all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The rise of malware in the software supply chain – and what to do about it

Add to bookmarks
April 27, 2023, 3:46 p.m. | paul.roberts@reversinglabs.com (Paul Roberts)

ReversingLabs Blog blog.reversinglabs.com




The fast-evolving story of the compromise of voice over IP (VoIP) provider 3CX has refocused attention on the threat posed by software supply chain compromises. 3CX’s desktop client were tampered with by state-sponsored hackers. The company’s Windows and macOS build environments were compromised, and a backdoor added to the desktop client’s code. The update was then signed and pushed to customers. 

3cx attention backdoor build client code compromise compromised customers desktop environments fast hackers macos malware rsac2023 s code software software supply chain software supply chain security sponsored state story supply supply chain the company threat update voice voip windows

Visit resource

More from blog.reversinglabs.com / ReversingLabs Blog

Announcing the General Availability of TitaniumScale v5.0: Enhancing File Analysis for Advanced Threat Detection 2 days, 5 hours ago | blog.reversinglabs.com
advanced advanced threat advanced threat detection analysis +23
How NIST CSF 2.0 and C-SCRM help manage software supply chain risk 3 days, 1 hour ago | blog.reversinglabs.com
appsec & supply chain security businesses critical critical infrastructure +29
What’s hot at RSAC 2024: 7 must-see talks for security operations teams 4 days, 5 hours ago | blog.reversinglabs.com
conference filter flood francisco +21
NVD delays highlight vulnerability management woes: Put malware first 5 days, 5 hours ago | blog.reversinglabs.com
appsec & supply chain security attention change current +16
CycloneDX upgraded for the evolving software supply chain security era 1 week, 3 days ago | blog.reversinglabs.com
ai development appsec & supply chain security bill bills +25
Where GenAI intersects with threat modeling: 3 key benefits for AppSec 1 week, 4 days ago | blog.reversinglabs.com
application application security appsec appsec & supply chain security +18
OWASP's LLM AI Security & Governance Checklist: 13 action items for your team 1 week, 5 days ago | blog.reversinglabs.com
action ai security appsec & supply chain security artificial +15
XZ Trojan highlights software supply chain risk posed by 'sock puppets' 2 weeks, 3 days ago | blog.reversinglabs.com
appsec & supply chain security attacks compression compromise +28
The state of secrets security: 7 steps to better managing risk 2 weeks, 4 days ago | blog.reversinglabs.com
appsec & supply chain security complexity development epidemic +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Lead Technical Product Manager - Threat Protection

@ Mastercard | Remote - United Kingdom
View on infosec-jobs.com

Data Privacy Officer

@ Banco Popular | San Juan, PR
View on infosec-jobs.com

GRC Security Program Manager

@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City
View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Warrington, United Kingdom
View on infosec-jobs.com

Privacy Engineer, Technical Audit

@ Meta | Menlo Park, CA
View on infosec-jobs.com
View more jobs