Categories: US-Cert-Repository

Supply Chain Attack Against 3CXDesktopApp

CISA is aware of open-source reports describing a supply chain attack against 3CX software and their customers. According to the reports, 3CXDesktopApp — a voice and video conferencing app — was trojanized, potentially leading to multi-staged attacks against users employing the vulnerable app.

CISA urges users and organizations to review the following reports for more information, and hunt for the listed indicators of compromise (IOCs) for potential malicious activity:

CrowdStrike: Falcon Platform Detects and Prevents Active Intrusion Campaign Targeting 3CXDesktopApp Customers
SentinelOne: SmoothOperator | Ongoing Campaign Trojanizes 3CXDesktopApp in Supply Chain Attack
DesktopApp: 3CX DesktopApp Security Alert

admin

Next Samba Releases Security Updates for Multiple Versions of Samba »

Previous « CISA and NSA Release Enduring Security Framework Guidance on Identity and Access Management

Leave a Comment

Share

Published by

admin

3 years ago

Recent Posts

MyDoom.B Virus

Systems Affected Any system running Microsoft Windows (Windows 95 and newer) that are used…

3 weeks ago

Multiple Vulnerabilities in Microsoft Internet Explorer

Systems Affected Microsoft Windows systems running Internet Explorer 5.01 Internet Explorer 5.50 Internet Explorer…

4 weeks ago

HTTP Parsing Vulnerabilities in Check Point Firewall-1

Systems Affected Check Point Firewall-1 NG FCS Check Point Firewall-1 NG FP1 Check Point…

4 weeks ago

Multiple Vulnerabilities in Microsoft Windows

Systems Affected Systems running Microsoft Windows Overview Microsoft Windows contains multiple vulnerabilities,…

4 weeks ago

Vulnerability in Microsoft Outlook 2002

Systems Affected Systems running Microsoft Office XP and Outlook 2002 Overview There…

4 weeks ago

Multiple Vulnerabilities in OpenSSL

Systems Affected Applications and systems that use the OpenSSL SSL/TLS library Overview …

4 weeks ago

t
L

This website uses cookies.