Explore the latest in 5G security. Stay informed on vulnerabilities, encryption, and secure protocols in the rapidly evolving 5G landscape.
Search across headline titles and summaries.
Background for this topic.
5G is the fifth generation mobile network technology designed to connect virtually everyone and everything together including machines, objects, and devices. It is engineered to provide higher multi-Gbps data speeds, ultra-low latency, more reliability, massive network capacity, increased availability, and a more uniform user experience to more users. With its advancements over previous generations, 5G is poised to enable a new kind of network that is designed to connect virtually everyone and everything together including machines, objects, and devices.In the context of information security, 5G introduces both opportunities and challenges. The technology's ability to support a vast number of connected devices amplifies the attack surface for malicious activities. Enhanced mobile broadband (eMBB), ultra-reliable low-latency communications (URLLC), and massive machine-type communications (mMTC) are foundational capabilities that could potentially be exploited if not properly secured. Conversely, 5G also brings robust security features, such as improved encryption, stronger user privacy mechanisms, and the potential for network slicing to allow for customized security policies. Adoption of 5G necessitates updated security protocols and strategies to address emerging threats and to leverage the technology's full potential for secure communication.
Weekly headline count for the current query.
Silicon often from US, but the kit from APAC and elsewhere America's telco regulator has clarified its ban on foreign-made routers also includes mobile hotspots and domestic routers that use a 5G cellular connection to the internet.…
Partner Content Millimeter-wave ISAC and edge AI create unified sensing-communication capabilities for next-generation low-altitude security
A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue base station (gNB)
Sni5Gect research crew targets sweet spot during device / network handshake pause Security boffins have released an open source tool for poking holes in 5G mobile networks, claiming it can do up- and downlink sniffing and a novel connection downgrade attack - plus "other serious exploits" they're keeping under wraps, for now.…
5G OT Security Summit Speakers on Delicate Balance Between Innovation, Cyber RiskDigital transformation - which now includes a convergence of cloud-based applications, AI and OT systems - introduces new threat vectors particularly as legacy systems struggle to adapt. Speakers at the 5G OT Security Summit discussed cyber defenses and policies and for securing OT systems.
5G OT Security Summit Speakers on Secure Frameworks for Regional InfrastructureAt a time when ASEAN nations are accelerating 5G deployments, cybersecurity leaders at the 5G and OT Security Summit in Malaysia issued a sobering warning: Fragmented regulations and uneven OT readiness threaten to undermine the region’s digital ambitions.
While ushering in "great operational value" for organizations, private 5G networks add yet another layer to CISOs' responsibilities.
Private 5G networks face security risks amid AI adoption and a lack of specialized expertise
A group of academics has disclosed details of over 100 security vulnerabilities impacting LTE and 5G implementations that could be exploited by an attacker to disrupt access to service and even gain a foothold into the cellular core network
From zero-day exploits to 5G network vulnerabilities, these are the threats that are expected to persist over the next 12 months.
Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks
Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC). The first vulnerability (CVE-2024-20685) allows a crafted signaling message to crash the control plane, leading to potential service outages. The second (ZDI-CAN-23960) disconnects and replaces attached base stations, disrupting network operations. While these issues are implementation-specific, their exploitation is made possible by a systemic weakness: the lack of mandatory authentication procedures between base stations and packet-cores.
Wireless service providers prioritize uptime and lag time, occasionally at the cost of security, allowing attackers to take advantage, steal data, and worse.
Industry reportedly pressuring digital ministry not to cut the cord Germany may soon remove Huawei and ZTE equipment from its 5G networks, according to media reports.…
A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as MediaTek and Qualcomm impact USB and IoT modems as well as hundreds of smartphone models running Android and iOS
A new set of vulnerabilities in 5G modems by Qualcomm and MediaTek, collectively called "5Ghoul," impact 710 5G smartphone models from Google partners (Android) and Apple, routers, and USB modems. [...]
Dive into the world of private 5G networks and learn about a critical security vulnerability that could expose IoT devices to attacks from external networks.
Telcos across the Middle East are rapidly rolling out 5G networks. Will this accelerated adoption lead to higher security vulnerabilities?
In the second part of this series, we will examine how attackers can trigger vulnerabilities by sending control messages masquerading as user traffic to cross over from user plane to control plane.
Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed, efficiency, and productivity brought by 5G. This entry describes CVE-2021-45462 as a potential use case to deploy a denial-of-service (DoS) attack to private 5G networks.