all InfoSec news
Coverage Advisory for 3CX Supply Chain Attack
Malware Analysis, News and Indicators - Latest topics malware.news
Background:
On 30th March 2023, 3CX released a security alert for 3CX Electron Windows App shipped in Update 7, which informed users about a supply chain attack. The issue has affected the executables for both Windows and Mac operating systems.
What is the issue?
The impacted 3CX Electron Desktop App was bundled with an infected library file named ffmpeg.dll. This infected library further downloads another encrypted file d3dcompiler_47.dll. This file has functionality to access .ico files hosted on GitHub which …
3cx access advisory alert app attack desktop dll domains downloads electron encrypted ffmpeg files github ico information issue library mac march operating systems payload security security alert supply supply chain supply chain attack systems update what is windows