Cyber security is now critical in the telecoms industry as the deployment of 5G will lead to an increase in the potential attack surfaces.

cyber security, risk management

123RF

Bug bounty platform YesWeHack is partnering with ZTE to develop a bug bounty platform which will be used to cope with new security challenges brought by the 5G network commercialisation.

Through the platform, YesWeHack will invite over 30,000 global security researchers to secure ZTE's products further and discover vulnerabilities typically missed in traditional security audits.

Both YesWeHack and ZTE believe that the deployment of 5G will lead to an increase in the potential attack surfaces and threat landscape with the introduction of new technologies, techniques and capabilities.

In addition, the ability of 5G to support massive IoT connectivity introduces many times more devices connected to the network, presenting a wide-reaching and increased attack surface.

YesWeHack's large cyber security research community will help identify potential vulnerabilities in ZTE products.

This bug bounty program for ZTE products rewards up to $2000 for critical bugs in several product categories such as 5G Common Core, 5G NR, Fixed Network, Multimedia, Cloud Video, Cloud Computing, Database management Systems and Terminal products.

"The richness and diversity of the YesWeHack community offer the spectrum of skills required to cover the full range of perimeters, whether hardware or applications," said Kevin Gallerin, APAC Managing Director, YesWeHack.

During a keynote speech at Mobile World 2 Congress this year, Xu Ziyang, CEO of ZTE, highlighted the importance of intrinsic security: “Intrinsic security acts as a self-sensing, self-adaptive, and self-evolving immune system for networks. Built during network construction, it offers multiple security functions and can evolve automatically during network operation, thus constantly guaranteeing the security, services, and data."

Internet Explorer Channel Network


LATEST NEWS

NEWS RELATED

How deepfakes enhance social engineering and authentication threats

Cyber criminals are investing in deepfake technology to make social engineering and authentication bypass campaigns more effective.

Read more: How deepfakes enhance social engineering and authentication threats

Cloud security not keeping pace with changing APAC landscape

McAfee report shows that four countries in the region – India, Australia, Japan, and Singapore – are the most vulnerable in 2021, and it may get worse due to talent shortage

Read more: Cloud security not keeping pace with changing APAC landscape

Fortifying DNS security can better protect the healthcare sector

The large amounts of patient and insurance data used in healthcare has made the industry attractive to cyber breaches. DNS is one of the mostly commonly used attack vectors. How can we prevent them?

Read more: Fortifying DNS security can better protect the healthcare sector

3 steps partners should take to mitigate against renewed Nobelium threat

Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organisations integral to the global IT supply chain.

Read more: 3 steps partners should take to mitigate against renewed Nobelium threat

Reddit CISO Allison Miller builds trust through transparency

Miller joined the social media company in February 2021, assuming a range of responsibilities, from security and privacy to trust and safety, that reflect broadening of the CISO position itself -- a role she summarises as “keeping shenanigans from impacting a good user experience".

Read more: Reddit CISO Allison Miller builds trust through transparency

Should APAC businesses start moving to Zero Trust now?

The Zero Trust framework will enable an organisation to have full visibility of their networks and detect any unusual activity in a timely manner.

Read more: Should APAC businesses start moving to Zero Trust now?

Decline in ransomware claims could spark change for cyber insurance

New research indicates that ransomware attack and payment claims are in decline as resiliency takes priority for organisations.

Read more: Decline in ransomware claims could spark change for cyber insurance

Server-side request forgery attacks explained and how to defend against them

Server-side request forgery attacks can grant unauthorised access to web servers or cause damage and disruption. Defending against them can be relatively easy.

Read more: Server-side request forgery attacks explained and how to defend against them

Microsoft's very bad year for security: A timeline

How shape-shifting threat actors complicate attack attribution

Chinese APT group IronHusky exploits zero-day Windows Server privilege escalation

Key ASEAN markets top global ransomware ranking

Twitch breach highlights dangers of choosing ease of access over security

October is high season for cyber attacks as attackers exploit natural disasters

7 deadly sins of Salesforce security

Why device identity is the overlooked insider threat

OTHER NEWS