all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Sophisticated 3CX Software Supply Chain Attack Affects Millions of Users

Add to bookmarks
March 31, 2023, 12:30 p.m. | Roy Blit

Security Boulevard securityboulevard.com




On March 29th, 2023, it was published that 3CX, the international VoIP IPBX software, was under an ongoing software supply chain attack. The attackers had trojanized the 3CX communication installer software, reportedly used by over 12 million users daily. Several endpoint security vendors, such as SentinelOne and CrowdStrike, identified this attack. Some reports link this attack to the notorious Lazarus group, the cybercrime group linked to the government of North Korea, as part of their wide activity targeting. …

3cx 3cxdesktopapp appsec attack attackers call communication crowdstrike cybercrime daily endpoint endpoint security enterprise explainers government installer international korea lazarus lazarus group link march north north korea reports routing security sentinelone software software supply chain software supply chain attack supply supply chain supply chain attack targeting threats under vendors voip

Visit resource

More from securityboulevard.com / Security Boulevard

HHS Strengthens Privacy of Reproductive Health Care Data an hour ago | securityboulevard.com
administration biden biden administration care +37
UnitedHealth: Ransomware Attackers Stole Huge Amount of Data 3 hours ago | securityboulevard.com
attackers breach care cloud security +32
Oak Ridge, McCrary Institute Establish Cybersecurity Center Focused on Electrical Grid 4 hours ago | securityboulevard.com
addition center centers critical +29
PuTTY SSH Client Vulnerability Allows Private Key Recovery 5 hours ago | securityboulevard.com
blog client critical critical vulnerability +15
TuxCare Names Glen Kuhne as Vice President of Enterprise Sales 7 hours ago | securityboulevard.com
alto april customer customer success +22
AI: Friend or Foe? Unveiling the Current Landscape with MixMode’s State of AI in Cybersecurity … 7 hours ago | securityboulevard.com
ai ai cybersecurity artificial artificial intelligence +21
Cybercrime Predictions from an Industry Veteran: Chris Hetner 7 hours ago | securityboulevard.com
analysis and predictions chris companies +17
Digital Risk Types Demystified: A Strategic Insight into Online Threats 7 hours ago | securityboulevard.com
blog business cutting digital +16
Women in Cybersecurity Face Continued Pay Disparities 8 hours ago | securityboulevard.com
career careers cybersecurity cybersecurity career +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Advisory Red Consultant

@ Security Risk Advisors | Philadelphia, Pennsylvania, United States
View on infosec-jobs.com

Cyber Business Transformation Change Analyst

@ National Grid | Warwick, GB, CV34 6DA
View on infosec-jobs.com

Cyber Security Analyst

@ Ford Motor Company | Mexico City, MEX, Mexico
View on infosec-jobs.com

Associate Administrator, Cyber Security Governance (Fort Myers)

@ Millennium Physician Group | Fort Myers, FL, United States
View on infosec-jobs.com

Embedded GSOC Lead Operator, Events

@ Sibylline Ltd | Seattle, WA, United States
View on infosec-jobs.com
View more jobs