Search Results: supply chain attack

3CX Compromised in Supply Chain Attack

A flaw in the desktop app from VoIP provider 3CX is being exploited in supply chain attacks, leading to possible hands-on-keyboard activity.

March 31, 2023 Zachary Comeau Leave a Comment

Cybersecurity researchers say a vulnerability in the desktop app from VoIP provider 3CX is being actively exploited in supply chain attacks, leading to possible hands-on-keyboard activity by advanced threat actors, including nation-state actors. According to researchers, malicious activity was observed coming from a legitimate signed binary, 3CXDesktopApp — a softphone application from 3CX. Cybersecurity firm […]

Cybersecurity testing, penetration testing, cyber threats

No Organization Is an Island: How to Protect Against Supply Chain Attacks

To defend against supply chain attacks, organizations need to focus on all three layers of the attack surface: data, identities and infrastructure.

March 2, 2023 Dirk Schrader Leave a Comment

Every organization interacts with other organizations: suppliers, partners, customers, government agencies and more. As a result, you can suffer a breach even though your organization was not directly targeted. For example, adversaries were able to release the infamous NotPetya malware to thousands of companies worldwide by compromising the supplier of a popular accounting software solution. […]

My TechDecisions Episode 170: Protecting Against Supply Chain Attacks

Vijay Viswanathan of Open Systems joins the podcast to talk about creating a cybersecurity model that protects against supply chain attacks.

August 18, 2022 Zachary Comeau Leave a Comment

Vijay Viswanathan of Open Systems joins the podcast to talk about creating a cybersecurity model that protects against supply chain attacks.

Modern Cyber Threats, Supply Chain Attacks Are Burning Out IT Pros, Experts Say

The constantly shifting IT landscape is breeding more cyberattacks, leading to burnout. Applying psychology concepts to the industry may help.

August 9, 2022 Zachary Comeau Leave a Comment

The software supply chain and our increasing reliance on cloud infrastructure is making protecting IT environments more challenging and leading to cybersecurity burnout among IT professionals, according to a panel of cybersecurity experts held last week in advance of Black Hat USA this week. Attackers are increasingly leveraging the software supply chain and open-source software […]

A NASA-Style Approach to Preventing Supply Chain Attacks in 2022

Enterprises involved in the global supply chain, even tangentially, have become highly susceptible to cyberattacks.

May 2, 2022 Vijay Viswanathan Leave a Comment

Enterprises involved in the global supply chain, even tangentially, have become highly susceptible to cyberattacks. This is because infiltrating a third-party software provider gives bad actors an avenue to target and access thousands of downstream customers. One of the biggest recent supply chain attacks was on IT management software provider SolarWinds, which saw hackers insert […]

Supply Chain Attacks Jump 51% In Second Half of 2021

Malicious actors are increasingly attacking the software supply chain, leading to renewed calls for supplier transparency.

April 12, 2022 Zachary Comeau Leave a Comment

Recent IT supply chain attacks such as the SolarWinds compromise, ransomware campaign that leveraged the Kaseya VSA platform or mass exploitation of the Log4j vulnerabilities have renewed focus on such attacks, which NCC Group says increased by 51% in the last half of 2021. The consulting and managed services firm’s global survey of 1,400 cybersecurity […]

Supply Chain Attacks Highlight Why You Should Continue to Be Careful with Third-Party Providers

New attacks, growing public awareness, and increased oversight from regulators is highlighting the growing trend of supply chain attacks.

November 4, 2021 Chris Martin Leave a Comment

It is nearly one year since we saw a nation-state attack on the SolarWinds network management system that compromised the supply chains of over 18,000 organizations, including the Pentagon and the Department of Homeland Security. With costs likely to run into the billions, the breach was one of the biggest incidents in recent years with […]

Rising Ransomware, Supply Chain Disruptions & Geopolitical Issues Complicate Cybersecurity

TXOne Networks findings underscore the need for cybersecurity systems detection and response for combatting both known and unknown threats.

February 20, 2024 TD Staff Leave a Comment

Cyber-physical systems security provider TXOne Networks recently published its 2023 annual report detailing a growing range of cybersecurity issues facing global industries. The Crisis of Convergence: OT/ICS Cybersecurity 2023, which is available for free download, “details diverse intensifying challenges, including growth in attacks via Ransomware-as-a-Service (RaaS) models, exploitation of supply chain vulnerabilities and prevalence of state-sponsored hackers and […]

‘Cascading Supply Chain Compromise’ Led to 3CX Compromise

The malicious activity that led to the supply chain attacks leveraging the 3CX desktop app was actually another supply chain compromise.

April 20, 2023 Zachary Comeau Leave a Comment

The compromise that led to the supply chain attack leveraging the 3CX desktop app was actually another supply chain compromise, according to cybersecurity forensics firm Mandiant. The Google-owned company published a blog detailing the supply chain compromise that affected the 3CX desktop app, which was allegedly perpetrated by a North Korean entity. However, the 3CX […]

spear phishing, Phishing bait alert concept on a smartphone screen

Armorblox: BEC Attacks Increased by 72% YOY

BEC attacks surged 72% YoY with companies being targeted by language-based and socially engineered attacks across industries, finds Armorblox.

April 13, 2023 Alyssa Borelli Leave a Comment

Threat researchers at email security firm Armorblox have found that business email compromise (BEC) attacks have increased dramatically by 72% year-over-year. In its second, annual 2023 Email Security Threat Report, the company says it continues to see high volumes of language-based and socially engineered attacks targeting organizations of all sizes and across industries. Vendor compromise […]

A flaw in the desktop app from VoIP provider 3CX is being exploited in supply chain attacks, leading to possible hands-on-keyboard activity.

To defend against supply chain attacks, organizations need to focus on all three layers of the attack surface: data, identities and infrastructure.

Vijay Viswanathan of Open Systems joins the podcast to talk about creating a cybersecurity model that protects against supply chain attacks.

The constantly shifting IT landscape is breeding more cyberattacks, leading to burnout. Applying psychology concepts to the industry may help.

Enterprises involved in the global supply chain, even tangentially, have become highly susceptible to cyberattacks.

Malicious actors are increasingly attacking the software supply chain, leading to renewed calls for supplier transparency.

New attacks, growing public awareness, and increased oversight from regulators is highlighting the growing trend of supply chain attacks.

TXOne Networks findings underscore the need for cybersecurity systems detection and response for combatting both known and unknown threats.

The malicious activity that led to the supply chain attacks leveraging the 3CX desktop app was actually another supply chain compromise.

BEC attacks surged 72% YoY with companies being targeted by language-based and socially engineered attacks across industries, finds Armorblox.

Footer

TechDecisions

Free Technology Guides