DOJ Slams XCast with $10 Million Fine Over Massive Illegal Robocall Operation

The U.S. Department of Justice DoJ on Tuesday said it reached a settlement with VoIP service provider XCast over allegations that it facilitated illegal telemarketing campaigns since at least January 2018, in contravention of the Telemarketing Sales Rule TSR. In addition to prohibiting the compan...

Alleged Member of Neo-Nazi Swatting Group Charged

Federal investigators on Friday arrested a Virginia man accused of being part of a neo-Nazi group that targeted hundreds of people in "swatting" attacks, wherein fake bomb threats, hostage situations and other violent scenarios were phoned in to police as part of a scheme to trick them into...

Virus Bulletin 2019: VoIP Espionage Campaign Hits U.S. Utilities Supplier

LONDON — A recent attack aimed at a U.S.-based oil, gas and chemical supplier leverages the company’s use of the enterprise-class Asterisk open-source PBX software, used for VoIP services. According to research from Check Point, presented here at Virus Bulletin 2019 on Friday, the attack was firs...

Blue Angel Software Suite - Command Execution Exploit

Exploit Title: Blue Angel Software Suite - Authenticated Command Execution Exploit Author: Paolo Serracino Vendor Homepage: http://www.5vtechnologies.com Software Link: N/A Version: All Tested on: Embedded Linux OS CVE : N/A Description: Blue Angel Software Suite, an application that runs on...

Design/Logic Flaw

CPEs used by subscribers on the access network receive their individual configuration settings from a central GAPS instance. A CPE identifies itself by the MAC address of its WAN interface and a certain "chk" value 48bit derived from the MAC. The algorithm used to compute the "chk" was disclosed ...

Former employee held for hacking server of BPO unit in Hyderabad !

A former software professional on Saturday was arrested for allegedly hacking the server of a city-based BPO company, where he previously worked, police said. The hacker identified as Shaik Mahammad Ghouse Bhasa allegedly secured unauthorised access to the computer systems of M/s IVOICE Network...

3Com SuperStack 3 NBX 4.0/4.1 - FTPD Denial of Service

source: https://www.securityfocus.com/bid/6297/info It has been reported that the ftpd server, included in the Embedded Real Time Operating System ERTOS of 3Com Superstack 3 NBX IP phones, contains a denial of service vulnerability. This issue can be triggered by sending a CEL paramater of...

3Com SuperStack 3 NBX 4.04.1 - FTPD Denial of Service

3Com SuperStack 3 NBX 4.04.1 - FTPD Denial of Service source: https://www.securityfocus.com/bid/6297/info It has been reported that the ftpd server, included in the Embedded Real Time Operating System ERTOS of 3Com Superstack 3 NBX IP phones, contains a denial of service vulnerability. This issue...