The compromise that led to the supply chain attack leveraging the 3CX desktop app was actually another supply chain compromise, according to cybersecurity forensics firm Mandiant. The Google-owned company published a blog detailing the supply chain compromise that affected the 3CX desktop app, which was allegedly perpetrated by a North Korean entity. However, the 3CX […]
Cybersecurity researchers say a vulnerability in the desktop app from VoIP provider 3CX is being actively exploited in supply chain attacks, leading to possible hands-on-keyboard activity by advanced threat actors, including nation-state actors. According to researchers, malicious activity was observed coming from a legitimate signed binary, 3CXDesktopApp — a softphone application from 3CX. Cybersecurity firm […]
Every organization interacts with other organizations: suppliers, partners, customers, government agencies and more. As a result, you can suffer a breach even though your organization was not directly targeted. For example, adversaries were able to release the infamous NotPetya malware to thousands of companies worldwide by compromising the supplier of a popular accounting software solution. […]
OpenSSL has released fixes for high-severity vulnerabilities affecting versions 3.0.0 through 3.0.6 that can cause a denial of service or remote code execution and allow attackers to take control of an affected system. However, the bugs are not as severe as once feared. The OpenSSL project, the organization that maintains the general-purpose cryptography and secure […]
Enterprises involved in the global supply chain, even tangentially, have become highly susceptible to cyberattacks. This is because infiltrating a third-party software provider gives bad actors an avenue to target and access thousands of downstream customers. One of the biggest recent supply chain attacks was on IT management software provider SolarWinds, which saw hackers insert […]
FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets
View all Guides
Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.
Enter Today!