David Robinson found multiple issues in TelStrat Engage, a product used for recording phone calls, typically for training and customer experience purposes. Using the issues identified, unauthenticated access to cleartext passwords in the web application is possible. Multiple attempts to contact TelStrat through various avenues were unsuccessful, at this point in time the issues remain unpatched.
BSides San Francisco is a non-profit organization designed to advance the body of Information Security knowledge by providing an annual, two-day, open forum for discussion and debate for security engineers and their affiliates. Presenters at BSides SF conferences are engaging the participants and getting the discussions started on the “Next Big Thing”, not preaching at you from the podium about last month’s news.