New Security Flaw Found in LTE Standard
Researchers have recently discovered a new security vulnerability affecting all 4G LTE networks. The so-called "aLTEr" attack could allow someone nearby to send your phone's browser to a web site different than the one requested, impersonating your bank's web site, for example. Similarly, it could trick an app into connecting to a different back-end service. aLTEr requires that the attacker use $4,000 equipment and be within about a mile of the victim, among other challenges. Although a successful attack is difficult, it could be used against high-value targets such as politicians, military personnel, journalists, employees of corporate rivals, etc. The flaw is inherent in the LTE standard and unlikely to be fixed. However, because aLTEr relies on DNS spoofing, it can be avoided by only using web sites and services that employ both HTTPS and DNSSEC. Currently, less than 1% of .com web sites employ DNSSEC, although many high-value sites do use it.
Bluetooth Bug Could Expose Devices to Attack; Patch Coming
Jul 24, 2018
Researchers at the Israel Institute of Technology discovered a vulnerability in Bluetooth's Secure Simple Pairing and LE Secure Connections features that could lead to man-in-the-middle attacks. According to the researchers, the Bluetooth specification doesn't require devices with these features to validate the public key when pairing with new hardware.
Google Now Highlighting Insecure Web Sites
Jul 24, 2018
Google is now calling out web sites that don’t use https for security. Google announced in February that Chrome 68 would begin highlighting insecure sites.
Researchers Say WiFi Vulnerability Impacts Nearly Everything
Oct 16, 2017
Researchers say they've found a serious gap in the WPA2 security protocol that can allow hackers to use k ey r einstallation a tta cks (KRACKs) to compromise most WiFi devices. The researchers say the method allows hackers to read encrypted information transiting via WiFi, including passwords, emails, photos, credit card numbers, and more.
T-Mobile Offers Big Savings to Military Members and Families
Apr 18, 2018
T-Mobile today made a significant commitment to support members of the U.S. military and their families.