Security Boulevard

Alan warns that cybersecurity is stuck in a “Maginot Line” mindset — clinging to outdated tools while attackers weaponize AI, supply chain compromises, and polymorphic malware. He argues for AI-native defenses, real agentic automation, and stronger supply chain vetting to keep pace with modern threats.

The post The Security Maginot Line: Fighting Tomorrow’s Cyber Attacks With Yesterday’s Tech appeared first on Security Boulevard.

Explore how passwordless authentication improves security by removing password-related risks. Learn about different methods and implementation best practices.

The post The Role of Passwordless Authentication in Security appeared first on Security Boulevard.

Learn how to use progressive profiling to collect user data without friction. Discover strategies for timing, consent, autofill, and local form design.

The post Progressive Profiling Without Friction: Collecting Only What Helps appeared first on Security Boulevard.

Discover how AI helps educational platforms predict and prevent security breaches with real-time detection, predictive analytics, and automated response.

The post How AI Can Predict and Prevent Security Breaches in Educational Platforms appeared first on Security Boulevard.

Santa Clara, Calif. Sep 29, 2025 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced today that it has attained ISO 28000:2022 Security and Resilience – Security Management Systems (SMS) certification. ISO 28000 is an international standard for supply chain security. It specifies the requirements for a management system to protect all links in […]

The post NSFOCUS Earns ISO 28000:2022 Security and Resilience – Security Management Systems Certification appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post NSFOCUS Earns ISO 28000:2022 Security and Resilience – Security Management Systems Certification appeared first on Security Boulevard.

 Last week the United Nations General Assembly kicked off in New York City.  On the first day, a strange US Secret Service press conference revealed that they had seized 300 SIM Servers with 100,000 SIM cards. Various media outlets jumped on the idea that this was some state-sponsored sleeper cell waiting to destroy telecommunication services around New York.  Like me, you may have immediately wondered why some of the photos showed sophisticated racks of servers on shelves while others showed a hodge podge of devices strewn about the bare floor of an otherwise empty apartment. 

photos extracted from USSS reporting SIM Pools on Telegram  Beginning in late 2024, every cell phone in the USA started getting hit hard with annoying messages claiming to be informing us of undelivered packages. In early 2025, this morphed into the famous "Toll Road" phishing messages which started off with messages supposedly about unpaid tolls in Massachusetts Easy Pass and now imitate every toll road system in America. Because the goals of these SMishing messages were to load credit cards onto phones and use them to steal money, DarkTower spent quite a bit of time studying the infrastructure, which is primarily advertised and sold in Telegram channels that we call "Chinese Guarantee Syndicates." I've conducted several briefings about these systems, and have mentioned previously in this blog how they sell SMS-blasting telecom equipment (See: Chinese SMS Spammers Go Mobile ). The devices found around the NYC tri-state area are a slightly different application of SMS-blasting.

The most famous of the Chinese Guarantee Syndicates, Haowang Guarantee, is part of the US-sanctioned Huione Pay, "The Largest Illicit Online Marketplace" according to Elliptic and WIRED. Haowang has shifted their business to Tudou Danbao, but their vendors continue to offer SMS Modem Pools and associated hardware and software as part of their Crime-as-a-Service empire.  Here's an ad for one such vendor (with its translation):

Let's look at the Telegram channel of Annie, a China-based seller of SMS equipment.  (In Chinese, these are called "Cat Pools" -- I'll explain why at the bottom of this article.)  Most of the posts I'll show are from Chinese-language Telegram channels, so I'll include an English translation. @Annie068a operates a channel dedicated to selling SMS Gateway equipment

Annie offers SMS Modem Pools in a variety of sizes

SMS Modem Pools have a variety of configurations.  The most basic has 8 modem ports with slots for one SIM card each. On the opposite end of the scale, is a 64 port modem with capacity for 512 SIM cards. (Many of those found by the USSS seem to be 32-port modems with 256 SIM cards.) When there are more SIM cards than modem ports message sending rotates between SIM cards.  What does Annie suggest you might use your SMS Pool for?  Mostly "Marketing."

The concept, as Annie explains, is that you can route messages from anywhere in the world and have them sent from an SMS pool sitting in the United States and being sent from a US-based SIM, thus having a US telephone number displayed in the caller id.

SMS Pools for Fraud and Phishing Other Telegram channels are more blatant with suggesting the type of "Marketing" that one might do with the ability to send Bulk SMS messages to other countries.  The Telegram channel "Mini Bulk SMS" provides examples, such as imitating the Irish bank AIB to send phishing emails, or imitating BMF in Austria, Binance in Italy, or doing an Apple refund scam in the US. In SouthEast Asia a major use of Bulk SMS is advertising to gamblers. 

An English-speaking Bulk SMS provider, KathyBulkSMS, also is quite blatant about the criminal nature of the messages she suggests.  Her service also has the ability to send using "Short Message Code" caller IDs. She particularly recommends imitating Coinbase if spamming in the US and says that her recent campaign, sending 170,000 such messages via Verizon, AT&T, and T-Mobile, was "very effective."

Kathy gives other examples, such as imitating Binance and National Australia Bank for the Australian market, but her channel has suggestions for many countries, including Netflix and Crypto campaigns for:  Greece Portugal Austria Ireland Japan Slovakia South Korea and Spain.
  Cheap SMS Modem Pools and Cheaper SIMs Not to bust the "Nation-state" theories too hard, but this gear is ridiculously cheap. You can buy most of it used on places like eBay, but the various business-to-business services like "Made In China" have great prices.  Here are a couple examples: a 16-modem 512 SIM-slot 4G SMS Gateway is $1,000.  A 64-modem 512 SIM-slot 4G/3G/2G offering send and receive SMS can range from $2,400 to $4,000 depending on the configuration and software included.

But what about the SIM cards? Don't worry, there are many Facebook groups, and many more Telegram channels that will hook you up. The Telegram user @Zoom557 posts to many Facebook groups using the new criminal-friendly "Anonymous Poster" service. On Telegram he is excited about the new $5 SIM cards offered 

BaronLiu also uses Facebook to push his Telegram SIM card offerings. 

Here are a few of the Facebook groups (all in Chinese) that specialize in SIM card selling. Notice the sizes: 2500 members, 3600 members, 6400 members, and 8700 members. Most of these groups also offer mass account creation and social media spamming services. 

One Telegram vendor of SIM cards was proud to be supplying a variety of US SIM cards.

The same vendor shared the photo below.  This isn't USSS in New York.  This is a deployment in Thailand using a SIM pool to provide Thai-WhatsApp numbers to customers around the world. 

Do eSIMs change the game? Durov has you covered:  Never one to shy away from offering anonymized criminal services to the masses, Pavel Durov has announced that you can now buy world-wide eSIMs from a special app inside Telegram called @Mobile. After choosing your region and country, you choose the eSim you want, and then can purchase it paying with Pavel's built-in cryptocurrency, TON, or a credit card if you want to be easily traced by law enforcement.

What about those SMS Cats?  One of the earliest "famous" SMS-phishers who was doing Toll Road phishing was "Darcula." When Darcula's server was unavailable in the summer of 2024, he recommended people use the server "magic-cat.world" to upgrade their software.  Darcula also used a cat as his Telegram profile image.

Darcula was well-and-truly doxed by the excellent researchers at Mnemonic.io -- Erlend Leiknes and Harrison Sand.  I've spoken to them both and they did a great job tearing apart Darcula's code and mapping out the credit card theft associated with it!   While Darcula was certainly a major player, "Little Gray Cat" was my favorite SMisher at the beginning of our work.  He loved to show off his "Machine Room" full of iPhones all sending automated (and end-to-end encrypted) Toll Road and Package non-Delivery phish.

It wasn't until recently I realized the story of why our SMS phishers have so many "Cat-named" things has to do with the slang for the word "modem." The Chinese term for modem is 调制解调器 (tiáo zhì jiě tiáo qì). Because that's quite a mouthful, young techies began to refer to their modem simply as 猫 (māo).  Here are some of the "Cat" terms I've learned in this research:

A "Cat Card" is a SIM card.  This is the term to search on Chinese Telegram to find people selling SIM cards and related services.  An "SMS Cat" is device hosting an SMS number either for "marketing/phishing" or for "verification farming." (Verification Farming uses the destination-country SMS number to receive authentication codes. Group-IB's excellent "SMS Pumping" article mentions that "In late 2022, Elon Musk revealed that Twitter was losing around $60 million per year due to SMS pumping fraud. The activity was attributed to 390 telecom operators that allowed bot accounts to exploit Twitter’s two-factor authentication (2FA) system, generating fake SMS traffic to inflate their own revenue.") A "Cat Control Platform" is the software, hosted on Windows or Linux, that connects to the 

A "Cat Number" is a virtual number ... it may be in an SMS Pool, but it might also be a Google Voice number or other virtual number.  A "Cat Pool" as we've already discussed, is an SMS Modem Pool.

The post SMS Pools and what the US Secret Service Really Found Around New York appeared first on Security Boulevard.

Singapore, Singapore, 29th September 2025, CyberNewsWire

The post ThreatBook Launches Best-of-Breed Advanced Threat Intelligence Solution appeared first on Security Boulevard.

Episode 400! In this special milestone edition of the Shared Security Podcast, we look back at 16 years of conversations on security, privacy, and technology. From our very first episodes in 2009 to today’s AI-driven threats, we cover the topics that defined each era, the surprises along the way, and the lessons that still matter. […]

The post Milestone Episode 400: Reflecting on 16 Years of Shared Security appeared first on Shared Security Podcast.

The post Milestone Episode 400: Reflecting on 16 Years of Shared Security appeared first on Security Boulevard.

What Makes Non-Human Identities Crucial in Cloud Security? How do organizations manage the unique challenges posed by non-human identities? Non-human identities (NHIs) are critical components of robust security strategies. Conceived as virtual entities consisting of encrypted passwords, tokens, or keys—collectively known as “secrets”—NHIs resemble the role of a passport, with permissions acting as visas granted […]

The post Feel Secure: Advanced Techniques in Secrets Vaulting appeared first on Entro.

The post Feel Secure: Advanced Techniques in Secrets Vaulting appeared first on Security Boulevard.

How Can Organizations Adapt Their Security Strategies for Hybrid Cloud Environments? Organizations face unique challenges while managing their hybrid clouds. But how can they efficiently adapt their security strategies to maintain robust protection? Hybrid cloud security has become a crucial component of modern business operations, requiring adaptable strategies that address multifaceted security concerns. One of […]

The post Adapting Your Security Strategy for Hybrid Cloud Environments appeared first on Entro.

The post Adapting Your Security Strategy for Hybrid Cloud Environments appeared first on Security Boulevard.

Why Are Non-Human Identities Crucial for Cybersecurity? How do organizations ensure the security of machine identities? Non-Human Identities (NHIs) provide a compelling answer, offering a structured approach to managing machine identities and secrets securely. NHIs are critical components in cybersecurity, often overlooked due to the complexity they introduce, but they are indispensable, particularly for cloud-based […]

The post Continuous Improvement in Secrets Management appeared first on Entro.

The post Continuous Improvement in Secrets Management appeared first on Security Boulevard.

Creator, Author and Presenter: Phillip Ward, Canva

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel.

Permalink

The post USENIX 2025: PEPR ’25 – Enterprise-Scale Privacy For AI: How Canva Scaled Customer Control Of Data For AI Training appeared first on Security Boulevard.

From water systems to the electric grid, critical infrastructure has been under threat for decades. But 2025 cyber attacks against airports are different. Here’s why.

The post Cyber Incidents Take Off: Europe’s Airports Join a Growing List appeared first on Security Boulevard.

Why Are Non-Human Identities the Key to Proactive Compliance in Cloud Security? Where data breaches and cyber threats have become a pressing concern, how are organizations safeguarding their digital assets? The answer lies in the strategic management of Non-Human Identities (NHIs) and secrets security management. With the cloud being central to modern business operations, effective […]

The post Proactive Compliance: A New Era in Cloud Security appeared first on Entro.

The post Proactive Compliance: A New Era in Cloud Security appeared first on Security Boulevard.

How Can Scalable Security Transform Your Business? Where businesses rapidly migrate to the cloud, scalability in security is more crucial than ever. Enterprises must adapt their cybersecurity strategies to protect sensitive data and manage machine identities efficiently. Enter the concept of Non-Human Identities (NHIs), a cornerstone in building scalable security solutions for cloud-native environments. Understanding […]

The post Building Scalable Security with Cloud-native NHIs appeared first on Entro.

The post Building Scalable Security with Cloud-native NHIs appeared first on Security Boulevard.

Why Are Non-Human Identities the Unsung Heroes of Asset Security? Where digital transformation drives business innovation, the necessity for robust asset security strategies is paramount. But here’s a question often overlooked: How do organizations manage and protect the vast array of machine identities—commonly referred to as Non-Human Identities (NHIs)—in their cybersecurity architectures? These NHIs are […]

The post Securing Your Assets: Strategies That Work Every Time appeared first on Entro.

The post Securing Your Assets: Strategies That Work Every Time appeared first on Security Boulevard.

Creators, Authors and Presenters: Norman Sadeh And Lorrie Cranor, Carnegie Mellon University

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel.

Permalink

The post USENIX 2025: PEPR ’25 – UsersFirst: A User-Centric Threat Modeling Framework For Privacy Notice And Choice appeared first on Security Boulevard.

Learn everything about Risk-Based Authentication (RBA): its benefits, implementation, and future trends. Enhance your application security with this comprehensive guide.

The post Complete Guide to Understanding Risk-Based Authentication appeared first on Security Boulevard.

We have witnessed a surge in cloud adoption and data exposures, with a similar trajectory. A cloud security report highlights that 95% of organizations experienced cloud-related breaches in an 18-month period. Among them, 92% of breaches exposed sensitive data. It is important to note that most incidents do not germinate from exploits that fall under […]

The post Cloud Posture for Lending Platforms: Misconfigurations That Leak PII appeared first on Kratikal Blogs.

The post Cloud Posture for Lending Platforms: Misconfigurations That Leak PII appeared first on Security Boulevard.

 

China has implemented regulations for 1-hour reporting of severe cybersecurity incidents. This would include disruptions that impact over 50% of the people in a province or 10 million people, such as critical infrastructure attacks.

The irony is that China is recognized for its advanced and aggressive foreign cyber operations. But there is brilliance in this requirement. China has an excellent perspective in how such attacks can be used to disrupt adversaries and push foreign policy. It doesn’t want to suffer in ways that other nations might and therefore is improving its response and recovery capabilities.

In contrast, when the US SEC required public companies to report material outages within 4 days beginning in 2025, there was upheaval with some cybersecurity leaders, stating that it was impossible or at the very least irresponsible. They lobbied Congress to repeal the requirements. Since the regulation took effect, no major issues have arisen from the 4-day requirement.

The vast majority of US critical infrastructure is operated by private industry and concealing cybersecurity compromises only benefits the attackers.

The Cybersecurity and Infrastructure Security Agency (CISA) is also looking to update rules specifically for US critical infrastructure, mandating a 72-hour notification, but the final rule may not be published until mid-2026.

China knows something and realizes the importance of early reporting. Even the most aggressive US reporting proposals falls far short of the 1-hour requirement in China.

I hope my peers will remain calm, realize the necessity, and support early notification in the US.

The post China Prepares for Cyberattacks appeared first on Security Boulevard.