Compromised VoIP Phones: New Path to Intrusion
Compromised VoIP Phones: New Path to Intrusion Security researchers at Microsoft Threat Intelligence Center disclosed that they discovered an infrastructure of a known cyber adversary that used the popular office IoT Voice over Internet Protocol (VoIP) as a new path to gain initial access to corporate networks. Researchers at Microsoft Threat Intelligence Center (MSTIC)reported that in April this year, the threat group known as “STRONTIUM” compromised 3 popular office IoT devices, VOIP phone, office printer and video decoder, across multiple customer locations to gain initial access to corporate networks. The researchers found that the said IoT devices were either compromised because the latest security update hadn’t been applied or the default manufacturer’s login details hadn’t been changed. Once the threat group gained initial access to the corporate network via these…