• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Project of the Week
  • About Us
    SEARCH

Search Results: supply chain attack

3CX Supply Chain Attack

3CX Compromised in Supply Chain Attack

A flaw in the desktop app from VoIP provider 3CX is being exploited in supply chain attacks, leading to possible hands-on-keyboard activity.

March 31, 2023 Zachary Comeau Leave a Comment

Cybersecurity researchers say a vulnerability in the desktop app from VoIP provider 3CX is being actively exploited in supply chain attacks, leading to possible hands-on-keyboard activity by advanced threat actors, including nation-state actors. According to researchers, malicious activity was observed coming from a legitimate signed binary, 3CXDesktopApp — a softphone application from 3CX. Cybersecurity firm […]

Read More

Cybersecurity testing, penetration testing, cyber threats

No Organization Is an Island: How to Protect Against Supply Chain Attacks

To defend against supply chain attacks, organizations need to focus on all three layers of the attack surface: data, identities and infrastructure.

March 2, 2023 Dirk Schrader Leave a Comment

Every organization interacts with other organizations: suppliers, partners, customers, government agencies and more. As a result, you can suffer a breach even though your organization was not directly targeted. For example, adversaries were able to release the infamous NotPetya malware to thousands of companies worldwide by compromising the supplier of a popular accounting software solution. […]

Read More

My TechDecisions Podcast, zero trust

My TechDecisions Episode 170: Protecting Against Supply Chain Attacks

Vijay Viswanathan of Open Systems joins the podcast to talk about creating a cybersecurity model that protects against supply chain attacks.

August 18, 2022 Zachary Comeau Leave a Comment

Vijay Viswanathan of Open Systems joins the podcast to talk about creating a cybersecurity model that protects against supply chain attacks.

Read More

Log4j, Older Vulnerabilities, CISA KEV

Modern Cyber Threats, Supply Chain Attacks Are Burning Out IT Pros, Experts Say

The constantly shifting IT landscape is breeding more cyberattacks, leading to burnout. Applying psychology concepts to the industry may help.

August 9, 2022 Zachary Comeau Leave a Comment

The software supply chain and our increasing reliance on cloud infrastructure is making protecting IT environments more challenging and leading to cybersecurity burnout among IT  professionals, according to a panel of cybersecurity experts held last week in advance of Black Hat USA this week. Attackers are increasingly leveraging the software supply chain and open-source software […]

Read More

Proofpoint CISO, CISOs cyberattack

A NASA-Style Approach to Preventing Supply Chain Attacks in 2022

Enterprises involved in the global supply chain, even tangentially, have become highly susceptible to cyberattacks.

May 2, 2022 Vijay Viswanathan Leave a Comment

Enterprises involved in the global supply chain, even tangentially, have become highly susceptible to cyberattacks. This is because infiltrating a third-party software provider gives bad actors an avenue to target and access thousands of downstream customers. One of the biggest recent supply chain attacks was on IT management software provider SolarWinds, which saw hackers insert […]

Read More

Log4j, Older Vulnerabilities, CISA KEV

Supply Chain Attacks Jump 51% In Second Half of 2021

Malicious actors are increasingly attacking the software supply chain, leading to renewed calls for supplier transparency.

April 12, 2022 Zachary Comeau Leave a Comment

Recent IT supply chain attacks such as the SolarWinds compromise, ransomware campaign that leveraged the Kaseya VSA platform or mass exploitation of the Log4j vulnerabilities have renewed focus on such attacks, which NCC Group says increased by 51% in the last half of 2021. The consulting and managed services firm’s global survey of 1,400 cybersecurity […]

Read More

Proofpoint CISO, CISOs cyberattack

Supply Chain Attacks Highlight Why You Should Continue to Be Careful with Third-Party Providers

New attacks, growing public awareness, and increased oversight from regulators is highlighting the growing trend of supply chain attacks.

November 4, 2021 Chris Martin Leave a Comment

It is nearly one year since we saw a nation-state attack on the SolarWinds network management system that compromised the supply chains of over 18,000 organizations, including the Pentagon and the Department of Homeland Security. With costs likely to run into the billions, the breach was one of the biggest incidents in recent years with […]

Read More

NSA Programming Languages

Rising Ransomware, Supply Chain Disruptions & Geopolitical Issues Complicate Cybersecurity

TXOne Networks findings underscore the need for cybersecurity systems detection and response for combatting both known and unknown threats.

February 20, 2024 TD Staff Leave a Comment

Cyber-physical systems security provider TXOne Networks recently published its 2023 annual report detailing a growing range of cybersecurity issues facing global industries. The Crisis of Convergence: OT/ICS Cybersecurity 2023, which is available for free download, “details diverse intensifying challenges, including growth in attacks via Ransomware-as-a-Service (RaaS) models, exploitation of supply chain vulnerabilities and prevalence of state-sponsored hackers and […]

Read More

3CX Hack Supply Chain attack compromise

‘Cascading Supply Chain Compromise’ Led to 3CX Compromise

The malicious activity that led to the supply chain attacks leveraging the 3CX desktop app was actually another supply chain compromise.

April 20, 2023 Zachary Comeau Leave a Comment

The compromise that led to the supply chain attack leveraging the 3CX desktop app was actually another supply chain compromise, according to cybersecurity forensics firm Mandiant. The Google-owned company published a blog detailing the supply chain compromise that affected the 3CX desktop app, which was allegedly perpetrated by a North Korean entity. However, the 3CX […]

Read More

spear phishing, Phishing bait alert concept on a smartphone screen

Armorblox: BEC Attacks Increased by 72% YOY

BEC attacks surged 72% YoY with companies being targeted by language-based and socially engineered attacks across industries, finds Armorblox.

April 13, 2023 Alyssa Borelli Leave a Comment

Threat researchers at email security firm Armorblox have found that business email compromise (BEC) attacks have increased dramatically by 72% year-over-year. In its second, annual 2023 Email Security Threat Report, the company says it continues to see high volumes of language-based and socially engineered attacks targeting organizations of all sizes and across industries. Vendor compromise […]

Read More

  • Page 1
  • Page 2
  • Page 3
  • Interim pages omitted …
  • Page 17
  • Go to Next Page »

Primary Sidebar

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial Integrator Security Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Contact Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSYour Privacy ChoicesTERMS OF USEPRIVACY POLICY

© 2025 Emerald X, LLC. All rights reserved.