Recent news

"Anomaly Detection as a Service" Book Published
Oct 31, 2017
Flyer

CLKSCREW Paper Wins Distinguished Paper Award
USENIX Security Symposium 2017
Oct 31, 2017
Paper and Presentation

RAID 2013 Website Launched

Details for the 16th International Symposium on Research in Attacks, Intrusions and Defenses are now available at raid2013.org. The conference will be held in St. Lucia on October 23-25, 2013.

The Cisco IP Phone Kernel Exploit has received a lot of press in the last few days.

The Internet Will Literally Kill You By 2014, Predicts Security Firm SecurityWatch
Dec 20, 2012
http://securitywatch.pcmag.com/none/306223-the-internet-will-literally-k...

Can Your Cisco VoIP Phone Spy On You?
SecurityWatch
Dec 19, 2012
http://securitywatch.pcmag.com/none/306172-can-your-cisco-voip-phone-spy...

Security researchers find vulnerability in Cisco VoIP phones
PhysOrg
Dec 19, 2012
http://phys.org/news/2012-12-vulnerability-cisco-voip.html

Cisco phone exploit allows attackers to listen in on phone calls
The Verge
Jan 10, 2013
http://www.theverge.com/2013/1/10/3861316/cisco-phone-exploit-discretely...

Your worst office nightmare: Hack makes Cisco phone spy on you
ExtremeTech
Jan 10, 2013
http://www.extremetech.com/computing/145371-your-worst-office-nightmare-...

Cisco VoIP Phone Flaw Could Plant Bugs In Your Cubicle
Readwrite Hack
Jan 11, 2013
http://readwrite.com/2013/01/10/cisco-voip-phone-flaw-could-plant-bugs-i...

Hack turns Cisco desk phones into remote listening devices
Slashgear
Jan 11, 2013
http://www.slashgear.com/hack-turns-cisco-desk-phones-into-remote-listen...

Cisco IP Phone Vulnerability Enables Remote Eavesdropping
Tekcert
Jan 10, 2013
http://tekcert.com/blog/2013/01/10/cisco-ip-phone-vulnerability-enables-...

Cisco issues advisory to plug security hole in VoIP phone
FierceEnterprise Communications
Jan 10, 2013
http://www.fierceenterprisecommunications.com/story/cisco-issues-advisor...

Hack Turns Cisco's Desk Phone into a Spying Device
Istruck.me
Jan 11, 2013
http://itstruck.me/hack-turns-ciscos-desk-phone-into-a-spying-device/

Hack Turns Cisco’s Desk Phone Into a Spying Device
Gizmodo
Jan 10, 2013
http://gizmodo.com/5974814/hack-turns-ciscos-desk-phone-into-a-spying-de...

Warning: That Cisco phone on your desk may be spying on you
BetaNews
Jan 10, 2013
http://betanews.com/2013/01/10/warning-that-cisco-phone-on-your-desk-may...

Hack turns the Cisco phone on your desk into a remote bugging device
Arstechnica
Jan 10,2013
http://arstechnica.com/security/2013/01/hack-turns-the-cisco-phone-on-yo...

Cisco VoIP phone vulnerability allow eavesdropping remotely
IOtechie
Jan 9, 2013
http://hackersvalley.iotechie.com/hacks/cisco-voip-phone-vulnerability-a...

Cisco issues advisory to plug security hole in VoIP phones
FierceEnterpriseCommunications
Jan 10, 2013
http://www.fierceenterprisecommunications.com/story/cisco-issues-advisor...

Malware leaves Cisco VoIP phones "open to call tapping"
PC Pro
Jan 8, 2013
http://www.pcpro.co.uk/news/security/379129/malware-leaves-cisco-voip-ph...

Researcher exposes VoIP phone vulnerability
Business Wire for Security InfoWatch
Dec 13, 2012
http://www.securityinfowatch.com/news/10842240/researcher-exposes-voip-p...

Cisco IP Phones Vulnerable
IEEE Spectrum
Dec 18, 2012
http://spectrum.ieee.org/computing/embedded-systems/cisco-ip-phones-vuln...

Cisco IP phones buggy
NetworkWorld
Dec 12, 2012
http://www.networkworld.com/community/node/82046

Researchers Identify Security Vulnerabilities In VoIP Phones
Red Orbit
Jan 8, 2013
http://www.redorbit.com/news/technology/1112759485/voip-phones-security-...

Security Researcher Compromises Cisco VoIP Phones With Vulnerability
Darkreading
Dec 13, 2012
http://www.darkreading.com/threat-intelligence/167901121/security/attack...

Remotely listen in via hacked VoIP phones: Cisco working on eavesdropping patch
Computerworld
Jan 8, 2013
http://blogs.computerworld.com/cybercrime-and-hacking/21600/remotely-lis...

Cisco IP Phones Hacked
Fast Company
Dec 19, 2012
http://www.fastcompany.com/3004163/cisco-ip-phones-hacked

Cisco rushing to fix broken VoIP patch
IT World Canada
Jan 8, 2013
http://www.itworldcanada.com/news/cisco-rushing-to-fix-broken-voip-patch...

Cisco working to fix broken patch for VoIP phones
IDG News Service for CSO Online
Jan 7, 2013
http://www.csoonline.com/article/725788/cisco-working-to-fix-broken-patc...

Your Cisco phone is listening to you: 29C3 talk on breaking Cisco phones
Boing Boing
Dec 29, 2012
http://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html

Yet another eavesdrop vulnerability in Cisco phones
The Register
December 13, 2012
http://www.theregister.co.uk/2012/12/13/cisco_voip_phones_vulnerable/

Cisco VoIP Phones Affected By On Hook Security Vulnerability
Dec 6, 2012
Forbes
http://www.forbes.com/sites/robertvamosi/2012/12/06/off-hook-voip-phone-...

Discovered vulnerabilities in Cisco VoIP phones
KO IT (RUSSIAN)
Jan 8, 2013
http://ko.com.ua/obnaruzheny_uyazvimosti_v_telefonah_cisco_voip_70011

and

http://forums.cnet.com/7726-6132_102-5409269.html
http://www.xsnet.com/blog/bid/112454/Jenn%20Cano
http://news.softpedia.com/news/Kernel-Vulnerability-in-Cisco-Phones-Can-...
http://www.securelist.com/en/advisories/51768
http://accublog.wordpress.com/2013/01/10/eavesdropping-on-your-phone-fro...
http://geekapolis.fooyoh.com/geekapolis_gadgets_wishlist/8247285
http://eddydemland.blogspot.com/2013/01/hack-turns-ciscos-desk-phone-int...
http://www.onenewspage.us/n/Technology/74vnp9j0m/Kernel-Vulnerability-in...
http://technology.automated.it/2013/01/10/cisco-phone-exploit-allows-att...
http://www.i4u.com/2013/01/youtube/warning-your-be-you-desk-may-spying-p...
http://www.shafaqna.com/english/other-services/featured/itemlist/tag/cis...
http://www.ieverythingtech.com/2013/01/cisco-phone-exploit-allows-attack...
http://dailyme.com/story/2013011000002065/hack-turns-cisco-s-desk-phone-...
http://truthisscary.com/2013/01/video-hacked-phones-could-be-listening-t...
http://www.smokey-services.eu/forums/index.php?topic=227209.0
http://technewstube.com/theverge/154392/cisco-phone-exploit-allows-attac...

Brown Printing Co., which prints popular magazines and catalogues, knew that it had valuable assets in its computer systems and that those assets — online editions and subscriber databases — were increasingly at risk with the proliferation of cyber-espionage....

Read more...

A new kernel exploit affecting nearly all late model Cisco IP phones has been presented at 29C3. News articles appear on NBCNEWS and IEEE Spectrum.

http://www.forbes.com/sites/robertvamosi/2012/12/06/off-hook-voip-phone-...

In the new motion picture Skyfall, James Bond uses fewer gadgets than in previous films, but a future 007 might not have to rely upon Q at all, instead taking advantage of ordinary gadgets, according to one researcher. On Wednesday at the Amphion Forum in San Francisco researcher Ang Cui demonstrated an attack on common Cisco-branded Voice over IP (VoIP) phones that could easily...