Insecurity By Design Or Insecurity By Ignorance ..read more

Autenticação TLS mútua do cliente OAuth 2.0 e tokens de acesso vinculados a certificados no 5G Core ..read more

2023 5G Core security wrap up ..read more

Security is a process and not a product ..read more

Mutual TLS one of the zero trust pillars in 5G Core SA ..read more

Multiple Methods That Cybercriminals Can Use To Extract Your Location ..read more

Threat modeling around UPF Interfaces ..read more

Keep this network function in a private cloud Recently, the adoption of 5G Core deployment in public clouds(such as AWS, Azure, and Google Cloud) has been a hot topic of discussion. However, there are some items that are rarely discussed regarding deploying critical network functions in public clouds and one of these items are: which network functions should not be deployed in public clouds? Before a technical deep dive, a brief introduction to the 5G Core network and public and private clouds is needed. What is a 5G Core? The 5G Core(Fifth Generation Of Mobile Core Network ..read more

OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens in 5G Core! While reading the 3GPP TS33.501, I realised that one item in 5G security can get a third implementation option and I would like to highlight it. It will be assumed that the reader has knowledge of PKI, mutual TLS, 0auth2 and 5G Core procedures. This item is regarding the 0auth2 token or authorization token signature verification/validation from the NRF(Network Repository function) that works as an authorization server in the 5G Core network. What is the role of 0auth2 tokens in 5G Core? Th ..read more

How Mobile Operators Lost Thousands Of Dollars Because Of SMS Malware. SMS Malware Analysis — Write Up By Josue Martins This write-up is about an android malware that affected multiple mobile operators and subscribers, it is commonly found on pirate sites where subscribers download songs, games, and other content. I have presented my finds on this SMS Malware at the GSMA Fraud and Security Group meeting in Paris 2019, This malware affected operators in Africa, Europe, and the Middle East, and the victims of this malware were often left with huge bills on their telephone number ..read more