3cx – Computer Security Articles

3CX Breach Was a Double Supply Chain Compromise

April 24, 2023 admin 3cx, A Little Sunshine, clearsky security, diamond sleet, double supply chain breach, elastic security, ESET, iconicstealer, kaspersky lab, kim zetter, Latest Warnings, MacOS, Mandiant, marc-etienne m.leveille, microsoft, Ne'er-Do-Well News, peter kalnai, Supply chain, The Coming Storm, trading technologies, x_trader, Zero-Day, zinc

Credit to Author: BrianKrebs| Date: Fri, 21 Apr 2023 01:05:44 +0000

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks.

MalwareBytes Security

A week in security (March 27 – April 2)

April 3, 2023 admin 3cx, accidental breach, anna pobletts, apple, bingbang, chatgpt, ddos service, ee phing, GitHub, instagram scammer, lock and code, news, phishing, ransomware, top cyber threats of 2023, world backup day

Categories: News

Tags: Lock and Code

Tags: Anna Pobletts

Tags: ChatGPT

Tags: World Backup Day

Tags: GitHub

Tags: accidental breach

Tags: DDoS service

Tags: Instagram scammer

Tags: top cyber threats of 2023

Tags: 3CX

Tags: BingBang

Tags: Apple

Tags: EE phing

Tags: phishing

Tags: ransomware

The most interesting security related news from the week of March 27 to April 2.

(Read more…)

The post A week in security (March 27 – April 2) appeared first on Malwarebytes Labs.

MalwareBytes Security

[Updated April 3] 3CX desktop app used in a supply chain attack

April 3, 2023 admin 3cx, news, sideload, Supply chain

Categories: News

Tags: 3CX

Tags: supply-chain

Tags: sideload

Researchers have found that the 3CX desktop app may be compromised and used in supply chain attacks.

Security Sophos

Update 2: 3CX users under DLL-sideloading attack: What you need to know

April 1, 2023 admin 3cx, dll sideloading, Featured, ffmpeg.dll, ioc hunting, threat research

Credit to Author: Greg Iddon| Date: Thu, 30 Mar 2023 01:39:11 +0000

A Trojanized version of the popular VOIP/PBX software is in the news; here’s what hunters and defenders are doing

MalwareBytes Security

[Update] 3CX desktop app used in a supply chain attack

March 31, 2023 admin 3cx, news, sideload, Supply chain

Categories: News

Tags: 3CX

Tags: supply-chain

Tags: sideload

Researchers have found that the 3CX desktop app may be compromised and used in supply chain attacks.

Security Sophos

Updated: 3CX users under DLL-sideloading attack: What you need to know

March 30, 2023 admin 3cx, dll sideloading, Featured, ffmpeg.dll, ioc hunting, threat research

Credit to Author: Greg Iddon| Date: Thu, 30 Mar 2023 01:39:11 +0000

A Trojanized version of the popular VOIP/PBX software is in the news; here’s what hunters and defenders are doing

MalwareBytes Security

3CX desktop app used in a supply chain attack

March 30, 2023 admin 3cx, news, sideload, Supply chain

Categories: News

Tags: 3CX

Tags: supply-chain

Tags: sideload

Researchers have found that the 3CX desktop app may be compromised and used in supply chain attacks.

(Read more…)

The post 3CX desktop app used in a supply chain attack appeared first on Malwarebytes Labs.

Security Sophos

3CX Desktop Attack: Sophos Customer Information

March 30, 2023 admin 3cx, products & services, Sophos Endpoint, sophos mdr, sophos x-ops, sophos xdr

Credit to Author: Editor| Date: Thu, 30 Mar 2023 08:44:21 +0000

Overview Sophos X-Ops is tracking an attack against the 3CX Desktop application, possibly undertaken by a nation-state-related group. The affected software is 3CX – a legitimate software-based PBX phone system available on Windows, Linux, Android, and iOS. The application has been abused by the threat actor to add an installer that communicates with various command-and-control […]

← Previous