Security Central Attacks
Here is a Select Sub-set of Zero-day Vulnerabilities where RedShift, Threat Intelligence and Condor Labs Identified and Helped Operators Protect Their Networks
These flaws in software, hardware or firmware represent an unknown exploit in the wild that exposes a vulnerability where malicious activity, fraud and theft can occur. These previously unknown weaknesses are often exploited and attackers release malware before a developer team can create a patch to fix the zero-day vulnerability.
- September 21, 2020 – Social Engineering Hack Demonstrates Requirement for VoIP Threat Intelligence Analytics
- August 17, 2020 – Q3 2020 SIP Botnet Security Intelligence Report
- August 3, 2020 – RedShift Networks Security Advisory: Ransomware attack on call centers
- August 3, 2020 –
RedShift Networks Security Advisory: Ataques de Ramsomware en Centrales de llamadas - July 21, 2020 – Asterisk – Vulnerability in Sangoma Asterisk 13.x, 16.x, and 17.x.
- July 15, 2020 – Cisco – Vulnerability in Session Initiation Protocol (SIP) library of Cisco IOS Software and Cisco IOS XE Software
- July 15, 2020 – Mitel – Vulnerability in wireless devices Firmware 8.0 and 8.12
- July 15, 2020 – Huawei – Vulnerability in the SIP Module of Some Huawei Products
- July 15, 2020 – Mitel – Vulnerability in 6800 and 6900 SIP series phones
- July 15, 2020 – Asterisk – Vulnerability SIP request can change address of a SIP peer
- July 15, 2020 – Cisco – Vulnerability in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software
- July 15, 2020 – Cisco – Vulnerability in IOS XE Software cause a device to reload
- July 15, 2020 – Snapdragon – Vulnerability improper input validation
- July 15, 2020 – Snapdragon – Vulnerability in buffer overread
- May 21, 2020 – RedShift Networks Security Advisory: Rise in voice conference join attacks due to COVID-19
- March 21, 2020 – RedShift Networks Security Advisory: Rise in voice attacks on a global level during COVID-19 pandemic
- November 18, 2019 – Junos – Vulnerability in the SIP ALG packet Junos OS: 12.3X48
- November 18, 2019 – Junos – Vulnerability on MX Series 16.1
- November 18, 2019 – Cisco – Vulnerability Cisco IP Phone 8800 Series devices
- November 18, 2019 – Cisco – Vulnerability in library of Cisco IOS and IOS XE Software
- September 26, 2019 – Arcadyan – Vulnerability in SLT-00 Star (aka Swisscom Internet-Box) reconfiguration of the static routing table
- September 26, 2019 – Huawei – Vulnerability in CloudLink Phone 7900 insufficient TLS certificate verification MITM attacks
- September 26, 2019 – Cisco – Vulnerability in Cisco IP Phone 8800 Series allow an unauthenticated remote attacker to cause high disk utilization
- September 26, 2019 – Cisco – Vulnerability in Cisco IP Phone 8800 Series allow an unauthenticated remote attacker to write arbitrary files to the filesystem
- September 26, 2019 – Cisco – Vulnerability in Cisco IP Phone 8800 Series allow an unauthenticated remote attacker to conduct a cross-site request forgery (CSRF) attack
- September 26, 2019 – Cisco – Vulnerability in Cisco IP Phone 8800 Series could allow an unauthenticated attacker to bypass authorization
- September 26, 2019 – Cisco – Vulnerability in Cisco IP Phone 7800 and 8800 Series improperly validates user-supplied input during user authentication
- September 26, 2019 – Cisco – Vulnerability in Cisco SPA112, SPA525, and SPA5X5 Series
- September 26, 2019 – Cisco – Vulnerability in Cisco Meeting Server in specific coSpace parameters
- September 26, 2019 – Asterisk – Vulnerability in pointer dereference in chan_sip while handling SDP negotiation
- September 26, 2019 – Asterisk – Vulnerability in res_http_websocket.c
- September 26, 2019 – Asterisk – Vulnerability
- September 19, 2019 – Zenitel – Vulnerability in Norway IP-StationWeb
- September 19, 2019 – Asterisk – Vulnerability in Digium Buffer overflow in DNS SRV and NAPTR lookups
- September 19, 2019 – Asterisk – Stack consumption Vulnerability in the res_http_websocket.so module of Asterisk
- September 19, 2019 – Yealink – Vulnerability in Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) path information
- September 19, 2019 – Yealink – CSRF Vulnerability in Ultra-elegant IP Phone SIP-T41P
- September 19, 2019 – Yealink – Vulnerability in Ultra-elegant IP Phone SIP-T41P
- September 18, 2019 – FreePBX – Vulnerability in FreePBX core
- September 18, 2019 – Mitel – Vulnerability in MiVoice 5330e VoIP device
- September 18, 2019 – Asterisk – Vulnerability in Open Source 15.x
- September 18, 2019 – D-Link – Vulnerability in DWR series
- September 17, 2019 – Juniper – Vulnerability in Junos OS SRX Series devices
- September 10, 2019 – Cisco – Vulnerability in Cisco IP Phone 7800 Series and 8800 Series by altering the SIP replies
- September 10, 2019 – Cisco – Vulnerability in Session Initiation Protocol (SIP) protocol implementation of Cisco Unified Communications Manager
- September 10, 2019 – Cisco – Vulnerability in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) CPU usage
- September 10, 2019 – Cisco – Vulnerability in Cisco Meeting Server (CMS) software
- September 9, 2019 – Cisco – Vulnerability in Cisco IP Phone 7800 Series and 8800 series with malicious XML payload
- September 9, 2019 – Asterisk – Vulnerability Buffer overflow in Digium
- September 9, 2019 – Polycom – Vulnerability in Polycom VVX 500 and 601
- September 9, 2019 – Kamailio – Vulnerability an invalid header causes a segmentation fault and crashes
- September 7, 2019 – Cisco – Vulnerability in Cisco (ASA) and (FTD) Software
- September 7, 2019 – Kamailio – Vulnerability double “To” header
- September 5, 2019 – Asterisk – Vulnerability specific ACL rules block a SIP request
- August 30, 2019 – Cisco – Vulnerability in Cisco IOS XE Software
- August 30, 2019 – Cisco – Vulnerability in Cisco Small Business SPA514G IP Phones
- August 30, 2019 – Cisco – Vulnerability in Cisco denial of service (DoS) by sending high volumes of SIP INVITE traffic
- August 30, 2019 – Cisco – Vulnerability in Cisco IP Phone 7800 and 8800 Series dropped calls
- August 30, 2019 – Cisco – Vulnerability in Cisco IP Phone 6800, 7800, and 8800 Series allow to reload phone unexpectedly
- August 30, 2019 – Cisco – Vulnerability in Cisco application server allow DoS
- February 26, 2018 – Asterisk vulnerability allows remote authenticated user, results in target service crash
- February 26, 2018 – Asterisk vulnerability Open Source and Certified Asterisk allow Buffer Overflow
- December 25, 2017 – Bug in PJSIP allow Remote Unauthenticated Sessions
- November 30, 2017 – Vulnerability in Cisco IP Phone 8800 Series allow DoS
- November 17, 2017 – PJSIP – Vulnerability in (pjlib and pjlib-util) allow potential to overflow
- October 20, 2017 – Bug in Cisco Small Business SPA51x Series IP Phone allow DoS
- October 20, 2017 – Bug in the implementation of (SIP) functionality in Cisco SPA50x, SPA51x, and SPA52x Series IP Phones
- September 15, 2017 – VOIP Security Risks and Countermeasures
- August 15, 2017 – Vulnerability in (SIP) on the Cisco TelePresence (VCS) allow DoS
- June 13, 2017 – Vulnerability in Cisco IP Phone 8800 Series allow remote attacker to cause a DoS
- June 8, 2017 – Vulnerability in Cisco TelePresence Endpoint allow a remote DoS
- June 3, 2017 – Security Threats in VOIP
- May 19, 2017 – VOIP Security with Asterisk
- April, 28, 2017 – The Terrible state of VOIP Security
- April 10th, 2017 – SnapShot – Stopping attacks that disrupts Voice Communications
- February 16, 2017 – VOIP Hacks on the rise
- February 14, 2017 – VoIP Security Guide and Protection Checklist
- January 17, 2017 – What Makes Your SIP Vulnerable to Attack
- January 17, 2017 – Avoid voice attacks with Security Update
- January 17, 2017 – What Makes your VOIP susceptible to attacks
- January 3, 2017 – Cloud VOIP operators indicating that attacks are growing
- November 30, 2016 – IBM warns of rising VOIP attacks
- October 6, 2016 – VOIP Security Risks and Countermeasures
- August 22, 2016 – Threat Intelligence report for the telecommunications industry
- August 18, 2016 – Security Threats in VOIP
- June 22, 2016 – VOIP vulnerabilities protection against evolving threats
- February 13, 2016 – Are You The Only One Using Your VOIP Phone
Real-time VoIP Security Analytics
Protects Against More Than 40,000 VoIP Threats & Attacks