all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

3CX Supply Chain Attack Campaign

Add to bookmarks
March 31, 2023, 11:57 p.m. | Rohit Hegde

Security Boulevard securityboulevard.com

On March 29th 2023, CrowdStrike published a blog outlining a supply chain attack leveraging the 3CXDesktopApp - a softphone application from 3CX. The ThreatLabz Team immediately started hunting for IoCs on the Zscaler Cloud.


We observed infections dating back to February 2023 for both the Windows as well as the MacOS variant of the Trojanized 3CXDesktopApp installers.


Fig.1 - Infections dating back to February 2023 in Zscaler Cloud


In this case the Threat Actors targeted various industry verticals such as: …

3cx 3cxdesktopapp application attack back blog campaign case cloud crowdstrike dating february hunting industry infection infections iocs macos manufacturing march services supply supply chain supply chain attack team technology threat threat actors windows zscaler

Visit resource

More from securityboulevard.com / Security Boulevard

The 5 Best Practices for PCI DSS Compliance 2 hours ago | securityboulevard.com
best practices blog compliance dss +7
5 Ways to Step Up Your AD Hygiene with Silverfort 3 hours ago | securityboulevard.com
access active directory administrators applications +14
Back to Security Basics 3 hours ago | securityboulevard.com
back basics businesses computer +22
Miggo Unfurls Real-Time Application Detection and Response Platform 12 hours ago | securityboulevard.com
ai and machine learning in security and response api security application +21
Test & Evaluation Techniques for Meeting M-24-10 Mandates to Manage Generative AI Risk 13 hours ago | securityboulevard.com
ai risk ai risk management ai risks blog +24
From Caesar to Cyberspace: The Growing Menace of Obfuscated Phishing Scams 13 hours ago | securityboulevard.com
attackers caesar cto corner cyberattacks +17
HHS Strengthens Privacy of Reproductive Health Care Data 14 hours ago | securityboulevard.com
administration biden biden administration care +37
High-Risk Customers: How to Identify & Mitigate Risky Clients 14 hours ago | securityboulevard.com
amp business can clients +11
Bridging the Skills Gap in Data Centers with DCIM Software 14 hours ago | securityboulevard.com
center centers challenge critical +27

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Operations Analyst

@ Astranis | San Francisco
View on infosec-jobs.com

Manager - Business continuity Security and Safety.Risk and Compliance

@ MTN | Benin
View on infosec-jobs.com

Cyber Analyst, Digital Forensics Incident Response

@ At-Bay | Canada
View on infosec-jobs.com

Technical Product Manager, AppSec and DevSecOps

@ Penn Interactive | Philadelphia
View on infosec-jobs.com

Experienced Cloud Security Engineer (m/f/d) - Cybersecurity

@ MediaMarktSaturn | Barcelona, ES, 8003
View on infosec-jobs.com
View more jobs