Collaborate Disseminate
3CX tells customers to temporarily disable SQL Database integration to mitigate a potential vulnerability.
The post 3CX Urges Customers to Disable Integration Due to Potential Vulnerability appeared first on SecurityWeek.
Continue reading 3CX Urges Customers to Disable Integration Due to Potential Vulnerability
Pieces of the 3CX supply chain compromise puzzle are starting to fall into place, though we’re still far away from seeing the complete picture. In the meantime, we now also know that: The source of the 3CX breach was a compromised installer for X… Continue reading 3CX breach linked to previous supply chain compromise
The North Korean hacking group behind the supply chain attack that hit 3CX also broke into two critical infrastructure organizations in the energy sector.
The post Symantec: North Korean 3CX Hackers Also Hit Critical Infrastructure Orgs appeared first … Continue reading Symantec: North Korean 3CX Hackers Also Hit Critical Infrastructure Orgs
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks. Continue reading 3CX Breach Was a Double Supply Chain Compromise
3CX hack is the first known cascading supply chain attack, with the breach starting after an employee downloaded compromised software from a different firm.
The post Cascading Supply Chain Attack: 3CX Hacked After Employee Downloaded Trojanized App app… Continue reading Cascading Supply Chain Attack: 3CX Hacked After Employee Downloaded Trojanized App
The incident is the first known case of one supply chain attack leading to a second supply chain attack.
The post 3CX supply chain attack was the result of a previous supply chain attack, Mandiant says appeared first on CyberScoop.
3CX has confirmed previous reports that the recently disclosed supply chain attack was likely conducted by North Korean hackers.
The post Mandiant Also Links 3CX Supply Chain Attack to North Korean Hackers appeared first on SecurityWeek.
Continue reading Mandiant Also Links 3CX Supply Chain Attack to North Korean Hackers
3CX has released an interim report about Mandiant’s findings related to the compromise the company suffered last month, which resulted in a supply chain attack targeting cryptocurrency companies. They discovered that: The attackers infected targe… Continue reading 3CX compromise: More details about the breach, new PWA app released
Scanning tools, supply-chain malware, Wi-Fi hacking, and why there should be TWO World Backup Days… listen now! Continue reading S3 Ep129: When spyware arrives from someone you trust
3CX supply chain attack appears to have been conducted by North Korean hackers with the goal of targeting cryptocurrency firms.
The post 3CX Supply Chain Attack: North Korean Hackers Likely Targeted Cryptocurrency Firms appeared first on SecurityWeek.
Continue reading 3CX Supply Chain Attack: North Korean Hackers Likely Targeted Cryptocurrency Firms