Home - Bleeding VoIP - The Authority on all things VoIP. Where the edge bleeds.

The good stuff

Risks in the Enterprise Deconstructed conclusion BleedingVoIP Security Series continues its analysis of security in the enterprise; we take a look ... Read more...

Risks in the Enterprise Deconstructed continued BleedingVoIP Security Series continues its analysis of security in the enterprise; we take a look ... Read more...

Computer Hacker Fugitive Extradited for Cybercrimes Relating to VOIP Telephone Services

Wednesday, 13 January 2010
A Venezuelan citizen arrested in Mexico last February on hacking and wire fraud charges has been extradited and is expected to appear in court tomorrow in New Jersey, U.S. Attorney Paul J. Fishman, announced. Edwin Pena, 26, is scheduled to appear tomorrow at 2 p.m. before U.S. Magistrate Judge Claire C. Cecchi for an initial appearance. I had some experience with this case. Check it out here .

Hackers leave firm with $80,000 phone bill

Tuesday, 18 August 2009

OTTAWA-Leah Loewn-Colpitts rarely sees her monthly long-distance charges top $10 at the Adventure Travel branch she manages in Ottawa.

But in just one weekend, hackers were able to burn through more than $80,000 of charges routed through a fake 1-900 number, before one of the carriers managing the network line noticed the suspicious activity and shut it down. Check it out here .

Should vendors have to PAY a security research firm to receive detailed vulnerability disclosure?

Wednesday, 08 July 2009
A good discussion going on related to security research firms charging for security vulnerability I.P. versus releasing it to the vendors for free. Check it out here . Feel free to comment.

NSA-Funded 'Cauldron' Tool Goes Commercial

Wednesday, 27 May 2009
A vulnerability analysis tool used by the National Security Agency (NSA) and U.S. Department of Homeland Security is now commercially available for enterprises that want to either make sense of their reams of vulnerability data or trace an actual data breach. Check it out here .

Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution

Tuesday, 10 February 2009

This security update resolves two privately reported vulnerabilities in Microsoft Exchange Server. The first vulnerability could allow remote code execution if a specially crafted TNEF message is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could take complete control of the affected system with Exchange Server service account privileges.

The second vulnerability could allow denial of service if a specially crafted MAPI command is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could cause the Microsoft Exchange System Attendant service and other services that use the EMSMDB32 provider to stop responding. Check it out here .

Hacked Business Owner Stuck With $52k Phone Bill

Friday, 19 December 2008
A Canadian business man is on the hook for a $52,000 phone bill after someone hacked into his voice mail system and found a way to dial out. The hacker racked up the charges with calls to Bulgaria. Check it out here .

FBI: Criminals Auto-Dialing with Hacked VoIP Systems

Monday, 08 December 2008
Criminals are taking advantage of a bug in the Asterisk Internet telephony system that lets them pump out thousands of scam phone calls in an hour, the FBI warned Friday. The flaw is overblown by the FBI as usual, however still pertinent. Check it out here .

More...

Syndicate

The good stuff