VoIP System | Breaking Cybersecurity News | The Hacker News

VoIP phones using Digium's software have been targeted to drop a web shell on their servers as part of an attack campaign designed to exfiltrate data by downloading and executing additional payloads. "The malware installs multilayer obfuscated PHP backdoors to the web server's file system, downloads new payloads for execution, and schedules recurring tasks to re-infect the host system," Palo Alto Networks Unit 42  said  in a Friday report. The unusual activity is said to have commenced in mid-December 2021 and targets Asterisk, a widely used software implementation of a private branch exchange (PBX) that runs on the open-source Elastix Unified Communications Server. Unit 42 said the intrusions share similarities with the  INJ3CTOR3 campaign  that Israeli cybersecurity firm Check Point disclosed in November 2020, alluding to the possibility that they could be a "resurgence" of the previous attacks. Coinciding with the sudden surge is the public disclos...

Researchers have disclosed three security vulnerabilities affecting Pascom Cloud Phone System ( CPS ) that could be combined to achieve a full pre-authenticated remote code execution of affected systems. Kerbit security researcher Daniel Eshetu  said  the shortcomings, when chained together, can lead to "an unauthenticated attacker gaining root on these devices." Pascom Cloud Phone System is an integrated collaboration and communication solution that allows businesses to host and set up private telephone networks across different platforms as well as facilitate the monitoring, maintenance, and updates associated with the virtual phone systems. The set of three flaws includes those stemming from an arbitrary path traversal in the web interface, a server-side request forgery ( SSRF ) due to an outdated third-party dependency ( CVE-2019-18394 ), and a post-authentication command injection using a daemon service ("exd.pl"). In other words, the vulnerabilities can...

Multiple backdoors have been discovered during a penetration test in the firmware of a widely used voice over Internet Protocol (VoIP) appliance from Auerswald, a German telecommunications hardware manufacturer, that could be abused to gain full administrative access to the devices. "Two backdoor passwords were found in the firmware of the  COMpact 5500R PBX ," researchers from RedTeam Pentesting said in a  technical   analysis  published Monday. "One backdoor password is for the secret user ' Schandelah ', the other can be used for the highest-privileged user ' admin .' No way was discovered to disable these backdoors." The vulnerability has been assigned the identifier  CVE-2021-40859  and carries a critical severity rating of 9.8. Following responsible disclosure on September 10, Auerswald addressed the problem in a firmware update (version 8.2B) released in November 2021. "Firmware Update 8.2B contains important security updates that you...

Is Managing Customer Logins and Data Giving You Headaches? You're Not Alone! Today, we all expect super-fast, secure, and personalized online experiences. But let's be honest, we're also more careful about how our data is used. If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything from how we log in to spotting online fraud, and it's a whole new ball game! If you're dealing with logins, data privacy, bringing new users on board, or building digital trust, this webinar is for you . Join us for " Navigating Customer Identity in the AI Era ," where we'll dive into the Auth0 2025 Customer Identity Trends Report . We'll show you what's working, what's not, and how to tweak your strategy for the year ahead. In just one session, you'll get practical answers to real-world challenges like: How AI is changing what users expect – and where they're starting to push ba...