3CX Breach Was a Double Supply Chain Compromise

Credit to Author: BrianKrebs| Date: Fri, 21 Apr 2023 01:05:44 +0000

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks.

Read more

Bogus job offers hide trojanised open-source software

Categories: News

Tags: malware

Tags: ZINC

Tags: microsoft

Tags: infection

Tags: C&C

Tags: open source

Tags: job offer

Tags: fake

Tags: LinkedIn

A North Korean ZINC group is accused of creating compromised versions of KiTTY, PuTTY, TightVNC, and other popular open-source software apps

(Read more…)

The post Bogus job offers hide trojanised open-source software appeared first on Malwarebytes Labs.

Read more

ZINC weaponizing open-source software

Credit to Author: Katie McCafferty| Date: Thu, 29 Sep 2022 16:00:00 +0000

In recent months, Microsoft detected weaponization of legitimate open-source software by an actor the Microsoft Threat Intelligence Center (MSTIC) tracks as ZINC, targeting employees at media, defense and aerospace, and IT service provider organizations in the US, UK, India, and Russia.

The post ZINC weaponizing open-source software appeared first on Microsoft Security Blog.

Read more

Ghost in the shell: Investigating web shell attacks

Credit to Author: Eric Avena| Date: Tue, 04 Feb 2020 17:30:40 +0000

Web shell attacks allow adversaries to run commands and steal data from an Internet-facing server or use the server as launch pad for further attacks against the affected organization.

The post Ghost in the shell: Investigating web shell attacks appeared first on Microsoft Security.

Read more