all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Coverage Advisory for 3CX Supply Chain Attack

Add to bookmarks
March 31, 2023, 12:50 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Background:


On 30th March 2023, 3CX released a security alert for 3CX Electron Windows App shipped in Update 7, which informed users about a supply chain attack. The issue has affected the executables for both Windows and Mac operating systems.


What is the issue?


The impacted 3CX Electron Desktop App was bundled with an infected library file named ffmpeg.dll. This infected library further downloads another encrypted file d3dcompiler_47.dll. This file has functionality to access .ico files hosted on GitHub which …

3cx access advisory alert app attack desktop dll domains downloads electron encrypted ffmpeg files github ico information issue library mac march operating systems payload security security alert supply supply chain supply chain attack systems update what is windows

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

API Rug Pull - The NIST NVD Database and API (Part 4 of 3), (Wed, … 34 minutes ago | malware.news
api back database email +7
Distribution of Infostealer Made With Electron 2 hours ago | malware.news
ahnlab applications apps asec +20
Mitigating AI-Powered Cyberthreats With a Proactive ZTNA Security Strategy 3 hours ago | malware.news
ai-powered artificial artificial intelligence capabilities +20
TensorFlow AI models at risk due to Keras API flaw 4 hours ago | malware.news
ai models api arbitrary code article +9
Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland... - SWN #380 4 hours ago | malware.news
alto article bear crushftp +9
Google ad for Facebook redirects to scam 5 hours ago | malware.news
ads campaign facebook google +15
Memory Analysis 101: Understanding Memory Threats and Forensic Tools 5 hours ago | malware.news
analysis cybersecurity cybersecurity landscape drive +22
A 'substantial proportion' of Americans exposed in Change Healthcare cyberattack 6 hours ago | malware.news
article change change healthcare customer +15
Change Healthcare Says Attackers Accessed PHI and PII 7 hours ago | malware.news
access america attack attackers +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Check Team Members / Cyber Consultants / Pen Testers

@ Resillion | Birmingham, United Kingdom
View on infosec-jobs.com

Security Officer Field Training Officer- Full Time (Harrah's LV)

@ Caesars Entertainment | Las Vegas, NV, United States
View on infosec-jobs.com

Cybersecurity Subject Matter Expert (SME)

@ SMS Data Products Group, Inc. | Fort Belvoir, VA, United States
View on infosec-jobs.com

AWS Security Engineer

@ IntelliPro Group Inc. | Palo Alto, CA
View on infosec-jobs.com

Information Security Analyst

@ Freudenberg Group | Alajuela
View on infosec-jobs.com
View more jobs