Security News

FTC sues VoIP provider over 'billions of illegal robocalls'
2023-05-16 00:27

A VoIP provider was at the heart of billions of robocalls made over the past five years that broke a slew of US regulations, from enabling telemarketing scams to calling numbers on the National Do Not Call Registry, it is claimed. Los-Angeles-based XCast Labs allowed robocalls from telemarketers to flow through its voice-over-IP network to folks despite multiple warnings over several years that many of the calls ran afoul of the America's Telemarketing Sales Rule, the FTC alleged in a 13-page complaint [PDF] filed May 12 in a California federal court.

9 VOIP security best practices to consider for your business
2022-11-21 17:10

As with all technology upon which businesses depend, there are security risks related to VOIP which companies must be aware of in order to protect their operations, employees and data. Keep track of all in-house or external systems that VOIP relies on as well as end user devices and the software involved.

Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks
2022-09-14 14:04

The operators behind the Lornenz ransomware operation have been observed exploiting a now-patched critical security flaw in Mitel MiVoice Connect to obtain a foothold into target environments for follow-on malicious activities. Lorenz, like many other ransomware groups, is known for double extortion by exfiltrating data prior to encrypting systems, with the actor targeting small and medium businesses located in the U.S., and to a lesser extent in China and Mexico, since at least February 2021.

Patch your Mitel VoIP systems, Lorenz ransomware gang is back on the prowl
2022-09-13 18:38

The Lorenz ransomware gang is exploiting a vulnerability in Mitel VoIP appliances to break corporate networks. Threat hunters with cybersecurity firm Arctic Wolf Labs recently found that Lorenz - a prolific group that has been around since at least early 2021 and lately is primarily targeting SMBs in the US, China, and Mexico - used a vulnerability in a MiVoice VoIP appliance from Mitel to get into a victim's network before deploying Microsoft's BitLocker Drive Encryption tool to encrypt the data.

Elastix VoIP systems hacked in massive campaign to install PHP web shells
2022-07-16 14:11

Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of three months. Security researchers at Palo Alto Networks' Unit 42 say that the attackers' goal was to plant a PHP web shell that could run arbitrary commands on the compromised communications server.

Massive campaign hits Elastix VoIP systems with 500,000 unique malware samples
2022-07-16 14:11

Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of three months. Security researchers at Palo Alto Networks' Unit 42 say that the attackers' goal was to plant a PHP web shell that could run arbitrary commands on the compromised communications server.

Hackers Targeting VoIP Servers By Exploiting Digium Phone Software
2022-07-16 06:33

VoIP phones using Digium's software have been targeted to drop a web shell on their servers as part of an attack campaign designed to exfiltrate data by downloading and executing additional payloads. "The malware installs multilayer obfuscated PHP backdoors to the web server's file system, downloads new payloads for execution, and schedules recurring tasks to re-infect the host system," Palo Alto Networks Unit 42 said in a Friday report.

Avaya sysadmin indicted for illegally generating, selling VoIP licenses
2022-06-29 18:44

Three defendants who allegedly sold over $88 million worth of software licenses belonging to Avaya Holdings Corporation have been charged in Oklahoma, U.S., facing 14 counts of wire fraud and money laundering. The defendants are accused of stealing software licenses from ADI and selling them to thousands of companies worldwide that used them to unlock features of "Avaya IP Office" telephone systems.

Mitel VoIP Bug Exploited in Ransomware Attacks
2022-06-28 12:42

Ransomware groups are abusing unpatched versions of a Linux-based Mitel VoIP application and using it as a springboard plant malware on targeted systems. The Mitel focuses on VoIP technology allowing users to make phone calls using an internet connection instead of regular telephone lines.

Hackers Exploit Mitel VoIP Zero-Day in Likely Ransomware Attack
2022-06-26 22:55

A suspected ransomware intrusion against an unnamed target leveraged a Mitel VoIP appliance as an entry point to achieve remote code execution and gain initial access to the environment.The findings come from cybersecurity firm CrowdStrike, which traced the source of the attack to a Linux-based Mitel VoIP device sitting on the network perimeter, while also identifying a previously unknown exploit as well as a couple of anti-forensic measures adopted by the actor on the device to erase traces of their actions.