The English Channel backchannel exploited by Israeli spy-tech firm haaretz.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from haaretz.com Daily Mail and Mail on Sunday newspapers.
And SS7 telco hack rears its ugly head yet again Share
Copy
In brief In an 8-K filing to the US Securities and Exchange Commission, SolarWinds has given more details on exactly how it learned its servers were spewing out malware.
The notice [PDF] says that FireEye notified the network management biz s CEO (who had only been on the job for three days) of a serious security issue on 12 December. But by then the SUNBURST malware had already spread to around 18,000 customers. The vulnerability has only been identified in updates to the Orion Platform products delivered between March and June 2020, but our investigations are still ongoing, the filing said.
Dec. 17, 2020
The private Israeli intelligence firm Rayzone Group exploited a loophole in a mobile phone network to enable their clients to track people around the world, a joint investigation by the Bureau of Investigative Journalism and The Guardian revealed on Wednesday.
According to the investigation, Rayzone rented access to an arcane global messaging system in the Channel Islands that allowed them to “geolocate” mobile phone users across the world. The report also claims that this point in the Channel Islands was also used in efforts to locate Princess Sheikha Latifa al-Maktoum bint Mohammed Al Maktoum when she attempted to escape her father, Dubai s ruler, in 2018.
The Tel Aviv-based company claims its geolocation tools are only provided to governmental authorities.
Industry and security experts told the Guardian that intelligence firms will often use small mobile operators, based on tiny islands in offshore jurisdictions as ways to exploit the telecoms network, especially regarding the islands of Guernsey and Jersey as potentially soft routes into UK phone networks.
Guernsey, seen in a picture taken on January 18, 2020. (CC-BY, Andrew Milligan sumo, Flickr)
Rayzone declined to divulge the purpose of its access via the Sure Guerney network. It told the Guardian doing so “entails regulatory and trade secret issues and a risk to our customers’ ongoing operations against terror and severe crime.”