- 10 Hot Big Data Startups to Watch
- 11 Unique Uses for Google Glass, Demonstrated by Celebs
- How to Export Your Google Reader Account
- How to Better Engage Millennials (and Why They Aren't Really so Different)
Network World - At an upcoming conference in Australia, security firm HackLabs is expected to demonstrate how hackers perform VoIP attacks and identify weaknesses in Cisco and other manufacturers VoIP phones.
HackLabs director Chris Gatford has not responded to questions about exactly what type of Cisco VoIP phones and systems will be subject to close examination for security weaknesses. The AusCERT 2011 presentation that HackLabs will do next week is described as "a one-day tutorial" of intensive, hands-on training in which "participants will learn how hackers perform VoIP Attacks and how to remediate common vulnerabilities. Attendees will learn how hackers can methodically gain entry access to an organization's telephony systems to steal information and abuse services."
A spokesman for Cisco says the company has "reached out to the conference organizers and speakers for more details. At this point we have no information to suggest any undisclosed product vulnerabilities, but we will assess any new information and respond in line with our well-established process for the public reporting of security vulnerabilities," which are identified here.
The Cisco spokesman adds, "It's important to note that the presenters' public comments reference the importance of securing IP phones in line with the manufacturer's installation and configuration recommendations, and we support this message and recommend it as best practice for our customers."
Demonstrations by security firms on how to attack VoIP phones in order to gain unauthorized use or attack the VoIP network and endpoints is nothing new. Many Black Hat Conference demonstrations in the past have focused on this as a topic.
At AusCERT 2011 next week, HackLabs, which specializes in penetration testing, could stick to discussing "implementation mistakes" or might disclose new information about vulnerabilities that would require remediation of VoIP equipment in some way.
Read more about security in Network World's Security section.