Threat Advisory: 3CX Softphone Supply Chain Compromise | allinfosecnews.com

March 30, 2023, 10:29 p.m. | Cisco Talos

Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com

Cisco Talos is tracking and actively responding to a supply chain attack involving the 3CX Desktop Softphone application.
This is a multi-stage attack that involves sideloading DLLs, seven-day sleep routines, and additional payloads dependent on a now-removed GitHub repository for Windows based systems.
MacOS systems used a different infection chain

3cx advisory application attack cisco cisco talos compromise desktop github infection macos repository sideloading sleep stage supply supply chain supply chain attack supply chain compromise systems talos threat threat advisory tracking windows

More from blog.talosintelligence.com / Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

What can we learn from the passwords used in brute-force attacks? 19 hours ago | blog.talosintelligence.com

attacks brute brute-force can +5

Vulnerabilities in employee management system could lead to remote code execution, login credential theft 1 day, 21 hours ago | blog.talosintelligence.com

code code execution credential credential theft +21

Cisco Talos at RSAC 2024 3 days, 1 hour ago | blog.talosintelligence.com

announcements cisco cisco talos cybersecurity +12

James Nutland studies what makes threat actors tick, growing our understanding of the current APT … 4 days, 1 hour ago | blog.talosintelligence.com

adversary apt can current +14

The private sector probably isn’t coming to save the NVD 1 week ago | blog.talosintelligence.com

arcanedoor coming cybercrime isn +9

Talos IR trends: BEC attacks surge, while weaknesses in MFA persist 1 week, 1 day ago | blog.talosintelligence.com

adversaries attacks bec bec attacks +17

ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices 1 week, 1 day ago | blog.talosintelligence.com

apt campaign campaigns devices +15

Suspected CoralRaider continues to expand victimology using three information stealers 1 week, 3 days ago | blog.talosintelligence.com

apt argument bypass command +17

What’s the deal with the massive backlog of vulnerabilities at the NVD? 2 weeks ago | blog.talosintelligence.com

backlog current deal management +10

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Offensive Security Engineer

@ Ivanti | United States, Remote

View on infosec-jobs.com

Senior Security Engineer I

@ Samsara | Remote - US

View on infosec-jobs.com

Senior Principal Information System Security Engineer

@ Chameleon Consulting Group | Herndon, VA

View on infosec-jobs.com

Junior Detections Engineer

@ Kandji | San Francisco

View on infosec-jobs.com

Data Security Engineer/ Architect - Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700

View on infosec-jobs.com