1. Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution
(Home/General)

...low remote code execution if a specially crafted TNEF message is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could take complete control of the af...

2. Top security suites fail exploit tests
(Home/General)

... published last week which down-played the effectivneess of current security suites in mitigating current attacks. I find it amazing to see big names falling into those performance numbers. Check it o...

3. Cyber Attack Hits Georgian President’s Phone Call with CNN
(Home/General)

...President Saakashvili apologized for the missed connection earlier blaming the problem on a “cyber attack” against the Georgian VoIP phone system. Check it out here . ...

4. Risks in the Enterprise Deconstructed conclusion
(BleedingVoIP Security Series/Security Series)

...is wormhole is checked and checked again for potential risks. One would ask, is it feasible that an attacker would gain proper credentials to a enterprise VPN, let alone have access to a softpho...

5. Risks in the Enterprise Deconstructed continued
(BleedingVoIP Security Series/Security Series)

...our trunk point on your vulnerable call manager. Introduce a IDS/IPS to detect/mitigate against attacks across VoIP protocols such as SIP, Skinny  or UNIStim. Lastly put in a box tha...

6. New VOIP 'Call-Jacking' Hack Unleashed
(Home/General)

Now there's a way for attackers to hijack a user's voice-over-IP service: "call-jacking" could let the bad guys launch sophisticated phishing attacks as well as perpetrate lucrative toll

7. VoIP attacks decreasing or increasing in new year?
(Home/General)

While the author present some known facts, he is strongly mistaken in his point that there will be less attacks because many VoIP installations are in corproate networks and they run proprietary proto

8. My Opinion - Security. Do more and ignore less.
(Home/General)

...es financially palatable to look into compromising these systems. It adds up to one inevitability: VoIP attacks are going to occur. Everyone should be asking themselves, whether the preventive meas...

9. IPsec in VoIP Networks
(VoIP Whitepapers/General Articles)

...mportant as high profile fraud cases hit the press. Strong authentication of users helps mitigate these attacks, a fact recognised by 3GPP in the IMS security framework. But 'VoIP over IPsec' poses...

10. Proactive Approach to Security
(VoIP Whitepapers/General Articles)

...n VoIP and traditional data networks is required. This document examines these differences, new types of attacks, and provides a comprehensive security architecture for VoIP networks in the context...

11. Risks in the Enterprise Deconstructed
(BleedingVoIP Security Series/Security Series)

...s is that the majority do not implement proper security; the majority are susceptible to ARP spoofing attacks, whereby an attacker can emulate an endpoint with the proper custom software. The is...

12. VoIP in the News
(VoIP Buzz/VoIP News)

...h $52k Phone Bill. Business owner hacked 2008.12.19 Various Attacks FBI warns of flawed Asterisk, Criminals exploiting. ...

13. Blogs
(Community/Blogs)

...y blog Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, and other related guidance and information. VoIPsa Blog &nb...

14. Overview
(VoIP Security/General)

...s each facet of the aforementioned requirements. For example, on the data side, Denial of Service (DoS) attacks often result a system being unusable for extended periods of time. On the VoIP side, ...