Date: April 07, 2024
Cybersecurity firms have been warned of a supply chain attack targeting downstream customers using a trojanized 3CX software
Multiple cybersecurity firms have warned of a supply chain attack using a trojanized version of 3CX's software to target downstream customers.
3CX is a phone system developer used by more than 600,000 organizations worldwide, including American Express, BMW, McDonald’s, and the U.K.'s National Health Service. The attack, dubbed "Smooth Operator," involves the delivery of trojanized 3CXDesktopApp installers to install infostealer malware inside corporate networks, capable of stealing data and stored credentials from Google Chrome, Microsoft Edge, Brave, and Firefox user profiles.
Researchers report that attackers are targeting both the Windows and macOS versions of the compromised VoIP app. The Linux, iOS, and Android versions appear to be unaffected. The attackers are believed to be the North Korean threat actor Labyrinth Chollima, a subgroup of the notorious Lazarus Group. It appears to be a targeted attack from an Advanced Persistent Threat, perhaps even state-sponsored.
If you are a 3CX user, the company suggests uninstalling the app and installing it again or using its PWA client as a workaround. While we don't know how many organizations have been potentially compromised, Shodan.io reports that there are currently over 240,000 publicly exposed 3CX phone management systems.
Stay vigilant and take immediate action if you suspect any suspicious activity.
Quordle Today: Hints & Answers for July 27, 2024 (Saturday)
Here are your hints and answers for Quordle today. Get our help to solve this entire word puzzle.
NYT Connections Today Game #412: Hints & Answers for July 27
Explore the daily Hints and Answers for NYT Connections. Use these hints to overcome daily word challenges and improve your vocabulary.
NYT Wordle Today: Hints and Answers for July 27, 2024
Looking for Hints and Answers for today’s NYT Wordle? Beat your daily Wordle challenge and strengthen your vocabulary game with these hints.
OpenAI’s AI Search Engine SearchGPT Changes Everything
With the launch of AI-powered SearchGPT, OpenAI is entering into direct rivalry with the age-old search engine leader Google.