Skip to content

Security Stop-Press : Attack On 3CX Business Phone System Program Reported

Cyber security firms CrowdStrike and Sophos have reported that the 3CX communications technology supplier’s 3CXDesktopApp has been hit by supply chain attacks from a Korea-linked advanced persistent threat (APT) actor. The attacks, which spread via a compromised update to one of its products, have involved an installer which uses DLL [Dynamic Link Library] sideloading to retrieve a malicious, encoded payload. The malicious activity in the popular business phone system program has now been blocked and users are advised to check 3CX’s blog for any official communications from the company.

Share

Tags

Related Posts

MFA fatigue attacks blog image of a MFA sign in request from Microsoft. Photo by Ed Hardie on Unsplash

MFA Fatigue Attacks: What They Are and How to Avoid Them

MacBook Pro turned-on image from https://unsplash.com/photos/macbook-pro-turned-on-JJPqavJBy_k

How to Spot Hidden Malware on Your Devices

A man sitting at a table using a laptop computer

Guide to Secure File Storage and Transfers

Photo by Leeloo The First: https://www.pexels.com/photo/smartphone-pen-calendar-and-eyeglasses-on-flat-surface-7887800/

What is Blockchain Technology and How Does it Work?

2 Norbury Road
Reigate
Surrey
RH2 9BY
United Kingdom

Company

Services

Inventas Business IT Support Logo
Cyber Essentials Certified
Back To Top