The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
RealNetworks, Inc. has released an update for RealPlayer to address multiple vulnerabilities. These vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code or obtain sensitive information.
US-CERT encourages users and administrators to review the RealNetworks, Inc. security advisory for these vulnerabilities and apply any necessary updates to help mitigate the risks.
Cisco has released security advisories to address multiple vulnerabilities affecting Unified Communications Manager and Unified Presence.
These vulnerabilities affect the processing of Session Initiation Protocol (SIP) messages. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition, which could cause an interruption of voice services.
Cisco Unified Communications Manager users and administrators are encouraged to review Cisco security advisory cisco-sa-20100825-cucm and apply any necessary updates to help mitigate the risks. Cisco Unified Presence users and administrators are encouraged to review Cisco security advisory cisco-sa-20100825-cup and apply any necessary updates to help mitigate the risks.
In an effort to respond to a growing public threat by offline phishers that conduct various scams via fax, the Anti-phishing Working Group (APWG) has partnered with the Internal Revenue Service (IRS) to create the APWG Fax Back Phishing Education Program. This program is designed to provide telecommunications companies and Fax over Internet Protocol (FoIP) hosting firms with information that can be used to educate consumers about these types of scams. Offline phishing differs from traditional phishing in that it involves sending emails with attachments or direct faxes to individuals or businesses and is not done strictly online. Recipients of offline phishing scams are coerced to complete the fake documents and fax them back or be penalized.
In conjunction with IRS's Online Fraud Detection and Prevention (OFDP) group, APWG created a fax coversheet that can be downloaded by carriers and used to notify victims of offline phishing. This fax coversheet also provides links to other APWG resources which allow the victims to submit a complaint directly to the appropriate clearinghouse.