Lazarus Assault Via 3CX Exposes Need to Rethink Security | allinfosecnews.com

April 12, 2023, 12:20 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

When North Korean threat actors the Lazarus Group exploited a legitimate update to the 3CXDesktopApp—a softphone application from 3CX—security professionals didn’t initially pick up on the import of the activity and tactics that signaled the attack. In fact, according to CrowdStrike, which discovered the attack, even experienced security professionals pooh-poohed detections as false positives. And..

The post Lazarus Assault Via 3CX Exposes Need to Rethink Security appeared first on Security Boulevard.

Article Link: https://securityboulevard.com/2023/04/lazarus-assault-via-3cx-exposes-need-to-rethink-security/

1 post - 1 participant …

3cx 3cxdesktopapp application attack crowdstrike detections exploited fact false positives import lazarus lazarus group north north korean professionals security security boulevard security professionals tactics threat threat actors update

More from malware.news / Malware Analysis, News and Indicators - Latest topics

5G Hackathons - Casey Ellis - BTS #28 48 minutes ago | malware.news

article casey ellis hackathons link +2

CoralRaider leverages CDN cache domains in new infostealer campaign 48 minutes ago | malware.news

apps article authentication cache +11

BTS #28 - 5G Hackathons - Casey Ellis an hour ago | malware.news

5g technology bounty bug bug bounty +14

Micropatches Released for Windows Workstation and Server Service Elevation of Privilege Vulnerability (CVE-2022-38034, CVE-2022-38045, No … 3 hours ago | malware.news

access attacker ben bypassing +20

FBI: Disruptive Chinese attacks against US infrastructure imminent 3 hours ago | malware.news

article attacks china chinese +19

Dark web inundated by cheap ransomware tools 3 hours ago | malware.news

article attacks cybercriminals cybersecurity +17

Ukrainian documents laced with old malware exposed 3 hours ago | malware.news

article back compromised cyberscoop +18

US indicts botnet operator 3 hours ago | malware.news

attacks bleepingcomputer botnet computers +7

AI tapped by Torq HyperSOC to better combat cyber threats 3 hours ago | malware.news

alert alert fatigue artificial artificial intelligence +25

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Director, Threat and Attack Research

@ Singtel | Macquarie Park, Australia

View on infosec-jobs.com

Manager Information Security

@ Diebold Nixdorf | Remote, United States

View on infosec-jobs.com

Senior Analyst, IT Information Security

@ IHG | GA, United States

View on infosec-jobs.com

Eurizon Capital SGR - Compliance Senior Specialist

@ Intesa Sanpaolo | Milano, IT

View on infosec-jobs.com

Tier 1 Fusion Security Analyst

@ Nielsen | Bengaluru, India

View on infosec-jobs.com