Looks like this can be broken into three parts.
First
Once they accessed the database, known as the Home Location Register (HLR), the researchers are able to determine which mobile provider a given subscriber uses, and then combine that with the caller ID data, giving them a profile of the subscriber.
But no details are given about how they got in. But really, this isn't that much more scary then a phonebook.
Second
They can spoof someone's mobile number, dial that same number using this dialing technique, and in many cases a call to a handset from that handset's number that goes to voice mail will bypass the voice-mail authentication mechanism.
I know my company, verizon, still requires your password even if you call from your number.
Third
builds upon earlier work on geolocation of GSM handsets and exposes a number of fundamental weaknesses in the architecture of mobile providers' networks.
But no further info is given...
Looks like there really isn't much news here except that maybe t-mobile doesn't require a password for voicemail if you call from your home phone number.