Data Breach Week, SIMs cracked, carders busted - 60 Sec Security [VIDEO]

Filed Under: Apple, Data loss, Featured, Malware, Mobile, Privacy, Security threats, Video

How safe is the SIM in your mobile phone? Could it be remotely infected with malware?

Possibly - watch this week's 60 Second Security and find out more!

→ Can't view the video on this page? Watch directly from YouTube. Can't hear the audio? Click on the Captions icon for closed captions.

Previous three episodes:

"Jay-Z"
27 July 2013
"Googlehole"
13 July 2013
"Keyjacking"
06 July 2013

In this episode:

  • It feels like we just had "Data Breach week", with Apple's Developer Center, Ubuntu Forums, Lakeland and even Stanford University having "better change your password" moments.
  • Crypto researcher Karsten Nohl claims he's found a way to recover remotely the secret key buried in older SIM cards, so he can sign any code he wants and put it on your phone.
  • Five sidekicks of notorious TJ Maxx hacker Albert Gonzalez, currently serving 20 years, have been charged with carding crimes in New Jeresy and New York.

(If you enjoyed this video, you'll find plenty more on the SophosLabs YouTube channel.)

, , , , , , , , , , , , , , , , , , , , , ,

You might like

2 Responses to Data Breach Week, SIMs cracked, carders busted - 60 Sec Security [VIDEO]

  1. Tom · 361 days ago

    Does the hacker work for those who make and sell SIM cards?

    • Paul Ducklin · 361 days ago

      No. Not as far as I am aware. He is working _with_ them so they have the details but no-one else does. (Seems like the letter and spirit of responsible disclosure.)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog