all InfoSec news
Adversaries increasingly using vendor and contractor accounts to infiltrate networks
June 6, 2023, 12:30 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
- Cisco Talos Incident Response (Talos IR) has repeatedly observed attackers targeting and using compromised vendor and contractor accounts (VCAs) during recent emergency response engagements.
- While high-profile software supply chain compromise events garner significant media attention (e.g., the recent disclosure of supply chain attacks via the 3CX Desktop Softphone application), abuse of third-party workforce accounts is often overlooked.
- VCAs typically have expanded privilege and access. They may be glossed over during account audits because of increased trust placed in the third …
3cx abuse accounts adversaries application attackers attacks attention cisco cisco talos cisco talos incident response compromise compromised contractor desktop disclosure emergency events high incident incident response media networks profile response software software supply chain supply supply chain supply chain attacks supply chain compromise talos talos incident response targeting vendor
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Salesforce Solution Consultant
@ BeyondTrust | Remote United States
Divisional Deputy City Solicitor, Public Safety Compliance Counsel - Compliance and Legislation Unit
@ City of Philadelphia | Philadelphia, PA, United States
Security Engineer, IT IAM, EIS
@ Micron Technology | Hyderabad - Skyview, India
Security Analyst
@ Northwestern Memorial Healthcare | Chicago, IL, United States
Werkstudent Cybersecurity (m/w/d)
@ Brose Group | Bamberg, DE, 96052