all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

3CX Incident Attributed to North Korea; New LockBit MacOS Sample

Add to bookmarks
April 25, 2023, 10:12 a.m. | Jörg Abraham

Security Boulevard securityboulevard.com


Mandiant Attributes 3CX Supply Chain Attack to North Korean Activity Cluster


On April 11, 2023, 3CX reported that Mandiant - who investigated the supply chain attack using a digitally signed 3CXDesktopApp installer - attributes the attack to an activity cluster named UNC4736. Mandiant assesses with high confidence that UNC4736 has a North Korean nexus. [1


Mandiant´s assessment corroborates findings from Crowdstrike [2] and Kaspersky [3] who analyzed the infected 3CXDesktopApp. Kaspersky discovered a backdoor …

3cx 3cxdesktopapp april assessment attack attributes backdoor cluster crowdstrike cybercriminal findings high incident installer kaspersky korea lazarus lazarus group links lockbit macos malware mandiant nexus north north korea north korean organization ransomware supply supply chain supply chain attack the company threat intelligence threats and vulnerabilities umbrella vulnerabilities

Visit resource

More from securityboulevard.com / Security Boulevard

Baby ASO: A Minimal Viable Transformation for Your SOC 17 hours ago | securityboulevard.com
aso axiom baby change +16
LabHost Phishing Platform is Latest Target of International Law Agencies 20 hours ago | securityboulevard.com
as-a-service countries cybercriminal cybersecurity +34
Choosing SOC Tools? Read This First [2024 Guide] 21 hours ago | securityboulevard.com
analytics & intelligence array centers clock +36
USENIX Security ’23 – GAP: Differentially Private Graph Neural Networks with Aggregation Perturbation 21 hours ago | securityboulevard.com
access aggregation authors channel +19
SafeBreach Coverage for AA24-109A (Akira Ransomware) 21 hours ago | securityboulevard.com
advisory akira akira ransomware cisa +12
Daniel Stori’s ‘WC’ 23 hours ago | securityboulevard.com
daniel daniel stori humor sarcasm +4
USENIX Security ’23 – Inductive Graph Unlearning 1 day, 1 hour ago | securityboulevard.com
access authors channel conference +13
From DAST to dawn: why fuzzing is better solution | Code Intelligence 1 day, 1 hour ago | securityboulevard.com
api security application applications application security +27
Cybersecurity Insights with Contrast CISO David Lindner | 4/19/24 1 day, 3 hours ago | securityboulevard.com
businesses can cisa ciso +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Network Security Engineer

@ Ørsted | Kuala Lumpur, MY
View on infosec-jobs.com

Senior Director of Foundation Relations, Johns Hopkins University & Medicine

@ Johns Hopkins University | Baltimore, MD, United States, 21209
View on infosec-jobs.com

Global Cybersecurity Head

@ CMA CGM | Marseille, FR
View on infosec-jobs.com

Cyber Security Analyst

@ QinetiQ US | Reston, VA, United States
View on infosec-jobs.com
View more jobs