We just published the latest and greatest RTCSec newsletter, covering news about conferences, talks, OWASP getting into WebRTC security, telco security: VoLTE vulnerabilities, SS7 hacking and vulnerabilities in Asterisk, Cisco, Mitel and more. enablesecurity.com/newsletter/202…

We've published a new security white paper on DTLS "ClientHello" race conditions in WebRTC! RTPEngine, Asterisk, FreeSWITCH and Skype (PSTN) were found vulnerable. Tested Discord, Google Meet, Zoom, and more enablesecurity.com/blog/webrtc-he… #WebRTCSecurity

RTCSec October newsletter is out. 3rd anniversary edition covers: WebRTC related vulnerabilities from DEF CON 32, SIP URI security concerns, VoIP product fixes. Plus, our new white paper on DoS using DTLS in WebRTC! Read online: enablesecurity.com/newsletter/202… #RTCSecurity

The November edition of the RTCSec Newsletter is out covering: Exploitation of Messenger from Meta, Vulnerabilities in WebRTC, Poly Video Conferencing systems, Cisco phones, Qualcomm DSP video codecs. and VoIP devices on Shodan. Give it a read: enablesecurity.com/newsletter/202…

🔐 2024 in #WebRTC & #VoIP Security: Great progress with increased research focus, OWASP coverage & conference talks, but concerns remain around conferencing platforms & VoIP vulnerabilities. Read our year-end newsletter wrap-up! enablesecurity.com/newsletter/202…

January 2025 RTCSec newsletter out now! Covers Cisco BroadWorks SIP vulnerability, Asterisk fixes, Wordpress plugin, Samsung Galaxy S24, VoIP and WebRTC security updates. Read it at enablesecurity.com/newsletter/202….

We have a packed RTCSec newsletter out at enablesecurity.com/newsletter/202…. We got VoIP phones joining botnets, vulnerabilities in Cisco, Twilio Serverless, Asterisk, AudioCodes and more. Also: Reddit post about WebRTC DTLS handshake security and a summary of the FCC vs Telnyx saga.

RTCSec News for March - VoIP and WebRTC Security Updates: upcoming presentations at Kamailio World and OpenSIPS Summit, WebRTC vulnerabilities from OWASP Global AppSec, and a FreeSWITCH security vulnerability. Visit enablesecurity.com/newsletter/202…

Sent out the latest RTCSec Newsletter, covering Verizon's CDRs compromised by a security researcher, SIP ALG vulnerabilities and learning about NAT types, Cisco VoIP security flaws and cool vulnerability demos, phone phreaking and much more. enablesecurity.com/newsletter/202…

Sandro Gauci from Enable Security with a talk on how to tackle security pitfalls around the OpenSIPS project config file! #opensipssummit2025

Sandro Gauci @ Enable Security , #OpenSIPSSummit 2025, Day 1 OpenSIPS Configuration Security: We called for trouble, and it answered with 200 OK! #sip #rtp #voip #opensource #conference

June RTCSec Newsletter is live! Covering: OWASP ASVS v5 with WebRTC security chapter Critical Yealink vulnerabilities (worse than reported) Meta's Android WebRTC privacy exploit exposed Multiple CVEs: AudioCodes, Qualcomm, Cisco enablesecurity.com/newsletter/202… #VoIP #CyberSecurity

Critical rtpengine security advisory published: CVE-2025-53399 (CVSS 9.3) Affects versions ≤mr13.3.1.4. Allows RTP injection, media redirection and DoS without man-in-the-middle positioning. Thanks to the rtpengine devs for the security fixes! enablesecurity.com/blog/rtpengine…

July RTCSec newsletter: Critical rtpengine security fixes (CVSS 9.3) need config changes, not just patching. Also covering Jitsi's privacy "feature" and upcoming talks at ClueCon & RTC.ON. enablesecurity.com/newsletter/202… #VoIP #WebRTC #InfoSec

Thank you ClueCon for the invitation and congratulations on a very successful 2025 edition. Wrote a short blog which sums up last week's conference, pictures included: blog.opensips.org/2025/08/13/wer… FreeSWITCH OpenSIPS project #asterisk kamailio.org SignalWire

Hi SIPgo now has now Security page for creating any security issues you find in library. Please use this page from now on to open this kind of issues. It keeps library more secure and easier to track this kind of fixes. github.com/emiago/sipgo/s…

RTCSec Newsletter Sept 2025 is live! FreePBX troubles and fixes (CVE-2025-57819 + more) Voice-AI meets toll fraud 📞💸 RTP Bleed clarifications for DTLS-SRTP TURN security deep-dive + Qualcomm & Chrome WebRTC vulns enablesecurity.com/newsletter/202… #RTCSec #InfoSec