Verizon recently suffered a significant outage that left millions across the US without calls, texts, or internet for an entire day. This was a huge hit, restricting friends’ and families’ ability to communicate and forcing some businesses to shut down for the day. What can you do to protect yourself from the next time a mobile network goes down?
Internet outages are incredibly disruptive in our modern world. We don’t realize just how much is actually connected until everything goes down. While massive outages are uncommon, they do happen—here are 10 of the worst.
Verizon has started enforcing a 365-day lock period on phones purchased through its TracFone division, one week after the Federal Communications Commission waived a requirement that Verizon unlock handsets 60 days after they are activated on its network.
Verizon was previously required to unlock phones automatically after 60 days due to restrictions imposed on its spectrum licenses and merger conditions that helped Verizon obtain approval of its purchase of TracFone. But an update applied today to the TracFone unlocking policy said new phones will be locked for at least a year and that each customer will have to request an unlock instead of getting it automatically.
The "new" TracFone policy is basically a return to the yearlong locking it imposed before Verizon bought the company in 2021. TracFone first agreed to provide unlocking in a 2015 settlement with the Obama-era FCC, which alleged that TracFone failed to comply with a commitment to unlock phones for customers enrolled in the Lifeline subsidy program. TracFone later shortened the locking period from a year to 60 days as a condition of the Verizon merger.
© Getty Images | Kevin Carter
Looking for a unique vacation spot? Have at least $10 million USD burning a hole in your pocket? If so, then you’re just the sort of customer the rather suspiciously named “GRU Space” is looking for. They’re currently taking non-refundable $1,000 deposits from individuals looking to stay at their currently non-existent hotel on the lunar surface. They don’t expect you’ll be able to check in until at least the early 2030s, and the $1K doesn’t actually guarantee you’ll be selected as one of the guests who will be required to cough up the final eight-figure ticket price before liftoff, but at least admission into the history books is free with your stay.
The whole idea reminds us of Mars One, which promised to send the first group of colonists to the Red Planet by 2024. They went bankrupt in 2019 after collecting ~$100 deposits from more than 4,000 applicants, and we probably don’t have to tell you that they never actually shot anyone into space. Admittedly, the Moon is a far more attainable goal, and the commercial space industry has made enormous strides in the decade since Mars One started taking applications. But we’re still not holding our breath that GRU Space will be leaving any mints on pillows at one-sixth gravity.
Speaking of something which actually does have a chance of reaching the Moon on time — on Saturday, NASA rolled out the massive Space Launch System (SLS) rocket that will carry a crew of four towards our nearest celestial neighbor during the Artemis II mission. There’s still plenty of prep work to do, including a dress rehearsal that’s set to take place in the next couple of weeks, but we’re getting very close. Artemis II won’t actually land on the Moon, instead performing a lunar flyby, but it will still be the first time we’ve sent humans beyond Low Earth Orbit (LEO) since Apollo 17 in 1972. We can’t wait for some 4K Earthrise video.
In more terrestrial matters, Verizon users are likely still seething from the widespread outages that hit them mid-week. Users from all over the US reported losing cellular service for several hours, though outage maps at the time showed the Northeast was hit particularly hard. At one point, the situation got so bad that Verizon’s own system status page crashed. In a particularly embarrassing turn of events, some of the other cellular carriers actually reached out to their customers to explain it wasn’t their fault if they couldn’t reach friends and family on Verizon’s network. Oof.
Speaking of phones, security researchers recently unveiled WhisperPair, an attack targeting Bluetooth devices that utilize Google’s Fast Pair protocol. When the feature is implemented correctly, a Bluetooth accessory should ignore pairing requests unless it’s actually in pairing mode, but the researchers found that many popular models (including Google’s own Pixel Buds Pro 2) can be tricked into accepting an unsolicited pairing request. While an attacker hijacking your Bluetooth headset might not seem like a huge deal at first, consider that it could allow them to record your conversations and track your location via Google’s Find Hub network.
Incidentally, something like WhisperPair is the kind of thing we’d traditionally leave for Jonathan Bennett to cover in his This Week in Security column, but as regular readers may know, he had to hang up his balaclava back in December. We know many of you have been missing your weekly infosec dump, but we also know it’s not the kind of thing that just anyone can take over. We generally operate under a “Write What You Know” rule around here, and that means whoever takes over the reins needs to know the field well enough to talk authoritatively about it. Luckily, we think we’ve found just the hacker for the job, so hopefully we’ll be able to start it back up in the near future.
Finally, we don’t generally promote crowdfunding campaigns due to their uncertain nature, but we’ll make an exception for the GameTank. We’ve covered the open hardware 6502 homebrew game console here in the past, and even saw it in the desert of the real (Philadelphia) at JawnCon 0x2 in October. The project really embraces the retro feel of using a console from the 1980s, even requiring you to physically swap cartridges to play different games. It’s a totally unreasonable design choice from a technical perspective, given that an SD card could hold thousands of games at once, but of course, that’s not the point. There’s a certain joy in plugging in a nice chunky cartridge that you just can’t beat.
See something interesting that you think would be a good fit for our weekly Links column? Drop us a line, we’ve love to hear about it.
Verizon has received all approvals it needs for a $9.6 billion acquisition of Frontier Communications, an Internet service provider with about 3.3 million broadband customers in 25 states. Verizon said it expects to complete the merger on January 20.
The last approval came from the California Public Utilities Commission (CPUC), which allowed the deal in a 5–0 vote yesterday. There were months of negotiations that resulted in requirements to deploy more fiber and wireless infrastructure, offer $20-per-month Internet service to people with low incomes for the next decade, and other commitments, including some designed to replace the DEI (diversity, equity, and inclusion) policies that Verizon had to end because of demands by the Trump administration.
"The approval follows extensive public participation, testimony from multiple parties, and negotiated settlement agreements with consumer advocates and labor organizations," the CPUC said yesterday.
© Getty Images | Bloomberg
Read more of this story at Slashdot.
The situation in the US is now resolved, but things fell apart for nearly 10 hours.
The post Verizon Outage Hits 180K Users appeared first on TechRepublic.
The situation in the US is now resolved, but things fell apart for nearly 10 hours.
The post Verizon Outage Hits 180K Users appeared first on TechRepublic.
Read more of this story at Slashdot.
The Federal Communications Commission is letting Verizon lock phones to its network for longer periods, eliminating a requirement to unlock handsets 60 days after they are activated on its network. The change will make it harder for people to switch from Verizon to other carriers.
The FCC today granted Verizon's petition for a waiver of the 60-day unlocking requirement. While the waiver is in effect, Verizon only has to comply with the CTIA trade group's voluntary unlocking policy. The CTIA policy calls for unlocking prepaid mobile devices one year after activation, while devices on postpaid plans can be unlocked after a contract, device financing plan, or early termination fee is paid.
Unlocking a phone allows it to be used on another carrier's network. While Verizon was previously required to unlock phones automatically after 60 days, the CTIA code says carriers only have to unlock phones "upon request" from consumers. The FCC said the Verizon waiver will remain in effect until the agency "decides on an appropriate industry-wide approach for the unlocking of handsets."
© Aurich Lawson | Getty Images
The Supreme Court will hear a case that could invalidate the Federal Communications Commission's authority to issue fines against companies regulated by the FCC.
AT&T, Verizon, and T-Mobile challenged the FCC's ability to punish them after the commission fined the carriers for selling customer location data without their users’ consent. AT&T convinced the US Court of Appeals for the 5th Circuit to overturn its fine, while Verizon lost in the 2nd Circuit and T-Mobile lost in the District of Columbia Circuit.
Verizon petitioned the Supreme Court to reverse its loss, while the FCC and Justice Department petitioned the court to overturn AT&T's victory in the 5th Circuit. The Supreme Court granted both petitions to hear the challenges and consolidated the cases in a list of orders released Friday. Oral arguments will be held.
© Getty Images | Douglas Rissing
By Kim Crawley
The annual Verizon Data Breach Investigations Report is a wealth of valuable information about the state of cybersecurity today.
Of course, data breaches remain one of the biggest problems in cybersecurity. Many of the worst breaches expose financial data, authentication credentials, and sensitive legal and medical information. In the wrong hands, this data can help cybercriminals access organizations’ and individuals’ most sensitive data and valuable networks.
Ransomware that targets enterprises is also growing. In fact, ransomware incidents are up 13 percent from the previous year, a larger increase than the previous five years combined. Another data breach vulnerability trend is an increase in human exploitation, whether by phishing, stolen credentials or user errors.
The DBIR is a massive report that resulted from Verizon analyzing a large number of data breaches, which they’ve also verified directly for authenticity. Here’s how Verizon determines which breaches to include:
“The incident must have at least seven enumerations (e.g., threat actor variety, threat action category, variety of integrity loss, et al.) across 34 fields or be a DDoS attack. Exceptions are given to confirmed data breaches with less than seven enumerations. The incident must have at least one known VERIS threat action category (hacking, malware, etc.).”
Verizon acknowledges that many data breaches still go undetected. Nonetheless, as organizations improve their systems for detecting indications of compromise (IOCs), there’s a lot of useful data to be analyzed.
Here are five key findings:
Whenever organizations are testing to see how vulnerable they are to a data breach, it’s important to simulate internal, external and supply chain attacks. Web application pentesting is also more important than ever. As DBIR makes clear, it’s critical that every organization test for unauthorized credential exploitation and phishing attacks, too.
Thank you Verizon for helping our industry better understand data breach threats! For more information about how Synack can help organizations prevent data breaches, get in touch here.
The post Five Big Takeaways from Verizon’s 2022 Data Breach Investigations Report appeared first on Synack.
Login