all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

3CX supply chain attack, Mark Russinovich and Sysinternals, CISA ransomware notifications, and emotional intelligence

Add to bookmarks
April 8, 2023, 9:04 p.m. | Amanda Berlin, Bryan Brake, and Brian Boettcher

Brakeing Down Security Podcast www.brakeingsecurity.com

Show Topic Summary (less than 300 words)

3CX supply chain attack, Mark Russinovich and Sysinternals, ransomware notifications from CISA, and emotional

intelligence

Youtube VOD: https://www.youtube.com/watch?v=afZHiBUr-2g 

Questions and potential topics (5 minimum):

  1. https://www.straitstimes.com/tech/downloading-a-cracked-version-of-fifa-23-or-hogwarts-legacy-for-free-it-s-probably-malware 

  1. https://leadershipfreak.blog/2023/03/27/the-7-powers-of-questions/ 

  1. https://securityintelligence.com/articles/is-it-time-to-hide-your-work-emails/ 

  1. https://www.lollydaskal.com/leadership/what-remote-leaders-do-differently-to-be-successful/ 

  1. https://www.lollydaskal.com/leadership/the-role-of-emotional-intelligence-in-leadership-why-it-matters/ 

  1. https://www.cybersecuritydive.com/news/3cx-mandiant-investigate-supply-chain-attack/646543/ 

  1. https://www.bleepingcomputer.com/news/security/openai-chatgpt-payment-data-leak-caused-by-open-source-bug/ 

  1. https://www.cybersecuritydive.com/news/cisa-pre-ransomware-notification/646041/ 

  1. https://www.sentinelone.com/labs/the-life-and-times-of-sysinternals-how-one-developer-changed-the-face-of-malware-analysis/ 

 

Additional information / pertinent Links (would you like to know more?):

https://unit42.paloaltonetworks.com/3cxdesktopapp-supply-chain-attack/ 

https://www.orangecyberdefense.com/global/blog/research/3cx-voip-app-supply-chain-compromise 

https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

https://www.linkedin.com/feed/update/urn:li:activity:7047156405715300352/ 

Sigma Rule - https://github.com/SigmaHQ/sigma/blob/master/rules/windows/process_creation/proc_creation_win_malware_3cx_compromise_susp_children.yml 

https://en.wikipedia.org/wiki/Information_Sharing_and_Analysis_Center 

https://www.cisa.gov/news-events/news/cisa-establishes-ransomware-vulnerability-warning-pilot-program 

https://www.fda.gov/media/166614/download 

https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189 

https://medium.com/@martin-thissen/llama-alpaca-chatgpt-on-your-local-computer-tutorial-17adda704c23 

 

Show Points of Contact:

Amanda Berlin: @infosystir @hackershealth 

Brian Boettcher: @boettcherpwned

Bryan Brake: @bryanbrake @bryanbrake@mastodon.social

Website: …

3cx attack cisa emotional intelligence intelligence leadership mark mark russinovich notifications ransomware supply supply chain supply chain attack sysinternals voip

Visit resource

More from www.brakeingsecurity.com / Brakeing Down Security Podcast

Josh Grossman - building Appsec programs, bridging security and developer gaps 1 week, 4 days ago | www.brakeingsecurity.com
appsec asvs brakesec codeanalysis +8
Managing messaging with management, becoming a CISO with Mary Gardner from Goldiknox 2 weeks, 4 days ago | www.brakeingsecurity.com
board members ciso goldiknox grc +3
p2-accidentalCISO, building trust in new places 2 months, 1 week ago | www.brakeingsecurity.com
AccidentalCISO on BrakeSecEd, talking Leadership, SaaS development, and Appsec 2 months, 3 weeks ago | www.brakeingsecurity.com
cicd ciso development management +1
1st show of 2024! Our 10th Anniversary... 3 months, 2 weeks ago | www.brakeingsecurity.com
accountability leadership
Brakesec Call to Action 2023 4 months, 1 week ago | www.brakeingsecurity.com
How to get more headcount, BLUFFs Vulnerability, and Ranty Clause debuts! 4 months, 3 weeks ago | www.brakeingsecurity.com
25Oct - okta breached (again), Energy company hit by supply chain attack, and you can … 6 months ago | www.brakeingsecurity.com
breach cybersecurity okta ransomware +1
NIcole Sundin - CPO at Axio - SEC compliance, usable security, setting up risk mgmt … 7 months ago | www.brakeingsecurity.com

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cybersecurity Engineer

@ Booz Allen Hamilton | USA, VA, Arlington (1550 Crystal Dr Suite 300) non-client
View on infosec-jobs.com

Invoice Compliance Reviewer

@ AC Disaster Consulting | Fort Myers, Florida, United States - Remote
View on infosec-jobs.com

Technical Program Manager II - Compliance

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Head of U.S. Threat Intelligence / Senior Manager for Threat Intelligence

@ Moonshot | Washington, District of Columbia, United States
View on infosec-jobs.com

Customer Engineer, Security, Public Sector

@ Google | Virginia, USA; Illinois, USA
View on infosec-jobs.com
View more jobs