Last December the IC3 issued an alert for Asterisk users whch can be seen here.
This initially caused a panic amongst the developers as it wasn’t really clear what the alert was about. It turns out that it was for a vulnerability that was indentified and patched by Digum 9 months earlier. IC3 issued an updated buliten shortly after describing the issue a little better which can be seen here
I’m still seeing this alert being used to try and discourage people from using Asterisk but as far as I can see it’s just a normal security warning that was quickly identified and fixed by the software developer.
If you’d like to read more information there’s a good post here regarding this – http://blog.tmcnet.com/blog/tom-keating/asterisk/digium-responds-to-fbi-vhishing-security-warning-about-asterisk.asp and, as always, keep your software patched!