all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The 3CX attack gets wilder, marks first 'cascading software supply chain compromise'

Add to bookmarks
April 21, 2023, 3:51 p.m. | paul.roberts@reversinglabs.com (Paul Roberts)

ReversingLabs Blog blog.reversinglabs.com




Security firm Mandiant Consulting released a report Wednesday that traced the breach at 3CX back to yet another supply chain-compromised application: X-Trader, a derivatives trading software application manufactured by the firm Trading Technologies.

3cx advanced persistent threats application attack back breach compromise compromised consulting derivatives mandiant report security software software supply chain software supply chain security software tampering supply supply chain supply chain compromise technologies trading trading technologies

Visit resource

More from blog.reversinglabs.com / ReversingLabs Blog

How NIST CSF 2.0 and C-SCRM help manage software supply chain risk 9 hours ago | blog.reversinglabs.com
appsec & supply chain security businesses critical critical infrastructure +29
What’s hot at RSAC 2024: 7 must-see talks for security operations teams 1 day, 12 hours ago | blog.reversinglabs.com
conference filter flood francisco +21
NVD delays highlight vulnerability management woes: Put malware first 2 days, 12 hours ago | blog.reversinglabs.com
appsec & supply chain security attention change current +16
CycloneDX upgraded for the evolving software supply chain security era 1 week ago | blog.reversinglabs.com
ai development appsec & supply chain security bill bills +25
Where GenAI intersects with threat modeling: 3 key benefits for AppSec 1 week, 1 day ago | blog.reversinglabs.com
application application security appsec appsec & supply chain security +18
OWASP's LLM AI Security & Governance Checklist: 13 action items for your team 1 week, 2 days ago | blog.reversinglabs.com
action ai security appsec & supply chain security artificial +15
XZ Trojan highlights software supply chain risk posed by 'sock puppets' 2 weeks ago | blog.reversinglabs.com
appsec & supply chain security attacks compression compromise +28
The state of secrets security: 7 steps to better managing risk 2 weeks, 1 day ago | blog.reversinglabs.com
appsec & supply chain security complexity development epidemic +16
When GenAI and low-code collide: What could go wrong for AppSec? 2 weeks, 2 days ago | blog.reversinglabs.com
application application security appsec appsec & supply chain security +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Manager, Security Compliance (Customer Trust)

@ Box | Tokyo
View on infosec-jobs.com

Cyber Security Engineering Specialist

@ SITEC Consulting | St. Louis, MO, USA 63101
View on infosec-jobs.com

Technical Security Analyst

@ Spire Healthcare | United Kingdom
View on infosec-jobs.com

Embedded Threat Intelligence Team Account Manager

@ Sibylline Ltd | Austin, Texas, United States
View on infosec-jobs.com

Bank Protection Security Officer

@ Allied Universal | Portland, OR, United States
View on infosec-jobs.com
View more jobs