 |
 |
    |
Sipera to Debut VoIP-to-Data Exploit at Black Hat USA 2007
Sipera VIPER Lab to Demo Data Loss/Theft Exploit Via VoIP and Other Possible Attacks on WiFi Dual-Mode Phones Richardson, TX, July 30, 2007 – Sipera™ Systems, the leader in comprehensive security for VoIP, mobile and multimedia communications, today announced Sipera VIPER Lab will demonstrate a VoIP exploit that allows hackers to take control and delete or steal data from a laptop running an enterprise VoIP softphone, at the Black Hat USA 2007 conference. The demonstration will also show that fully deployed, traditional data security is not adequate to protect data from a real-time, VoIP communications attack. Sipera VIPER Lab will also review various WiFi/dual-mode phone threats as part of its “Vulnerabilities in Wi-Fi/Dual-Mode VoIP Phones” presentation, which will take place within the Voice Services Security track on August 1st at 4:45 p.m. Black Hat briefings bring together the best minds from government agencies and global corporations with the most respected independent researchers and hackers. The Black Hat invitation to present reflects both peer recognition of Sipera’s leadership in VoIP and Unified Communications (UC) security, and increasing awareness of VoIP/UC vulnerabilities and exploits. “The fact that a known vulnerability in VoIP can be used to create an exploit to steal data should serve as a wake up call to all Chief Security Officers that VoIP security should be escalated as a must-have requirement when deploying Unified Communications,” said Eric Winsborrow, Sipera CMO and former VP Product Marketing at McAfee. “Enterprises spend billions of dollars on traditional data security, and closely monitor OS vulnerability announcements on the first Tuesday of the month. Meanwhile, Sipera VIPER Lab has identified an exhaustive list of VoIP vulnerabilities that can be exploited to disrupt critical business communications, and in this case, steal confidential data through a security hole that data security vendors are fundamentally unable to address. The regulatory impact on this exploit, alone, should it happen in the wild, would be severe.” Over the past four years, Sipera VIPER Lab has identified thousands of VoIP vulnerabilities, most of which cannot be addressed by encryption, authentication, or other data security measures. Sipera VIPER Lab has published threat advisories for several WiFi/dual-mode phones, softphones and VoIP hardphones including those allowing remote attackers to carry out spoofing and denial-of-service attacks, unwanted reboots, uninitiated toll calls, and, in one case, remote access to private call records. These vulnerabilities are posted at http://www.sipera.com/viper as an educational security service to Sipera’s customers and the general public. About Sipera Systems Sipera, Sipera logo, Sipera IPCS, Sipera IPCS 210, Sipera IPCS 310, Sipera IPCS 410, Sipera IPCS 510, Sipera IPCS 520, Sipera LAVA and Sipera VIPER are trademarks of Sipera Systems, Inc. All other companies and products listed herein are trademarks or registered trademarks of their respective holders. Media Contacts: Larry Bouchie, KMC Partners Public Relations, 617-758-4192, larry@kmcpartners.com Brendan Ziolo, Sipera Systems, 214-606-1080, bziolo@sipera.com |
UC Security Defined
Sipera Systems, the leader in real-time Unified
Communications (UC) security, is the choice of enterprises
and service providers around the world to support their
mission-critical UC deployments.
Sipera offers groundbreaking, production-proven solutions
that secure voice, video, messaging, collaboration, and
other real-time communications in converged IP networks,
boosting compliance with information security requirements.
Backed by the industry-leading research of the VIPER lab,
Sipera's solutions provide comprehensive threat protection,
policy enforcement, access control, and encryption in a
single flexible appliance.