Fake MicroSoft calls Post: 303011432

Sponsored Content

Special Forums Cybersecurity Fake MicroSoft calls Post 303011432 by Neo on Thursday 18th of January 2018 08:17:32 AM

01-18-2018

Administrator

I recall VoIP vulnerabilities over the years and for many years.

On another note, it is always important to keep in mind that (IT) RISK is the intersection of VULNERABILITY, THREAT & CRITICALITY.

So, even if there is a VULNERABILITY, if there is no real THREAT or CRITICALITY, then RISK is LOW.

For example, for someone who uses VoIP and is not a high profile person or spy or criminal etc who has THREATS and if a VULNERABILITY is exploited, it does not do critical harm (in the case of VoIP threats for most people who use VoIP daily), then the RISK is low.

I've been aware of possible VoIP exploits for many years, but it does not stop me from using the myriad technologies that use VoIP. This especially applies to VoIP technologies which are encrypted. LINE, What's App and I believe Skype are all encrypted and so exploiting these VoIP vulnerabilities are non trivial, as I recall, and so most users who use encrypted VoIP are not at high RISK.

There is also the RISK MITIGATION model, which combines TECHNICAL (LOGICAL) CONTROLS, PHYSICAL CONTROLS AND ADMINISTRATIVE CONTROLS, should be considered as well

Encrypting a VoIP channel is a TECHNICAL CONTROL and having a policy whereas HIGHLY SENSITIVE USERS do not use these apps unless approved is an ADMINISTRATIVE CONTROL.

It is important to keep in mind that RISK MANAGEMENT and RISK MITIGATION is a multidimensional and multifaceted approach, so VULNERABILITIES must be viewed in context to the THREAT and CRITICALITY; and RISK MITIGATION must be viewed in terms of RISK and the "best" combination of controls (ADMIN, TECH, PHYSICAL) based on RISK (and this implies budget as well).

Cheers.

This User Gave Thanks to Neo For This Post:

Neo

View Public Profile for Neo

Visit Neo's homepage!

Find all posts by Neo

2 More Discussions You Might Find Interesting

1. IP Networking

Identification of data calls & voice calls

Is there any facility to filter/identify the data calls and voice calls coming throug modem? OR Can we get the data or voice calls information through a script(preferably C Kermit)?

2. Windows & DOS: Issues & Discussions

Microsoft Powerpoint 2003 stops working after 12 April 2011 Microsoft Updates

For the benefit of the community this is a widespread worldwide problem affecting multiple versions of Microsoft Windows. Powerpoint erroneously reports Powerpoint presentation damaged and then often hangs. Until Microsoft sort this out, try removing Powerpoint security update KB 2464588...

LEARN ABOUT DEBIAN

birthday

birthday(1)						      General Commands Manual						       birthday(1)

NAME

       birthday - warn about upcoming birthdays and other events

SYNOPSIS

       birthday [-w|-c] [-f file] [-W defwarn] [-M maxwarn] [-m minwarn] [-l lines] [-p weeks] [-d total] [-i width]

DESCRIPTION

       The  birthday  command  reads a file, by default ~/.birthdays, which gives a list of events in the near future (see section FILE FORMAT for
       details). It can then produce either a list of events which are coming up within the next few weeks, or a text-based calendar  with  a  few
       lines for each day.

OPTIONS

       -w     Display a list of upcoming events. This is the default.

       -c     Display a calendar, designed to be piped to lpr(1).

       -f file
	      Read  the  events  from file rather than ~/.birthdays.  If file is a single hyphen, read the events from the standard input (usually
	      the terminal).

   List Options
       -W warn
	      Warn warn days in advance, for entries that have no w flag (see FILE FORMAT).  If this switch is not specified, it  defaults  to	21
	      days.

       -M max Warn at most max days in advance. This overrides any flag given in the file.

       -m min Warn at least min days in advance. This overrides any flag given in the file.

   Calendar Options
       -l lines
	      Print lines lines for every day.

       -p weeks
	      Print weeks weeks on every page of the calendar. If set to 0, the default, disables page breaks.

       -d days
	      Print the calendar for up to days days in advance.

       -i width
	      Print  the  calendar  width characters wide. This affects the length of the lines separating each day, and the point at which events
	      will be word-wrapped.

FILE FORMAT

       Each line beginning with a hash sign, `#', is a comment and will be ignored. Lines beginning with an ampersand, `&', are  directives.  Cur-
       rently  there  is  only	one such directive, &include file, which reads in a seperate file from your .birthdays file.  file should be given
       with an absolute path, which should not use the tilde notation to specify your home directory.

       Any other line specifies the name of a person or event, followed by an equals sign and a  date  (DD/MM, DD/MM/YY or DD/MM/YYYY,	where  the
       form DD/MM/YY is assumed to give a date in the 20th century and is now deprecated), and finally some extra options. These options are:

       bd     This  line is a birthday (the default). The year, if given, should be when the person was born. A line designated as a birthday will
	      produce output like Erin has a birthday in 3 days' time or Jemima is 3 in 2 weeks' time.

       ann    This line is an anniversary. The year, if given, should be the year in which the thing happened, producing output like Pen  exploded
	      3 years ago tomorrow given a line such as Pen exploded=12/09/93 ann.

       ev     This  line  is  an  event of some sort. If a year is given, the text will be displayed in that year only; otherwise, it will be dis-
	      played every year. The remaining time is simply appended to the text; for instance, the input Easter=7/4/1996 ev would give rise	to
	      the text Easter in 1 week's time.

       wn     Warn n days in advance of the date, rather than the default of 21 days or the number given with the -W flag.

       todate The event lasts until date, which should be in the same format as for the date of the event.

       fordays
	      The event lasts for days days.

DATE SPECIFICATION

       The file format documented here handles dates in a couple of slightly non-standard ways.  Firstly, the dates are given in British format of
       DD/MM/YYYY, as opposed to the more normal US format MM/DD/YYYY.

       Secondly, dates with a two-digit year are assumed to be in the 20th century (19xx), rather than taking the standard convention of  assuming
       all  two-digit  years  less than 70 are in the 21st century.  This is for reasons of compatibility with older data files, since many people
       have birthdays before 1970, and the program was written before I came across the Y2K issues. :-(  You should probably avoid this format.

EXAMPLE

       Joe Blow=25/04/1974

FILES

       ~/.birthdays
	      Your default birthdays file.

SEE ALSO

       cal(1)

BUGS

       Both the "features" in the DATE SPECIFICATION section could be construed as bugs, and are mostly present for backwards compatibility.

       The calendar mode should be a seperate program.

       The program cannot warn more than one year in advance of anything.

AUTHOR

       Andy Mortimer <andy.mortimer@zetnet.co.uk>

																       birthday(1)