all InfoSec news
Threat Advisory: 3CX Softphone Supply Chain Compromise
Malware Analysis, News and Indicators - Latest topics malware.news
- Cisco Talos is tracking and actively responding to a supply chain attack involving the 3CX Desktop Softphone application.
- This is a multi-stage attack that involves sideloading DLLs, seven-day sleep routines, and additional payloads dependent on a now-removed GitHub repository for Windows based systems.
- MacOS systems used a different infection chain leveraging a hardcoded C2 domain, as opposed to the GitHub repo.
- This is just the latest supply chain attack threatening users, after the SolarWinds incident in 2020 and the REvil …
3cx advisory application attack aware cisco cisco talos compromise desktop domain exploiting github hardcoded incident infection kaseya kaseya vsa latest macos ransomware ransomware group repo repository revil revil ransomware revil ransomware group sideloading sleep solarwinds stage supply supply chain supply chain attack supply chain compromise systems talos threat threat advisory tracking vsa windows