5 VoIP threat predictions for 2008
Posted on 16 January 2008.
Sipera VIPER Lab today revealed its Top 5 VoIP Threat Predictions for 2008. As with its "Top 5 VoIP Vulnerabilities in 2007" list, the Sipera VIPER team leveraged its own extensive research and examined reports to determine the VoIP/UC threats with the greatest potential impact in 2008.



Based on industry trends that include major IP telephony vendors offering SIP solutions, enterprises deploying VoIP and unified communications (UC) beyond the traditionally secure perimeter, and service providers aggressively embracing fixed mobile convergence (FMC), Sipera VIPER Lab's Top 5 VoIP Threat Predictions for 2008 are:

1) First and foremost, as enterprises deploy SIP Trunks and UC for the mobile workspace, denial of service (DoS) and distributed DoS attacks on VoIP networks will become an increasingly important issue.

2) HTTP or other third party data services running on VoIP end-points will be exploited for eavesdropping and other attacks.

3) The hacking community, experienced with exploiting the vulnerabilities in other Microsoft offerings, will turn its attention and tools towards Microsoft OCS - taking advantage of its UC connections to public IMs, email addresses and buddy lists to create botnets and launch attacks. As well, enterprise federation for OCS, a major productivity and business process enabler, will be a source of greater VoIP security risk since it exposes once closed networks to the risks found in other federations.

4) Hackers will set up more IP PBXs for vishing/phishing exploits. Vishing bank accounts will accelerate, due to ease of exploit and the appeal of "easy money."

5) VoIP attacks against service providers will escalate, using readily available, anonymous $20 SIM cards. With UMA becoming more widely deployed, service providers are, for the first time, allowing subscribers to have direct access to mobile core networks over IP, making it easier to spoof identities and use illegal accounts to launch a variety of attacks.





Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //