What is O-RAN, really?

O-RAN isn't just a buzzword — it's a structural shift in how we build radio access networks.

By moving away from proprietary, locked-in systems and toward open, cloud-native architectures, operators gain flexibility… but also inherit new risks.

At the beginning of this analysis, we lay the groundwork — defining what O-RAN is before unpacking the security implications throughout the session.

Watch the full webinar for the complete breakdown: https://app.getcontrast.io/register/p1-security-open-ran

The FBI is sounding the alarm: state-backed hackers are using custom malware and zero-day exploits to slip past telecom defenses. How are these tactics evading detection, and what does it mean for our security? Read more.

https://thedefendopsdiaries.com/unmasking-salt-typhoon-the-cyber-threat-to-telecom-networks/

#salt_typhoon
#cybersecurity
#telecomsecurity
#apt
#malware

What if hackers could track your team’s movements, calls, and even financial activity—without ever breaching your network?

In this clip from our latest episode of Cyberside Chats, LMG’s @sherridavidoff and @MDurrin reveal how nation-state actors are using telecom metadata to launch targeted attacks—and what IT leaders can do about it.

Watch the full video to discover key prevention tactics, including stronger authentication for financial transactions, identifying spoofed calls and texts, and securing third-party telecom providers.

Watch the full episode: https://youtu.be/Lyiwx6upd8E
Listen to the podcast: https://www.chatcyberside.com/e/the-title-of-cschats_11_-_ep_11_-_03_07_25_final_v2_mp3abb2v/?token=36d8802181f520acca954d7188659807

Bills Introduced – 12-12-24 – 70 bills – 10408, security challenges of Signaling System 7 protocol – https://tinyurl.com/4w5jux3k #Legislation #TelecomSecurity

US Senate seeks clarification from AT&T over ‘easily preventable’ data breach

https://stackdiary.com/us-senate-seeks-clarification-from-att-over-easily-preventable-data-breach/

Hackers Using VPNs To Exploit Restrictions & Steal Mobile Data https://gbhackers.com/hackers-vpns-exploit-restrictions-steal-data/ #CyberSecurityNews #TelecomSecurity #cybersecurity #VPNExploits #DataTheft #vpn

Surprise. No surprise.
https://www.wsj.com/politics/national-security/china-internet-cables-repair-ships-93fd6320
h/t @metacurity
https://infosec.exchange/@metacurity/112466444861614722
#NationalSecurity #China #telecommunications #telecom #telecoms #telecomsecurity

5G Security - entdecke pySCASso: Ein Python-Framework zur Automatisierung von GSMA NESAS SCAS Tests! Vom Team BSI entwickelt als Blaupause und Beispiel, lädt es zum Stöbern, zur Inspiration und zur Zusammenarbeit ein. Plattformunabhängig – Produktagnostische Testimplementierung - Minimalinvasiv. Besuche unser Projekt auf GitHub, um mehr zu erfahren und mitzuwirken: https://github.com/BSI-Bund/pySCASso #pySCASso #TelecomSecurity

" Telecom Sector Under Siege: Over 1,500 RIPE NCC Network Credentials Leaked! "

The telecom industry faces a severe threat as over 1,572 network operator credentials, including those from Orange España, were found circulating in the Dark Web. This follows a recent cyberattack on Orange España, involving a BGP hijack. The attack led to a service outage and revealed the risks associated with privileged network personnel. Cybersecurity firm Resecurity's scan discovered compromised accounts from RIPE, APNIC, AFRINIC, and LACNIC registries, emphasizing the urgent need for improved digital hygiene and robust security measures.

Tags: #CyberSecurity #TelecomSecurity #DigitalIdentity #DataBreach #DarkWeb #BGP #RPKI #Infostealers

Source: Resecurity

" Unveiling Sandman APT: The Silent Menace Targeting Global Telcos "

SentinelLabs has unearthed a new threat actor dubbed Sandman APT, primarily targeting telecommunication providers across the Middle East, Western Europe, and South Asia. This enigmatic group employs a novel modular backdoor named LuaDream, utilizing the LuaJIT platform, a rarity in the threat landscape. The meticulous movements and minimal engagements hint at a strategic approach to minimize detection risks. The LuaDream malware, a well-orchestrated and actively developed project, is designed for system and user info exfiltration, paving the way for precision attacks. The intriguing part? The attribution remains elusive, hinting at a private contractor or a mercenary group akin to Metador. The activities observed are espionage-driven, with a pronounced focus on telcos due to the sensitive data they harbor. The meticulous design of LuaDream showcases the continuous innovation in the cyber espionage realm, urging for a collaborative effort within the threat intelligence community to navigate the shadows of the threat landscape.

Source: SentinelOne Labs

Tags: #SandmanAPT #LuaDream #TelecomSecurity #CyberEspionage #ThreatActor #CyberSecurity #LuaJIT #SentinelLabs #APT

Indicators of Compromise (IoCs):

• Domains: mode.encagil[.]com, ssl.explorecell[.]com
• File Paths: %ProgramData%\FaxConfig, %ProgramData%\FaxLib
• SHA1:
  • fax.dat: 1cd0a3dd6354a3d4a29226f5580f8a51ec3837d4
  • fax.Application: 27894955aaf082a606337ebe29d263263be52154
  • ualapi.dll: 5302c39764922f17e4bc14f589fa45408f8a5089
  • fax.cache: 77e00e3067f23df10196412f231e80cec41c5253
  • UpdateCheck.dll: b9ea189e2420a29978e4dc73d8d2fd801f6a0db2
  • updater.ver: fb1c6a23e8e0693194a365619b388b09155c2183
  • fax.module: ff2802cdbc40d2ef3585357b7e6947d42b875884

Author: Aleksandar Milenkoski, a seasoned threat researcher at SentinelLabs, has meticulously dissected the activities of Sandman APT, shedding light on the LuaDream backdoor. His expertise in reverse engineering and malware research is evident in the detailed analysis provided.