personally identifiable information (PII) of 143 million people will result in breaches related to this information for years - potentially decades to come.

In real-world terms, your bank and most other organizations you do business with use certain information to ensure you are you when you call or interact with them online. This information for over one-hundred-million of us is now out in the open.

If this news isn't bad enough, there are countless Equifax phishing scams to look out for now as well.

We could go on and list how this has been the worst year ever for cyberbreaches but you likely know that by now.

In today's news, the CEO of Equifax finally was forced to step down.








Apple iPhone X Face ID May not be Secure Enough for Many Users

September 16, 2017



While Face ID is theoretically 20 times more secure than Touch ID at 1:1,000,000 chance of a false match as opposed to 1:50,000, there are some legal and societal reasons why we still believe it is less secure in certain situations.

Touch ID requires the owner to physically place their finger on a device. Face ID does not.

This may not seem like a huge deal but it has tremendous implications both legal and societal.

We pointed these issues out recently where we said the phone could be used without the permission of the owner in certain situations:
  1. Law enforcement holds phone up to person’s face to unlock it.
  2. Person sleeping or partially passed out – another person holds phone up to their face.
If a person is arrested or crossing a border or otherwise comes into contact with law enforcement, the authorities have the ability to take the phone from the owner. With Touch ID, assuming force is not used, the owner of the device would have to physically decide to place their finger on the phone to unlock it.

Face ID however makes this potentially easier for law enforcement. Now, all they have to do is place the phone up to the user's face.

We reached out to Apple about this matter and they replied with the following statement:

Our teams have been developing the technologies behind Face ID for several years, and our users’ privacy has been a priority since the very beginning.

Face ID provides intuitive and secure authentication enabled by the TrueDepth camera system and the A11 Bionic chip, which uses advanced technologies to accurately map and match the geometry of a user's face.















Paul Ryan: Smartphones Are Cleaning FEMA Out

September 7, 2017



According to Speaker of the House, Paul Ryan, people are using smartphones to apply for FEMA assistance at unprecedented levels and as a result it is nearly out of funds.

This wasn't possible in past disasters because people needed PCs, electricity and homes which weren't flooded or destroyed to connect to the internet.

Hurricane Harvey and it's immense amount of flooding has destroyed a large number of homes (above) while Hurricane Irma has already hit land in the US territory of Puerto Rico and will hit the US mainland soon. Even worse, hurricane Jose isn't far behind Irma.

Smartphones have made the pace of everything happen more quickly and asking for assistance from FEMA is no different and while this is great for those in need, it will put inordinate strain on government budgets to ensure the emergency fund stays solvent.







Lack of Cybersecurity Training Just Cost 8 Million Dollars

August 31, 2017

The Cybersecurity problem gets worse by the day and as we have covered before, there is an increase in attacks targeting money-transfer. In fact, while ransomware isn't going away any time soon, the sheer amount of money which can be scored from a wire transfer scam is so enormous that ransomware pales in comparison.

As we just wrote:

  • Money transfer attacks occur when company employees are tricked into wiring money to a hacker account through what looks like a legitimate email from their boss or other authorized authority. By hacking mailboxes, malicious users can learn patterns and terms used by an organization and subsequently use these terms against them. Tens or hundreds of millions of dollars are lost by corporations each year through such attacks.

Some time back we wrote about Portnox and how they add visibility and control to help secure networks.

Intermedia Anti-Phishing Tools for Small Business

August 21, 2017



Large companies generally have IT teams to deal with phishing attacks but really, there is no perfect defense from a determined phisher who wants to get you to click on a link. Once you click, they could install a backdoor which gives them access to your passwords or perhaps they could start installing ransomware.

All a company can do is be as protected as possible. One way to achieve this is with strong anti-phishing tools - similar to the ones rolled out by Intermedia last week.

The company says they have unveiled Enterprise-grade anti-phishing protection, designed for SMBs - otherwise knows and small and medium businesses.

The new Intermedia Email Protection features include:

  • Similar domain check: Spear-phishing campaign authors will typically register an email domain that looks 'similar' to a company's email domain (e.g., iintermedia.net with two i's instead of intermedia.net). Intermedia's domain check feature uses a similarity algorithm to confirm that the sending domain is in fact is someone from within the organization.
  • User impersonation check: Spear-phishing attacks target specific employees within an organization, by impersonating someone they know – most typically the CEO or other high-profile individuals.








1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 ... 68 Next
Featured Events