Browsing Author: Brian Donohue

Cisco published an advisory report yesterday detailing multiple vulnerabilities in there Unified Communications Manager.

There are three denial of service vulnerabilities that affect session initiation protocol services, two SQL injection vulnerabilities, and a directory transversal vulnerability.

These bugs affect versions 6-8 of Cisco’s Unified Communications Manager.

The DoS bugs are triggered by a malformed SIP message that could cause a critical process to fail, resulting in the failure of voice services.


The U.S. Chamber of Commerce held a press conference this morning to unveil details surrounding a National Strategy for Trusted Identities in Cyberspace, or NSTIC as they are calling it.

While the press conference was somewhat vague in terms of specifics, the initiative appears to be designed to build a voluntary transactional ecosystem of trust between businesses and individuals online, or, more generally between anyone or thing attempting to transmit money, goods, or ideas online.


Back in January, Threatpost covered a story originally reported by Julien Sobrier of Zsacaler. Sobrier discovered that the websites of a number of prominent American universities and government institutions had been hijacked and were redirecting fake online stores. As it turns out, some of the sites mentioned in the initial report continue to do so.