Blog Posts Tagged with "VoIP"

C834d47d31dd1a1b3371bda639105c59

The Forgotten Security Frontier: The Phone Call

January 23, 2017 Added by:Myk Konrad

The reality is that office voice communications are not going away any time soon. In fact, with the popularity of UC, we’re seeing the role of the UC mobile client increase to handle live video, text messages and more.

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Wireshark: Listening to VoIP Conversations from Packet Captures

June 24, 2012 Added by:Dan Dieterle

A lot of telephones and communication devices now use VoIP to communicate over the internet. I was wondering how hard it would be to listen to a VoIP phone call if you had a packet capture that included the call. Well, come to find out, it is not hard at all. The feature is built into Wireshark - here's how...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Follow Up to the Out of Band Authentication Post

May 16, 2012 Added by:Brent Huston

Sadly, there are more than a few who are struggling to get OOBA right or done at all. As with most things, it helps to do a little research. Organizations should perform due diligence on their vendors and factor vendor risks into the equation of purchases and project planning...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Financial Organizations Struggle with Out of Band Authentication

May 09, 2012 Added by:Brent Huston

Financial organizations have been working on implementing out of band authentication (OOBA) mechanisms for specific kinds of money transfers such as ACH and wires. While this authentication method does add some security to the process, it does not come without its challenges...

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Don’t Forget about VoIP Exposures and PBX Hacking

April 24, 2012 Added by:Brent Huston

There are now a variety of tools, exploits and frameworks built for attacking VoIP installations and they are a target for both automated tools and manual hacking. Access to VoIP systems can provide a great platform for intelligence, recon, industrial espionage and toll fraud...

Comments  (0)

0f57a863af3b7e5bf59a94319a408ff7

Prevent VoIP Toll Fraud with Proper Configurations

February 22, 2012 Added by:Enno Rey

Unfortunately the attacker was able to circumvent our first workaround. We discovered that it was possible to “dial-in” to the router directly by calling the head number. As a long-term solution the configured dial patterns have to be modified to prevent such things in the future...

Comments  (0)

A88973e7d0943d295c99820ab9aeed27

VoIP: The Danger of Open Ports

January 25, 2012 Added by:Simon Heron

The Sipera UC-Sec 100 device is designed to withstand such attacks but many IP-PBX’s are not. If these attacks had been launched against an undefended and vulnerable system, it would have been possible for the hacker to register as an authorized user of the system...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

VoIP Vendor Ooma Outage: No DoS Attack Involved

August 18, 2011 Added by:Headlines

Customer services were interrupted by a power failure at the company's data center while their corporate website was simultaneously experiencing excessive traffic levels that was initially reported to have been caused by a denial of service (DoS) attack...

Comments  (1)

3e35900ae6facc6c146a85c435c71d82

Surveillance or Security? New Wiretapping Technologies

July 20, 2011 Added by:Ben Rothke

Far too many books on privacy and surveillance are filled with hysteria and hyperbole and the threat of an Orwellian society. This book sticks to the raw facts and details the current state, that of insecure and porous networks around a surveillance society...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

Congress to Use Skype Despite Security Concerns

June 29, 2011 Added by:Headlines

Members of Congress will now be allowed to use Skype video conferencing on government networks. The announcement comes on the heels of revelations that Microsoft had filed a application in 2009 seeking to patent technology that allows for surreptitious recording of Skype transmissions...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

VoIP and PCI Compliance

June 15, 2011 Added by:PCI Guru

When you start talking to security people about VoIP security, their knee-jerk response is to tell you that VoIP is secured by the corporate firewall. However, given that the VoIP protocols are stateless, even being behind a firewall really does not provide any protection...

Comments  (1)

E94a37c9b33d6a973b40a831d810b0c6

ZRTP Voice Encryption is Finally a Standard RFC

April 13, 2011 Added by:Fabio Pietrosanti

A new wave is coming to the voice encryption world, erupting to fill a gray area where most of the companies doing phone encryption have been implementing custom systems. Now a standard has been setup and there are few reasons left to continue implementing anything different...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Privacy International Warns of Skype Security Concerns

March 18, 2011 Added by:Headlines

"If the company cannot address and resolve these issues for those who are seeking secure communications, then vulnerable users will continue to be exposed to avoidable risks. Skype's misleading security assurances continue to expose users around the world to unnecessary and dangerous risk..."

Comments  (2)

850c7a8a30fa40cf01a9db756b49155a

Utilizing Forensics and Honeypots for VoIP Security

February 24, 2011 Added by:J. Oquendo

It's a game of sorting out what possible accounts exist on a machine, and which accounts can have a dictionary attack launched against them. The vast majority of attackers will use yet another SIPVicious tool called svcrack against a machine they've scanned and constructed an account list for...

Comments  (0)

A88973e7d0943d295c99820ab9aeed27

Protecting Unified Communications and VoIP

February 16, 2011 Added by:Simon Heron

SBCs are critical to the deployment of VoIP networks. They allow the voice and other real-time traffic to work through firewalls that implement network address translation (NAT). However, they are not designed to provide security features required by enterprises...

Comments  (2)

850c7a8a30fa40cf01a9db756b49155a

Why Fail2Ban Can Fail With VoIP

January 26, 2011 Added by:J. Oquendo

So an attacker launched a scan, who cares, it happens and even if I outright blacklist him, odds are, he is on a throwaway address or compromised host. Nevertheless he scans. At some point in time, he WILL come across the honeypot I left in plain sight for him...

Comments  (0)

Page « < 1 - 2 > »