[VOIPSEC] SANS Top 20 Internet Security Target list for 2006 released today, with VoIP included for the first time

Brian Honan brian.honan at bhconsulting.ie
Wed Nov 15 16:27:19 CST 2006 

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Dan

I was at the launch of the Top 20 this morning in London.  It was a
very good session.  Some time was spent discussing VOIP security, the
concerns expressed were vulnerabilities inherent in some of the
products enabling systems to be crashed or conversations to be
eavesdropped on.  Other concerns included exploiting poor security,
such as default passwords, on installed systems and allowing the
hacker to utilise those systems for Vishing attacks or simply
reselling call time.  It was interesting to note the focus of the
presentations was on the changing threat landscape and the increasing
involvement of organised criminals and foreign states in exploiting
vulnerabilities to satisfy their own needs.  As a result those
defending the networks, both data and VOIP, need to consider those
type of attackers when developing their risk management strategy and
subsequent defensive measures.

Regards

Brian


Brian Honan
BH Consulting
Helping You Piece IT Together
T:   +353-1-4404065
M:   +353-868114066
E:   brian.honan at bhconsulting.ie
W:   http://www.bhconsulting.ie

Supporting Global Security Week http://www.globalsecurityweek.com

This message is for the named person's use only. If you received this
message in error, please immediately delete it and all copies and
notify the sender. You must not, directly or indirectly, use,
disclose, distribute, print, or copy any part of this message if you
are not the intended recipient. Any views expressed in this message
are those of the individual sender and not of BH Consulting.
- -----Original Message-----
From: voipsec-bounces at voipsa.org [mailto:voipsec-bounces at voipsa.org]
On Behalf Of dan_york at Mitel.com
Sent: 15 November 2006 16:19
To: voipsec at voipsa.org
Subject: [VOIPSEC] SANS Top 20 Internet Security Target list for 2006
released today, with VoIP included for the first time

VOIPSEC members,

FYI, the 2006 version of the SANS Top 20 Internet Security Targets
was released today, with VoIP on the list for the first time:

 
http://voipsa.org/blog/2006/11/15/sans-top-20-internet-security-attack
- -target-list-for-2006-includes-voip-for-the-first-time/

Given that VOIPSA was included as a link (thank you, SANS!), I expect
we'll see more interest here.

Regards,
Dan

- --
Dan York, CISSP
Dir of IP Technology, Office of the CTO
Mitel Corp.     http://www.mitel.com
dan_york at mitel.com +1-613-592-2122
PGP key (F7E3C3B4) available for
secure communication

_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRVuUR4u28IDxtc99EQLREgCdFY1XEjJMzAksOoj9CrXncKBlbAYAn29S
9lUqrknPU0MESEWGEG6yrRYx
=gHKt
-----END PGP SIGNATURE-----

More information about the Voipsec mailing list