3CX breach linked to previous supply chain compromise | allinfosecnews.com

April 24, 2023, 1:23 p.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

Pieces of the 3CX supply chain compromise puzzle are starting to fall into place, though we’re still far away from seeing the complete picture. In the meantime, we now also know that: The source of the 3CX breach was a compromised installer for X_TRADER, an old software package for futures-trading provided by Trading Technologies The trojanized installer for X_TRADER software was also used to drop a backdoor on the systems of two critical infrastructure organizations … More →

The post …

3cx backdoor breach compromise compromised critical critical infrastructure critical infrastructure organizations don't miss eset futures government-backed attacks hot stuff infrastructure installer mandiant old organizations package puzzle software supply supply chain supply chain attacks supply chain compromise symantec systems technologies trading trading technologies x_trader

More from www.helpnetsecurity.com / Help Net Security

Week in review: Attackers trying to access Check Point VPNs, NIST CSF 2.0 security metrics … 4 hours ago | www.helpnetsecurity.com

access anti-ransomware articles attackers +24

Snowflake denies breach, blames data theft on poorly secured customer accounts 16 hours ago | www.helpnetsecurity.com

accounts actor aware breach +26

Snowflake compromised? Attackers exploit stolen credentials 1 day, 17 hours ago | www.helpnetsecurity.com

accounts analytics attackers claims +26

25,000 individuals affected in BBC Pension Scheme data breach 1 day, 23 hours ago | www.helpnetsecurity.com

bbc breach current data +20

Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919) 2 days, 1 hour ago | www.helpnetsecurity.com

0 day accounts april attackers +31

apexanalytix Cyber Risk provides instant alerts for supplier data breaches 2 days, 3 hours ago | www.helpnetsecurity.com

account alerts apexanalytix breaches +24

Lack of skills and budget slow zero-trust implementation 2 days, 8 hours ago | www.helpnetsecurity.com

amp breach budget cyber +24

Encrypted Notepad: Open-source text editor 2 days, 8 hours ago | www.helpnetsecurity.com

ads aes app connection +19

New infosec products of the week: May 31, 2024 2 days, 9 hours ago | www.helpnetsecurity.com

adaptive shield capabilities dashlane detectify +21

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia

View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)

View on infosec-jobs.com