Blueliv Intelligence Briefing

Your cybersecurity news summary

Thursday,   August 13th,   2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

Vulnerability in 4G Voice over LTE (VoLTE) protocol used to eavesdrop on voice calls

For each call, mobile operators must select an encryption key (called a stream cipher) to secure the call. Normally, the stream cipher should be unique for each call. However, a team of academics from the Ruhr University in Bochum, Germany, has discovered that not all mobile operators follow the 4G standard to the letter of the law. Researchers say that while mobile operators do, indeed, support encrypted voice calls, many calls are encrypted with the same encryption key. In their research, academics said that the problem usually manifests at the base station (mobile cell tower) level, which, in most cases, reuse the same stream cipher, or use predictable algorithms to generate the encryption key for voice calls. Learn more >

Demo Free Trial MSSP