Tag: voip

EOL-Software gefährdet Unternehmenssicherheit

Nov 13, 2025 7:50 PM

Tags: access, ai, ciso, cloud, endpoint, firewall, firmware, grc, group, Hardware, intelligence, international, Internet, iot, linux, mfa, network, risk, router, software, update, voip, vulnerability, windows, zero-day

Geräte mit End-of-Life-Software (EOL) stellen nach wie vor ein weit verbreitetes Sicherheitsproblem in Unternehmen dar.Laut einer Studie von Palo Alto Networks laufen 26 Prozent der Linux-Systeme und acht Prozent der Windows-Systeme mit veralteten Versionen. Die Ergebnisse basieren auf Telemetriedaten von 27 Millionen Geräten in den Netzwerken von 1.800 Unternehmen.Die Analyse offenbart zudem, dass 39 Prozent…
DTTS – Zero Trust DNS Enforcement: Policy Violation Management

Oct 23, 2025 8:26 PM

Tags: apple, attack, business, communications, control, data, dns, endpoint, google, group, Internet, least-privilege, microsoft, mobile, network, phone, service, threat, tool, update, voip, vpn, wifi, zero-trust

In a default-deny world, where only verified sources and verified destinations are allowed, which require a successful policy-allowed DNS resolution, many modern threats are mitigated, and there’s demonstrable value in choosing this path, including being able to enforce “My network, my rules” approach to egress control. However, in this world where existing applications need to…
FreePBX SQL Injection Vulnerability Leads to Database Tampering

Oct 8, 2025 10:50 AM

Tags: cyber, exploit, injection, open-source, sql, voip, vulnerability

A critical SQL injection vulnerability in FreePBX, designated as CVE-2025-57819, has been actively exploited by attackers to modify the database and achieve arbitrary code execution on vulnerable systems. The vulnerability affects the popular open-source PBX platform that provides a web-based administration interface for managing Asterisk VoIP systems across all supported versions including FreePBX 15, 16, and…
New VoIP Botnet Targets Routers Using Default Passwords

Jul 25, 2025 11:27 AM

Tags: attack, botnet, cyber, cybersecurity, exploit, intelligence, malicious, password, router, voip

Cybersecurity researchers have uncovered a sophisticated botnet operation exploiting VoIP-enabled routers through default password attacks, with initial activity concentrated in rural New Mexico before expanding globally to compromise approximately 500 devices. The discovery began when GreyNoise Intelligence engineers noticed an unusual cluster of malicious IP addresses originating from a sparsely populated region of New Mexico…
PDFs: Portable documents, or perfect deliveries for phish?

Jul 2, 2025 12:34 PM

Tags: attack, phishing, qr, social-engineering, voip

A popular social engineering technique returns: callback phishing, or TOAD attacks, which leverage PDFs, VoIP anonymity and even QR code tricks. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/pdfs-portable-documents-or-perfect-deliveries-for-phish/
Report: Next-Gen 911 Systems are Outpacing Cyber Defenses

Jun 18, 2025 12:54 AM

Tags: attack, cloud, cyber, cybersecurity, defense, ransomware, voip

Research Shows Next-Generation 9-1-1 Ecosystems Lack Critical Cyber Protections. A report from telecom firm Intrado warns that cybersecurity safeguards are lagging behind the rapid deployment of next-generation 911 systems, exposing the emergency ecosystem to attacks ranging from VoIP floods to ransomware amid growing reliance on cloud-based and IP-connected technologies. First seen on govinfosecurity.com Jump to…
Threat Actors Leverage Multimedia Systems in Stealthy Vishing Attacks

May 9, 2025 4:10 PM

Tags: attack, cyber, exploit, Internet, phishing, phone, service, social-engineering, tactics, threat, voip

Threat actors have begun exploiting multimedia systems as a pivotal component of their voice phishing (vishing) attacks. Unlike traditional vishing schemes that rely solely on spoofed phone numbers and social engineering tactics, these advanced operations integrate compromised multimedia platforms, such as VoIP (Voice over Internet Protocol) systems and streaming services, to orchestrate highly convincing and…
Threat Actors Accelerate Transition from Reconnaissance to Compromise New Report Finds

Apr 29, 2025 2:52 PM

Tags: api, attack, automation, cloud, cyber, cybercrime, data, data-breach, identity, technology, threat, tool, voip

Cybercriminals are leveraging automation across the entire attack chain, drastically reducing the time from reconnaissance to compromise. The data shows a staggering 16.7% global increase in scans, with over 36,000 scans per second targeting not just exposed ports but delving into operational technology (OT), cloud APIs, and identity layers. Sophisticated tools probe SIP-based VoIP systems,…
Local Privilege Escalation via Unquoted Search Path in Plantronics Hub

Mar 14, 2025 2:52 PM

Tags: exploit, software, voip, vulnerability

This blog post describes an unquoted search path vulnerability and its exploitation in the Plantronics Hub software. This client software is used to configure Plantronics audio devices such as headsets. Plantronics Hub is therefore often additionally installed by VoIP or SIP software solutions to ensure compatibility between the headset and the telephony software. First seen…
Phishing Season 2025: The Latest Predictions Unveiled

Feb 10, 2025 7:55 PM

Tags: access, ai, attack, authentication, automation, cloud, communications, control, credentials, cyber, cyberattack, cybercrime, cybersecurity, data, defense, detection, election, email, exploit, finance, google, government, group, infrastructure, intelligence, login, malware, mfa, mobile, network, passkey, phishing, ransomware, risk, service, social-engineering, strategy, tactics, technology, threat, tool, update, voip, vulnerability, zero-trust

Every year, cybercriminals sharpen their tools and refine their tactics to exploit network and security vulnerabilities. Gone are the days of clumsy emails with glaring typos and suspicious attachments. Instead, we face an era of new sophistication. No longer just stealing credentials, attackers are creating intricate digital narratives that make it difficult to distinguish friend…
Robocallers posing as FCC fraud prevention team call FCC staff

Feb 5, 2025 11:05 PM

Tags: fraud, service, voip

The FCC has proposed a $4,492,500 fine against VoIP service provider Telnyx for allegedly allowing customers to make robocalls posing as fictitious FCC “Fraud Prevention Team,” by failing to comply with Know Your Customer (KYC) rules. However, Telnyx says the FCC is mistaken and denies the accusations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/robocallers-posing-as-fcc-fraud-prevention-team-call-fcc-staff/
Mitel MiCollab VoIP authentication bypass opens new attack paths

Dec 5, 2024 10:48 PM

Tags: access, advisory, apache, apt, attack, authentication, cve, exploit, flaw, injection, linux, phone, software, sql, unauthorized, update, voip, vulnerability

Security researchers have discovered a new issue in the Mitel MiCollab enterprise VoIP platform that allows attackers to access administrative features without authentication.The discovery was made by researchers from security firm watchTowr back in May while trying to replicate a different vulnerability that Mitel patched at the time (CVE-2024-35286). The new issue is a path…
Mitel MiCollab VoIP Software: Zero-Day Vulnerability Alert

Dec 5, 2024 7:48 PM

Tags: china, hacker, software, update, voip, vulnerability, zero-day

No Patch Yet Available for Second Zero Day To Be Recently Found in VoIP Software. Security researchers warn of a newly discovered zero-day vulnerability in widely used VoIP telephony software, a discovery that comes as the United States struggles to evict Chinese nation-state hackers from telecom networks. The software is the MiCollab software suite from…
Vishing, Wangiri, and Other VoIP Fraud Tactics On the Rise

Nov 19, 2024 11:55 PM

Tags: business, fraud, phone, tactics, voip

Protect your business from VoIP fraud. Learn how to recognize the most common types and harden your phone system security. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/voip-fraud/
Sicherheitsupdates: Root-Attacken auf VoIP-Adapter von Cisco möglich

Oct 23, 2024 9:26 PM

Tags: cisco, voip

First seen on heise.de Jump to article: www.heise.de/news/Sicherheitsupdates-Root-Attacken-auf-VoIP-Adapter-von-Cisco-moeglich-9984192.html
The 5 Best VoIP Routers (Wired, Wireless, and Mesh)

Oct 2, 2024 11:37 AM

Tags: router, voip

First seen on techrepublic.com Jump to article: www.techrepublic.com/article/best-voip-routers/
5 Compelling Reasons Not to Manage Your Own VoIP Server

Sep 26, 2024 12:13 PM

Tags: voip

First seen on techrepublic.com Jump to article: www.techrepublic.com/article/voip-server/
Angreifer können Ciscos VoIP-System Unified Communications Manager lahmlegen

Aug 29, 2024 10:35 AM

Tags: cisco, communications, voip

First seen on heise.de Jump to article: www.heise.de/news/Angreifer-koennen-Ciscos-VoIP-System-Unified-Communications-Manager-lahmlegen-9843447.html
A Look at the Riskiest Connected Devices of 2024

Jun 17, 2024 8:02 PM

Tags: automation, risk, voip

VoIP gear, hypervisors, medical equipment, building automation, printers, and more pose broad risk to organizations, with many facing danger from a co… First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/riskiest-connected-devices-2024
Cisco Duo Data Breach: Hackers Stolen VoIP SMS for MFA

Apr 17, 2024 9:16 AM

Tags: authentication, breach, cisco, data, data-breach, hacker, mfa, service, voip

Cisco’s Duo Security, a leading multi-factor authentication (MFA) service, has suffered a significant data breach. The April 1, 2024, incident involve… First seen on gbhackers.com Jump to article: gbhackers.com/cisco-duo-data-breach/
Cisco Duo warns third-party data breach exposed SMS MFA logs

Apr 16, 2024 9:16 PM

Tags: authentication, breach, cisco, cyberattack, data, data-breach, hacker, mfa, voip

Cisco Duo’s security team warns that hackers stole some customers’ VoIP and SMS logs for multi-factor authentication (MFA) messages in a cyberattack o… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-duo-warns-third-party-data-breach-exposed-sms-mfa-logs/
Hackers Claim 740GB of Data Stolen from Viber VOIP Platform

Mar 15, 2024 8:29 AM

Tags: breach, data, service, voip

Viber, known for its encrypted messaging and voice services, boasts millions of users worldwide who rely on its platform for secure communication. The… First seen on gbhackers.com Jump to article: gbhackers.com/hackers-claim-of-data-stolen/
FCC Requires Telecom & VoIP Providers to Report PII Breaches

Feb 13, 2024 11:29 PM

Tags: breach, voip

First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/fcc-requires-telecom-voip-providers-to-report-pii-breaches
VoIP Firm XCast Agrees to Settle $10m Illegal Robocall Case

Jan 3, 2024 11:05 AM

Tags: voip

First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/voip-xcast-settles-10m-illegal/
VoIP-Dienst: Sicherheitsleck machte Skype-Konten angreifbar…

Nov 14, 2012 7:27 PM

Tags: voip

First seen on http: Jump to article: spon.de/adNMu
[Video] VoIP PBX Phone Call Sniffing

Aug 17, 2012 7:35 PM

Tags: phone, voip

The following video is an archive form Clubhack demonstrated by Nishant Das Patnaik. In this video the author is performing VoIP PBX Phone Call Sniffi… First seen on http: Jump to article: feedproxy.google.com/~r/SecurityTube/~3/hzkR9IQr24I/5454
Heise: FBI wirbt bei Internet-Größen für Abhörschnittstellen

Aug 12, 2012 10:00 PM

Tags: Internet, voip

Die US-Bundespolizei FBI fordert offenbar die schnelle Einrichtung von Abhörschnittstellen in sozialen Netzen, VoIP-Telefonie, Instant-Messaging und b… First seen on http: Jump to article: www.heise.de/newsticker/meldung/FBI-wirbt-bei-Internet-Groessen-fuer-Abhoerschnittstellen-1568784.html