3CX warns customers to disable SQL database integrations
VoIP communications company 3CX warned customers today to disable SQL Database integrations because of risks posed by what it describes as a potential vulnerability. [...]
3CX concerns cybersecurity risks in a business communications platform, including supply-chain compromise, malicious updates, and incident response.
Search across headline titles and summaries.
Background for this topic.
3CX is a software-based private branch exchange (PBX) system that manages business phone calls over internet protocol (VoIP). It handles call routing, voicemail, conferencing, and integrates with other communication tools, often hosted on-premises or in cloud environments. As a core telephony platform, it processes sensitive voice data and user credentials, making it a critical asset in enterprise communications infrastructure.
Security risks with 3CX include exploitation of software vulnerabilities that could allow attackers to intercept calls, access voicemail, or execute unauthorized commands. Weak authentication or exposed management interfaces increase the risk of account compromise or system takeover. Defenders should focus on applying patches promptly, enforcing strong access controls, and isolating the PBX network segment to limit exposure and protect voice traffic confidentiality and integrity.
Weekly headline count for the current query.
VoIP communications company 3CX warned customers today to disable SQL Database integrations because of risks posed by what it describes as a potential vulnerability. [...]
An analysis of the indicators of compromise (IoCs) associated with the JumpCloud hack has uncovered evidence pointing to the involvement of North Korean state-sponsored groups, in a style that's reminiscent of the supply chain attack targeting 3CX
Active threat hunting is the best protection against supply chain attacks like MOVEit and 3CX, experts say.
The infamous North Korean APT group is using Log4Shell, the 3CX supply chain attack, and other known vectors to breach Microsoft Web servers.
As investigations continue, researchers find confirmation in their suspicions of a sprawling attack affecting multiple organizations.
Symantec warns North Korean actors may return for further exploitation
Also, Finland sentences CEO of breach company to prison (kind of), and this week's laundry list of critical vulns In Brief We thought it was probably the case when the news came out, but now it's been confirmed: The X_Trader supply chain attack behind the 3CX compromise last month wasn't confined to the telco developer.…
Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also breached two critical infrastructure organizations in the power and energy sector and two other businesses involved in financial trading using the trojanized X_TRADER application
The X_Trader software supply chain attack that led to last month's 3CX breach has also impacted at least several critical infrastructure organizations in the United States and Europe, according to Symantec's Threat Hunter Team. [...]
The supply chain attack targeting 3CX was the result of a prior supply chain compromise associated with a different company, demonstrating a new level of sophistication with North Korean threat actors
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks.
Mandiant found that North Korea's UNC4736 gained initial access on 3CX's network when an employee downloaded a weaponized but legitimately-signed app from Trading Technologies.
Mandiant said this would be the first instance of a software supply chain attack leading to another
Threat hunters traced it back to malware-laced Trading Technologies' software The supply-chain attack against 3CX last month was caused by an earlier supply-chain compromise of a different software firm — Trading Technologies — according to Mandiant, whose consulting crew was hired by 3CX to help the VoIP biz investigate the intrusion.…
An investigation into last month's 3CX supply chain attack discovered that it was caused by another supply chain compromise where suspected North Korean attackers breached the site of stock trading automation company Trading Technologies to push trojanized software builds. [...]
As Mandiant finds more evidence it was North Korea wot done it The CEO of VoIP software provider 3CX has teased the imminent release of a security-focused upgrade to the company’s progressive web application client.…
Enterprise communications service provider 3CX confirmed that the supply chain attack targeting its desktop application for Windows and macOS was the handiwork of a threat actor with North Korean nexus
The April 2023 Patch Tuesday security update also included a reissue of a fix for a 10-year-old bug that a threat actor recently exploited in the supply chain attack on 3CX.
VoIP communications company 3CX confirmed today that a North Korean hacking group was behind last month's supply chain attack. [...]
Kaspersky links campaign to Gopuram backdoor