Friday, November 25, 2011

Cisco VoIP phones part of security weakness demo

Security firm HackLabs is expected to demonstrate at AusCERT 2011 how hackers perform VoIP (Voice over Internet Protocol) attacks and identify weaknesses in Cisco and other manufacturers VoIP (Voice over Internet Protocol) phones.

HackLabs director Chris Gatford has not responded to questions about specifically what type of Cisco VoIP phones and systems will be subject to close examination for security weaknesses. The AusCERT 2011 presentation that HackLabs will do at once week is described as "a one-day tutorial" of intensive, hands-on training in which "participants will learn how hackers perform VoIP Attacks and how to remediate common vulnerabilities. Attendees will learn how hackers can methodically gain entry access to an organization's telephony systems to steal information and abuse services."

The conference session description says the HackLabs attacks will focus on Cisco phones, Cisco Call Manager and Microsoft Office Communicator.

The Cisco spokesman adds, "It's important to note that the presenters' public comments reference the importance of securing IP phones in line with the manufacturer's installation and configuration recommendations, and we support this message and recommend it as best practice for our clients."

Demonstrations by security firms on how to attack VoIP phones in order to gain unauthorized use or attack the VoIP network and endpoints is nothing new. Many Black Hat Conference demonstrations in the past have focused on this as a topic.

At AusCERT 2011 then and there week, HackLabs, which specializes in penetration testing, could stick to discussing "implementation mistakes" or might disclose new information about vulnerabilities that would require remediation of VoIP equipment in some way.


View the original article here

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...