Hackers can access sensitive data and services also via telephone devices: Most companies use VoIP telephones that are integrated into the company network. Security researchers at the Fraunhofer Institute for Secure Information Technology have found a total of 40 partly serious vulnerabilities in these VoIP telephones. Attackers can misuse these gaps to intercept calls, deactivate the telephone or gain further access to the company network. The VoIP telephones producers have by now closed these vulnerabilities. The researchers presented the results of their investigations at DEFCON, one of the world’s largest hacker conferences.
The security experts at Fraunhofer SIT tested a total of 33 VoIP telephone devices from 25 different manufacturers for flaws and vulnerabilities. For this purpose, they examined the devices’ web-based user interfaces , which administrators can use to configure the phones.
Even the security experts were surprised by the results: "We didn't expect to find so many critical gaps, because these devices have been on the market for a long time and they should have been tested and secure," explains Stephan Huber, one of the researchers involved in the study.
One type of vulnerability was so severe that the security researchers were able to gain complete administrative control over the VoIP phone. "This is a total security failure", says scientist Philipp Roskosch, who was involved in the investigation as well.
Attackers could also use this to manipulate other devices in the same network, such as other VoIP telephones, computers or production machines. This attack was possible with seven devices. Another attack scenario was a denial of service attack that took VoIP phones out of action. This can damage the business of customer hotlines, e.g. banks or insurance companies.
The security researchers informed all the manufacturers of the VoIP telephones investigated about the vulnerabilities found; they all reacted and closed the gaps. The Fraunhofer SIT experts therefore advise all users to keep their own devices up to date and to pay attention to updates for the device firmware.
Further technical details on the VoIP telephones investigated and the gaps can be found on the Internet at www.sit.fraunhofer.de/cve
Oliver Küch | Fraunhofer-Institut für Sichere Informationstechnologie SIT
Fraunhofer Radio Technology becomes part of the worldwide Telecom Infra Project (TIP)
14.11.2019 | Fraunhofer-Institut für Angewandte Informationstechnik FIT
No more traffic blues for information transfer: decongesting wireless channels
11.11.2019 | Tokyo University of Science
The Fraunhofer Institute for Manufacturing Technology and Advanced Materials IFAM in Dresden has succeeded in using Selective Electron Beam Melting (SEBM) to...
Carbon nanotubes (CNTs) are valuable for a wide variety of applications. Made of graphene sheets rolled into tubes 10,000 times smaller than a human hair, CNTs have an exceptional strength-to-mass ratio and excellent thermal and electrical properties. These features make them ideal for a range of applications, including supercapacitors, interconnects, adhesives, particle trapping and structural color.
New research reveals even more potential for CNTs: as a coating, they can both repel and hold water in place, a useful property for applications like printing,...
If you've ever tried to put several really strong, small cube magnets right next to each other on a magnetic board, you'll know that you just can't do it. What happens is that the magnets always arrange themselves in a column sticking out vertically from the magnetic board. Moreover, it's almost impossible to join several rows of these magnets together to form a flat surface. That's because magnets are dipolar. Equal poles repel each other, with the north pole of one magnet always attaching itself to the south pole of another and vice versa. This explains why they form a column with all the magnets aligned the same way.
Now, scientists at ETH Zurich have managed to create magnetic building blocks in the shape of cubes that - for the first time ever - can be joined together to...
Quantum-based communication and computation technologies promise unprecedented applications, such as unconditionally secure communications, ultra-precise...
In two experiments performed at the free-electron laser FLASH in Hamburg a cooperation led by physicists from the Heidelberg Max Planck Institute for Nuclear physics (MPIK) demonstrated strongly-driven nonlinear interaction of ultrashort extreme-ultraviolet (XUV) laser pulses with atoms and ions. The powerful excitation of an electron pair in helium was found to compete with the ultrafast decay, which temporarily may even lead to population inversion. Resonant transitions in doubly charged neon ions were shifted in energy, and observed by XUV-XUV pump-probe transient absorption spectroscopy.
An international team led by physicists from the MPIK reports on new results for efficient two-electron excitations in helium driven by strong and ultrashort...
05.11.2019 | Event News
30.10.2019 | Event News
02.10.2019 | Event News
14.11.2019 | Materials Sciences
14.11.2019 | Health and Medicine
14.11.2019 | Materials Sciences