Sandro Gauci
@sandrogauci
Followers
4K
Following
828
Statuses
3K
Offensive VoIP/WebRTC security; mostly harmless https://t.co/nwxcTm1wnr Chief Mischief Officer @enablesecurity https://t.co/m1SSe6MyAE
Bavaria, Germany
Joined January 2008
The latest edition of RTCSec newsletter is out. Subscribe at You can now listen to the newsletter with the player from @elevenlabsio, giving that a try and seeing if people find that useful.
January 2025 RTCSec newsletter out now! Covers Cisco BroadWorks SIP vulnerability, Asterisk fixes, Wordpress plugin, Samsung Galaxy S24, VoIP and WebRTC security updates. Read it at
0
2
6
RT @enablesecurity: January 2025 RTCSec newsletter out now! Covers Cisco BroadWorks SIP vulnerability, Asterisk fixes, Wordpress plugin, S…
0
2
0
RT @vanhoefm: After an embargo of 8 months, we are glad to finally share our USENIX Security '25 paper! We found more than 4 MILLION vulner…
0
81
0
From Grandstream GDMS compromise to Mitel vulnerabilities - crucial insights for anyone working with WebRTC & VoIP. Great summary by @EnableSecurity. Subscribe here:
0
3
3
RT @enablesecurity: 🔐 2024 in #WebRTC & #VoIP Security: Great progress with increased research focus, OWASP coverage & conference talks, bu…
0
1
0
RT @TheBrothersWISP: From the VOIP community on Reddit: Grandstream sends notice of GDMS security incident
0
1
0
Your favourite VoIP and WebRTC security newsletter for this month is out! My favorite this time was the presentation by Meta on hacking Messenger, given at @hexacon_fr 2024. 🤓 Contributions to RTC security: @rexploit, @vivekramac, @mod0, @shawnmer2, @Pasc0o, @elwrv and more!
The November edition of the RTCSec Newsletter is out covering: Exploitation of Messenger from Meta, Vulnerabilities in WebRTC, Poly Video Conferencing systems, Cisco phones, Qualcomm DSP video codecs. and VoIP devices on Shodan. Give it a read:
0
0
8
Just finished working on the October edition of the RTCSec newsletter. This one includes a lot of content and contributions thanks to so many great folks. Give it a read or subscribe for the next one:
RTCSec October newsletter is out. 3rd anniversary edition covers: WebRTC related vulnerabilities from DEF CON 32, SIP URI security concerns, VoIP product fixes. Plus, our new white paper on DoS using DTLS in WebRTC! Read online: #RTCSecurity
0
0
4
Excited to share our new white paper on WebRTC DoS vulnerability! It expands on our previous blog post, providing crucial details we missed. Hope it sparks more research into WebRTC security. Check it out! #WebRTCSecurity
We've published a new security white paper on DTLS "ClientHello" race conditions in WebRTC! RTPEngine, Asterisk, FreeSWITCH and Skype (PSTN) were found vulnerable. Tested Discord, Google Meet, Zoom, and more #WebRTCSecurity
0
1
5
We covered VoIP and WebRTC news by @enablesecurity (of course), @owasp, @OWASP_ASVS, @asteriskpbx and many more. This one was worked on a long flight 😉 Subscribe for the next one here:
We just published the latest and greatest RTCSec newsletter, covering news about conferences, talks, OWASP getting into WebRTC security, telco security: VoLTE vulnerabilities, SS7 hacking and vulnerabilities in Asterisk, Cisco, Mitel and more.
0
1
7
Hey SF folks! I'll be around from Sept 25 - Oct 3. Ping me if you're down for a coffee or beer! #OWASP #GlobalAppSecSanFran
0
0
1
RT @trufflesec: 🌟 @owasp 2024 Global AppSec is next week in SF! 🚀 We’re sharing the top talks we're excited about—from 0-days in CI/CD to…
0
1
0
RT @trufflesec: Huge shoutout to to the speakers giving these talks: @amichaishulman @Cassie_Crossley @francoisproulx @InsecureNature @JoeL…
0
1
0
RT @JoshCGrossman: @OWASP_ASVS Particular thanks to @sandrogauci for his hard work in pulling this chapter together!
0
1
0
The latest VoIP & WebRTC security newsletter is out early! Dive into Hacker Summer Camp presentation highlights and check out new Cisco phone vulnerabilities. See you next month! 😉
The August edition of RTCSec newsletter was just published. We're sending this out a bit earlier than usual as some of us will be taking some time off soon. See you next month! Read it at
0
0
2
RT @enablesecurity: The August edition of RTCSec newsletter was just published. We're sending this out a bit earlier than usual as some of…
0
1
0
0
0
1
RT @securestep9: #OWASP #ASVS: What a great idea by the @owasp_asvs project to ask for #opensource contributions using a "Wanted" poster a…
0
9
0
this was my favorite bit 😉
and those debates about the WebRTC specs needing, or not, a slight security update, thanks to @HCornflower @ibc__again , @nilsohlmeier , @murillo , @elminiero
0
0
1