Category: Uncategorized

On December 17, 2024, Brian Contos spoke with Brett Walkenhorst, Bastille Networks's Chief Technology Officer, recording a quick Ask Me Anything video about the recent wireless attack that Veloxity disclosed. The conversation explores the "Nearest Neighbor Attack," an innovative wireless attack strategy highlighting how attackers bypass traditional proximity-based security assumptions. It delves into the attack's mechanics and implications and discusses how Bastille Networks’ solutions address these challenges. Volexity states, "The Nearest Neighbor Attack effectively amounts to a close access operation,…

A recent industrial espionage case in South Korea highlights how insider threats can leverage physical and wireless vulnerabilities to exfiltrate highly sensitive intellectual property. The incident, which South Korean prosecutors value at over $180 million in damages, demonstrates why organizations need comprehensive visibility into all potential data exfiltration channels, including personal cell phones. The Incident The Seoul Eastern District Prosecutors’ Office indicted a former Samsung Display researcher for allegedly stealing trade secrets related to automated factory operations and leaking them…

In a joint cybersecurity advisory released October 10th, 2024, the FBI, NSA, UK NCSC, and other Western intelligence agencies warned that Russia's Foreign Intelligence Service (SVR) continues to successfully breach private sector and government networks worldwide using a combination of traditional network attacks and concerning new wireless intrusion techniques. The Wireless Vulnerabilities The advisory highlights 24 specific vulnerabilities that network defenders should remediate to protect themselves against active exploitation from SVR (also known as APT-29, Midnight Blizzard, and Cozy Bear).…

Joint reports from Microsoft Threat Intelligence and Black Lotus Labs disclose details of a years-long hacking campaign by the Russian FSB-linked group Secret Blizzard. Through a sophisticated multi-stage campaign, the group successfully compromised and repurposed Pakistani cyber operations infrastructure in Afghanistan and Indian networks, through a sophisticated multi-stage campaign. The Heart of The Investigation: Hardware Hack While tracking the activity of Pakistani state-affiliated group "Storm-0156", Black Lotus Labs researchers discovered a C2 server designed to control a suite of deployed…

Americans should stop unencrypted texting on their iPhones or Androids Executive Summary A confluence of troubling developments has emerged as U.S. officials reveal that Chinese state hackers remain deeply embedded in telecommunications systems. Meanwhile, due to the ongoing breach, the FBI and CISA have taken the unprecedented step of warning Americans to abandon standard text and voice messaging in favor of encrypted communications. This move represents a fundamental shift in how organizations approach personal and corporate wireless device security. The…

Introduction to DOD and Federal WIDS Requirements The Department of Defense (DoD) and federal agencies face an urgent challenge: securing facilities against wireless threats. As mobile devices, IoT, and rogue access points proliferate, compliance with Wireless Intrusion Detection System (WIDS) requirements has become mission critical. While some organizations rely on handheld scanners or point-solution devices, these tools fall short. They provide only snapshot views of RF activity, leaving dangerous blind spots in environments that demand continuous monitoring. Meeting DoD WIDS…

In today's interconnected world, wireless technology is an integral part of corporate infrastructure. As businesses continue to rely on wireless networks for daily operations, the importance of securing these networks has never been more critical. Employees and visitors bring wireless devices into corporate facilities. Visiting wireless devices may be unwittingly compromised or used by bad actors to compromise corporate assets and networks, exfiltrating voice and data or introducing threats and vulnerabilities to corporate systems. This is where Wireless Threat Intelligence…

Pagers - History, Uses Today, and How to Detect In a world of ever-faster mobile communications devices and cellular networks, it is easy to forget the role still played by much older wireless communication devices: pagers. While smartphones dominate modern communication, pagers—once ubiquitous for short messages and alerts—are still widely used in critical environments. Detecting and monitoring pagers is vital to ensuring operational security. Bastille Networks provides a comprehensive solution for detecting wireless devices across the RF spectrum, including pagers.…

Unauthorized cell phones inside secure facilities, data centers, healthcare environments, and government buildings represent a growing insider threat. These devices can be used for: Data exfiltration through cellular or Bluetooth connections. Unauthorized recordings of sensitive conversations or intellectual property. Regulatory compliance violations under HIPAA, PCI DSS, ITAR, and NIST. Traditional IT security tools often miss these devices because they operate outside the wired and Wi-Fi network. That’s why organizations are turning to advanced RF monitoring to both detect and locate…

Wireless and RF-enabled devices are everywhere — from office networks and smart buildings to IoT sensors and industrial controls. While they provide flexibility and efficiency, they also expose organizations to serious RF security vulnerabilities. Back in 2018, Bastille identified the leading threats facing businesses and government agencies. Today, those vulnerabilities remain just as relevant — if not more so — given the explosive growth of IoT, mobile, and RF-enabled devices. This article revisits the top RF security risks and explains…