The FBI is advising users of the open source VoIP package Asterisk to upgrade to the latest version, but has so far provided very little evidence on what vulnerability it has detected.
The FBI's warning as published at the Internet Crime Complaint Center (IC3) is vague at best. The warning states: "The recent attacks were conducted by hackers exploiting a security vulnerability in Asterisk software. Asterisk is free and widely used software developed to integrate PBXii systems with Voice over Internet Protocol (VoIP), digital Internet voice calling services; however, early versions of the Asterisk software are known to have a vulnerability."
Do you use Asterisk for your VoIP? If so you might want to upgrade to the latest version because the FBI stated that they have found an vulnerability in the earlier versions of the software.
The link for this article located at Arstechnica is no longer available.