P1 Labs » Advisory http://labs.p1sec.com P1 Security Labs Wed, 31 Dec 2014 00:24:12 +0000 en-US hourly 1 http://wordpress.org/?v=4.1 P1 Security CERT is open http://labs.p1sec.com/2013/07/27/p1-security-cert-is-open/ http://labs.p1sec.com/2013/07/27/p1-security-cert-is-open/#comments Sat, 27 Jul 2013 22:33:34 +0000 http://labs.p1sec.com/?p=248 P1 Security Computer Emergency Response Team – P1 CERT –  is officially open!

P1 CERT role is to guarantee a professional incident and vulnerability management by direct cooperation with Customers, VKB Subscribers, Telecom Vendors, Operators, Governments and other CERTs. P1 CERT is also collaborating with TCERT for Telecom-related coordination activities.

Also you may wish to know more about our work on Mobile and  Telecom vulnerabilities releases by checking our Vulnerability Knowledge Base.

Here is an overview of the the work of P1 CERT that is integrated into the VKB:

VKB_Overview-1

 

 

 

 

 

This a visualization of P1 Security VKB vulnerability evolution over time. You can see that P1 CERT has done intense amount of reverse engineering and vulnerability research in order to qualify vulnerabilities and develop knowledge.

 

 

 

VKB_Overview-2

 

 

 

 

 

VKB vulnerabilities, sorted by risk, and including Best Practices. You can see here that P1 CERT focuses on high-impact vulnerabilities but at the same time provides Best Practices to help securing networks.

 

 

 

VKB_Overview-4

 

 

 

 

 

 

VKB vulnerabilities by Network Element type. HLR & MSC are currently the most impacted equipment, according to P1 VKB.

 

 

 

VKB_Overview-03

 

 

 

 

VKB vulnerabilities per Vendor indicate that Huawei is the most concerned vendor in term of vulnerabilities entries. This can be a bias of analysis as Huawei is present in nearly 90% of the operators we do work with, so its representation in number of vulnerability is not only due to the intrinsic vulnerability of their equipment, but also to their ubiquitousness.

 

 

 

 

For more demonstration, you may visit P1 Security VKB tour.

Contact P1 Security CERT at : cert@p1sec.com

  • Click here to see the P1 Security CERT PGP Key

    —–BEGIN PGP PUBLIC KEY BLOCK—–
    Version: GnuPG v1.4.12 (GNU/Linux)

    mQINBEtXaFIBEADgJGDE1OLUtmN+v0tmlmjWdJZA1dWCtvC+LPdkvYIWiLJSiqpZ
    5v+MaLMxIsQ0A4emjBzW2vD5buTNwyTzi5Jy8xRw0uQJZtFww73W0QIksukGqLu/
    BtcyhoZdZeNYfkJc+/FaRczvEJOsp3dYjpztygAwLDzftagrQ3SM4J5dfjbkR4qU
    3BVjgcrSKnUihc2UwGgXNZi7MjA09doCpr+IvtuWMZKVOShF1Y0jPuVbzWhrb8/e
    Kr3ikrBdxuV97UXXLERFMxmuPAWJhsjxObjqCCXhwwuhSpA1kZ26za7b/Dzy1C0V
    WpuI4DTJevAOtIqss64uyDpuh+UFh0GMHLkYJu+GQftwcM6Pxs2xrADBuqWzgbvK
    q3OJrgK4LQGiBYPiK+s0tyE/w7rXu2QO4sml/EKVpbbTcRWiFodQPspTn0kkPtnI
    WFoLrM58EBDxTOMrVySri4pvcGvwsU+KW2n2vkPRH2tS2kGK5FocEpW1lN/U8VBA
    l0i2NayC/ro1yK+fe2Tfe5Eo0bDyEyQQsWGCY5cYEnyhUHVuNayDhx1B1oAqbo6v
    Um1ISaTvq7eCGtCtegD3nLUlR/I7UQ2cvCctrYtpc8qZdcVPAENfur6ZyBMeSsGx
    S7j8LfNlddMNVx5lJ4jxDuHVItThiwyFtgKL+5g1YqXbjiQinqNNUEKeiQARAQAB
    tB9DZXJ0LUlTVCA8Y2VydGlzdEBjZXJ0LWlzdC5jb20+iQIVAwUQS1dze7a+qPo1
    CmC6AQI1lg//QhwVz2axRWn4jearE4q6qkIQ3vHnxJ1piqK4eePxUNcDeB5GwDUT
    QfeQ3SeSFOw1ERVDZGlq21PPz+9RG/vDhJQnQ/QaUIFZfFMEsq01vqYFtCC8a80v
    gikPbC/kRj1Q3YgumK6CTbVSLiZLckd7wyTe33Acr3cql5EWsN7LHwD8hnHoH0zT
    FSjSbB9xu6W/8uVJqk3CqZIIEJfMirtcm1yrMzxRtgKOGNqNrI73q7HhPbw67Sax
    VZb7QpFmzIDIUnbE5eJUqELSq3QEBY0Z/YNXnBDFFHGBhJAs89LKluNXPPK8H/rr
    /PUN1a3e/eqOiOS8RHvI9KPh8nb8QwMonQvFUdxjG0owRwHHfm3za2BiPn1vk3+W
    ApsH9xyZTsG6rbziPUfpVtSF46Mes+0uCnS0/ynYIleHmtQMLwCVuSZqL8D9Vbml
    fEkwW15G3JAWwa/Knnwon63KDKcOb+jXq3vs0nbI65UX68l41kqGkhTsI9UNsQlq
    5jkRz9yw29qf3qj6ACAeo4N+vjEhwmd4WQbnqLQ5leGLWulQsHp5lYZNCrXHJyHW
    HhcTfP1Z12cimbU5q6NEqMVynsY1+YBIi9jn6lBtkS79pCZbCVZWMLmNQmb4nvxs
    LIfNKYAEHiP2vIZMsWLaeugMtDw/jnnq9fvlfi7QFdEfjyaX4W/pFaqJARUDBRBL
    WAJ6ji95MC7uHgsBAjQHB/0VQB9OHwZ7tuvmGEm8z2ThjP3T0SirSmHswmn3k7VY
    WfcqFEgR5pk9maWT4XgUrmWPRZUyv2FXkAUKAX6Qp8aGFOk4vETsV357THz/vRc8
    oqxgdgAVBbMkTpuL8w+SOlV+A/H7WEqt+i4cTqGkzrC2mxFJ/qsXXnu/PH7IA+Ap
    PbzQqWRIAZfuDiVeThhEuERvbL4T8AMQ8q+oIQqoGEk8HpsWFbFg7AiWKgr/6Fn+
    GTz/0AutmB0hoDAexRw8eBglI3NlyreHTdm3t/1iQIK8YxY7RemENWy1R0m+dQjk
    jUughf5q6ty4iQhwysAoI+9f0X2/ed5kMXGfP3kPiz8qiEYEExECAAYFAkwvukoA
    CgkQ13JbYSPmlWmzTwCfU1Ed3CsiQYrp6jaiNkPQE+tAqakAnjhkePGzSufgdVV7
    jTtFuOyCYXZptBxDZXJ0LUlTVCA8Y2VydEBjZXJ0LWlzdC5jb20+iQIVAwUQS1dz
    Vra+qPo1CmC6AQJaXA/+L0f6lXfIC1zILETJRbVN1BRSJNBH1H2l7+MaBiv1UUro
    swhD5IVxqPzdb1RLv6c2EnlUmpGDgtYWlaY4omYnp2F7bazWIvJjcEM1POK6s/wn
    5ZLHtctIC8NWqYeVXuC4+3sX+b3/hMije3PxhIblJSzPYRha1x+7ydz1rZewuSzA
    Dr45GPArkVa2m/3PH2foXNVdWcpU+rb9QVuD8p+tW8FLJERRJvFDIKW6RGkExoRS
    XBzBNgUpH2mdL0vukN86PHaHERYWcMWghXj4M7AJYxzYUVOD+Q0bL0MUkTqYxwa9
    OSByCkijOUwwl9ZuTdXehJgRGThFn6cVOqcuQR+Bvj6KH220oY58KHJkJycC2q5n
    Iayw2MGNj96goeefqSa/GLKCg3SUu8qAz23goWQEWKbCp9N+SM3OpHSlIRslsY0E
    6oZ3VkS1kTofGTtDJ8J12PSfwsr2kYn/IMMPnhHerhJAFFnYpSZNcvP4nphwWZX0
    T2U/qjhQuVdIvJ4fY+2KELzYHCrUl/sKx6JjmtO8gnuNI4wpmZhOz1qWn3wjM+G8
    VyfJooa8Mn5yvLqqirQx+JQLpAlkFog7PZiuF6/zFFB/muIeborrK9vRVmBb4tzb
    xAiGx+xNOqBbMfDdbk3U2VAD9cNiHZOFMzZubpc119cLwoxvuCw9ZlVF1x4f6TqJ
    ARUDBRBLWAIoji95MC7uHgsBAl4RB/wJLvfvQzrzFk6W+fw4GnRxwK1EbzCC+dXU
    gQyw56kKOLgMVoosIq/Qlz3vrkX72Cb52N+xWjVigzibhPi7AYKAXG80nmdxPZZV
    /cpv9kI/mcCgoqW0q2yyHXn6nHodXRkqU/Sw3PBR36N6viABf/G+EXF9j47/LObl
    qoib53qLWLzROovHxJz0ueLhiRaa11HK4o4tYEhOLS3u7OvrJKTQqYIqzu6uTAT2
    Puvtny8Opi7cwsfQU/usDw48QnDG5PrXasQXb/E34RCzBrkg67FOA8XEaj5ZJu+Y
    JfrALNylnVYCnVaZfr5XFwyf+8fqTSlt2DNI9X+xENN78sbsuVaXiEYEExECAAYF
    AkwvukoACgkQ13JbYSPmlWmHYACfe3ITSHy0eRm5a4Tg9OhWPrFfIWMAn1HKPuyo
    TYhZJ+dScK5AGsGxhtjnmQINBFHxTVMBEADSdK3BX33CMBQyGinh8eNxRcs2Aicb
    m0NhUtPUjUYujno6QFFsmi+DPp4PhFP+xt2Ys/H9soBJ58QYUD7gd9G82aCRIe16
    Uaz6fhp+g6BC34glrkEmVPGNKR9NY45WOcBu2D9G91X3dCafbBoIZSo+bAsR34V1
    WAN1RQez1ABeDp069u4BNCuoWZNaUn26bdSu6T6ClWA8s/POo/lZkqNMhSdZC/9B
    KbfDEvgt0CDVYaMgC6fXhwJoxpIp1aMAOjdOxgwTIo+JkMwUNxfIX5tWHNrhupR2
    ePpkhqGiQ5B2MLSXw2CdeKXZH+/0mP/G5EPSCWbvuHxaegAfEVxD77uksLOjuOdq
    X/HQ7Vaqwz/NRWJCxuCHBg8/675YGBSkLVW4v9171cP5M4YOnaHyZ5in04r+EjkL
    6yK9y+y/1BXHkL+6xW08TtUmoT4AQk0EFnUzNLXHa6argmqbxuxxVWghYNStjFnV
    D0bVuwKwusZlJ7b5x83Z2QztHDQcwumcA9uTN4SePqck+N6H4PF2EntFEYtKyGdp
    vyLAMk728xtCo6ArCmsIkzF64ddvKPCHgxtGf/JaIHvaCXxkVlasYitOhqi0lr4L
    Kib5t+5urQinJcbBbyGP67MPuRljXxCnUzk1ngBRXp0W/i1Ho+NoLQrUJwfC2jQz
    nD1TMeo3vn3P3QARAQABtHRQMSBTZWN1cml0eSBDb21wdXRlciBFbWVyZ2VuY3kg
    UmVzcG9uc2UgVGVhbSAoVGhpcyBpcyB0aGUgb2ZmaWNpYWwgUEdQIGtleSBvZiB0
    aGUgUDEgU2VjdXJpdHkgQ0VSVCkgPGNlcnRAcDFzZWMuY29tPokCOAQTAQIAIgUC
    UfFNUwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQjevsxXEnPnVGTA//
    eaRwXlR9MpH/+8eS0HB5t1EyWlkmRBb1ExmszBHyTRz8AomFUSjB7OZ+kvIskPkN
    RbWoaxFSUpZqVEID2qJbsQ5z6hLcAmFHhlHmXdh7sbGpkTwbm8bxwjx44jrb5ryq
    kKmsYWbNf1v2ie/iWlNmkR8t58szkkx+H+hEpxwcofjzocmmea1urjCCTsHv7lV7
    da/Q5GGUJHsED9AZJUsYQ3r7pJ7wSskUuGjMRTSl66qO90+xuETq9CFirj2CbSNU
    v/7ohKbjaZDXhm4TmPJ8/61erpHfmpuNkG7drlUBvqPZk/xOlorfswcjW8N6KTFw
    8ksI9aGeOug5LIFLZGnrlmAPQMJloVicXYkIfwh04LxOM1mzs5ri+3fwF3+SV6kl
    zFWdch4AY3wdzpp/ewgkwJPQpbvRxbXmCK4mP4Srs6gFv29zQBotE4QBQTmwLXvg
    wZ7YwT47XwW337MCBZOZuOl3sX/GiFxoT+nC7rvoQovC+at68Cl3AAJQTy0crr/c
    PgJuST1RpLp9BIzZhGpyXGckm80i7kXxSPbz0ZqchX+1ln7XTDW8gVsfYci3t4tu
    RS0QYLG6trFTw+d7KkqPdXWxvFOq9XWscfNcCADU2zLvI5UHNcQeomQldSnjtkOn
    BMHofqU+j1vByLOfa9LW7R/kmqFNptg9/rnnRyOCT3q5Ag0EUfFNUwEQANrOvLS2
    Jupnnb5x/oEViyI+OthYcWFS4/FD3vKCin4ag1UHX1tQe9Ex21Ey2gW9ga/cg6bi
    9ZGyomDHi0roYNl9RjwLE5fs/HKDF47W3ohLKln7bAI9160WF2fNoRI0YVQuBKqL
    qKgJMeTB1AYNYAJR1VIdh5jQcDHbSmXIU12CPwoyfWx6zBeUlAj+emkIyhzY83xR
    wJJJFlfIX8QpySOhMW/cEeOFD0OIV5iOetPwR4C9ef/WYxjAnRo4QA7cQygtad70
    nf0ldLj822emM5VfpajGiE5HYVSIx+1DRq+YAyD6hqHl6bLD5dhRDNXdp2MPG+r/
    PCj1XCKCBbcGLbUK6KQl4iK3ydIab8dfUJZqe//QpLud2XMNBxP1o617muPLlmM4
    2icPHnIVp/d8LEPc/OVsY/rNuzQFfYjL/OZmkUq7xI2E2pkdsl+Yey4Rodq22KrT
    SlOtja80DzT+99/aRf3etDvz0ZEghrRxvwxHKFXneL4bFNtr25gCNXKNT5HW6Tm/
    qNYwOBUZ1/pVxfoPQ5yjiZLuk9oxEin/eEJBQSrzNX6GN/+5wQPpE7xzzB4lJH7M
    qnm6jrnneqpI45nMg94mOJQ9C0AGGyDaijeZ4l8sLTVKvx70RHV5FzRJKdF8Eczg
    H0tNvUR6c7F0llvdCSaPqNCWKgUTkLQj6IspABEBAAGJAh8EGAECAAkFAlHxTVMC
    GwwACgkQjevsxXEnPnVvhhAAyYrbcEpoWIy5dWkY1zqgfCDGtjHMSmut/RoiKwnu
    4Zpdc29xx2qj/yzBYwJT9o3r5ceM1aiN7QREWeuaBBDcHc9CkrC30UPWKGcGKzjD
    lwd1DV7DbodEAROf5gGdL3ooh3B3gWNhA6dgPldZflGpXlFnPqcbruVSO4QQdLJn
    gIj6+WQgJo7RrL2WEdNhmEM+dkUHLX22CZhDvWwK0mr0p711GaAl7b36ys6RDfiE
    yy0xjK6+50iwfqv+eha1wplL3bV92sm+8RA5wiCY7gY2Zbt8GGDaOMeP5Za8Fqk7
    xhjJNQDRs8W7QSKBM8R72ljr5mcWujdr6qDtCG5XtzD/fmKev4rptBUphKcTFbc6
    apHk178ET8xUBcdNZZtgXOhvmPZ85HxLJGyYxVi7ZBCL+YasGQIYGZMzUV58AMht
    jBdSEK5MQrrSLvodZ+TWdd0cMOQlU6inpfPjUH69aAbvksvNJcgM6fPlz5uidUIY
    HFCcI+z1QYtMnf5x9G9F2iQCcVlnS9xJC/Er31XlwCFsKKtaxQPJlnl/kWxtR1vl
    bLU/gxSUYFAOQlWqUDsGW4ObnZbBcFJ9J7exLDKI7dMIYP7WwSdsgW1SfXGt/75V
    MyL1Rt1Oiu9oKRQXBQw6gf26W1ciKBxUquLMfItIcWTmlHy1Zwoi97in57PayYKq
    AL8=
    =N3+w
    —–END PGP PUBLIC KEY BLOCK—–

 

 

]]> http://labs.p1sec.com/2013/07/27/p1-security-cert-is-open/feed/ 0