Call Interception Demonstrated On New Cisco Phones

mask.of.sanity writes "Researchers have demonstrated a series of exploits that turn Cisco IP phones into listening bugs, and could allow a denial of service attack capable of silencing a call center. It allows internal staff and competitors with a little publicly-available information to hijack the phones, wiretap calls and eavesdrop on confidential meetings. The attacks work through a sequence of exploits against the latest Cisco phones enabled to run off the shelf. Most people are vulnerable, the researchers say, because they do not harden their systems in line with recommended security requirements."

Re:Enterprise Systems

[fuzzyfuzzyfungus]

Your ill-understood slander of Enterprise Solutions will not be tolerated.

Any two-bit neckbeard with a sourceforge account can create a "poorly understood clusterfuck."

However, only by leveraging the organizational synergies of a corporation committed to customer-centric excellence across multiple value centers is it possible to create a "poorly understood clusterfuck" backed by overpriced consultants, soporific slide decks, documentation that addresses the hypothetical case of a 50,000 seat installation across hundreds of multinational satellite sites; but fails to have any useful information on why some critical service leaks memory and needs to be restarted every 18 hours, a custom set of Vizio(tm) objects that allows middle managers and Certified Solution Architects to emulate understanding of the system with impressive graphical flourishes, and a mandatory "maintenance contract" that makes you eligible to pay a per-incident fee to have some poor dude in Hyderabad read a script at you.

Freetards, they just don't understand the value of good commercial Solutions.