Black Hat USA 2025 | 2 Cops 2 Broadcasting: TETRA End-To-End Under Scrutiny
Researchers from Midnight Blue reverse-engineered Tetra end-to-end encryption, exposing a backdoor cipher named TEA1 that provides only 32 bits of security instead of the advertised 80 bits. The team identified 12 additional CVEs in base stations and mobile devices, including a key stream recovery attack that breaches confidentiality and integrity regardless of the deployed cipher. While ETSI revised standards and governments initiated large-scale patching, the investigation revealed that non-European users face intentionally weakened algorithms compared to European public safety groups. The researchers successfully achieved arbitrary code execution on Sepura Tatchron radios to extract nearly all secret key material, demonstrating that current end-to-end encryption implementations remain critically vulnerable to physical access attacks.
An initiative to secure the world's software | Project Glasswing
Project Glasswing deploys the Cloud Mythos Preview model to identify and patch critical software vulnerabilities before adversaries exploit them. This autonomous AI system, trained on code generation, has already discovered a 27-year-old flaw in OpenBSD and privilege escalation bugs in Linux that human researchers missed. By partnering with major platform maintainers and U.S. government officials, the initiative aims to chain multiple low-severity vulnerabilities into complex exploits for defensive testing. The program prioritizes securing operating systems and open-source infrastructure to protect global financial transactions and critical infrastructure from emerging AI-driven threats.