all InfoSec news
Adversaries increasingly using vendor and contractor accounts to infiltrate networks
June 6, 2023, 12:30 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
- Cisco Talos Incident Response (Talos IR) has repeatedly observed attackers targeting and using compromised vendor and contractor accounts (VCAs) during recent emergency response engagements.
- While high-profile software supply chain compromise events garner significant media attention (e.g., the recent disclosure of supply chain attacks via the 3CX Desktop Softphone application), abuse of third-party workforce accounts is often overlooked.
- VCAs typically have expanded privilege and access. They may be glossed over during account audits because of increased trust placed in the third …
3cx abuse accounts adversaries application attackers attacks attention cisco cisco talos cisco talos incident response compromise compromised contractor desktop disclosure emergency events high incident incident response media networks profile response software software supply chain supply supply chain supply chain attacks supply chain compromise talos talos incident response targeting vendor
More from malware.news / Malware Analysis, News and Indicators - Latest topics
What the Biggest-Ever Botnet Takedown Means
1 day, 9 hours ago |
malware.news
Nearly 6M WordPress sites may be affected by bugs in 3 plug-ins
1 day, 11 hours ago |
malware.news
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)