Somebody Answer the Phone: Hacking Telephone Systems for Fun & Profit

It’s always exciting to know how the hackers are finding new ways to gain access to your organization. Protection of the Private Branch Exchange (PBX) network is an often overlooked area though it is an essential component that supports the critical functions of your organization.

Failing to protect your PBX can expose your organization to loss of confidential information or financial damage. Most of the organizations which have implemented a PBX are either unaware or ignore the security issues with PBX.

This talk will demonstrate multiple exploitable security vulnerabilities including impact, attack scenario, and mitigations that we came across while playing with different PBX (private branch exchange) systems. Our presentation will not be limited to the one, but many PBX vendors.

The following categories and demonstration will be included:

– Information Gathering
– Internet-connected PBX and gaining access
– Password Security
– Caller ID Spoofing
– Softphone Security
– Vulnerabilities
– Impact
– Mitigation

MAIN CONFERENCE
Location: Conf Track 2 Date: November 27, 2018 Time: 10:45 am - 11:45 am Himanshu Mehta Sachin Wagh