admin/APT_REPORT
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
82abaf02d5a7b410eef60b3c392af3ea321502cd
APT_REPORT/lazarus/3CXSupplyChain
History
blackorbird 836f4d3fd5 Add files via upload
2023-06-30 15:00:55 +08:00
..
NCSC_MAR-Smooth-Operator.pdf
Add files via upload
2023-06-30 15:00:55 +08:00
README.MD
Update README.MD
2023-04-24 18:40:02 +08:00

README.MD

3CX Supply Chain

ESET https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/

krebsonsecurity https://krebsonsecurity.com/2023/04/3cx-breach-was-a-double-supply-chain-compromise/

Kaspersky https://securelist.com/gopuram-backdoor-deployed-through-3cx-supply-chain-attack/109344/

Volexity https://www.volexity.com/blog/2023/03/30/3cx-supply-chain-compromise-leads-to-iconic-incident/

CrowdStrike https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/ https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/

SentinelLabs https://www.sentinelone.com/blog/smoothoperator-ongoing-campaign-trojanizes-3cx-software-in-software-supply-chain-attack/

Sophos https://news.sophos.com/en-us/2023/03/29/3cx-dll-sideloading-attack/

Huntress https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats

Elastic Ecurity Labs https://www.elastic.co/security-labs/elastic-users-protected-from-suddenicon-supply-chain-attack

Reversing Labs https://www.reversinglabs.com/blog/red-flags-fly-over-supply-chain-compromised-3cx-update

PAN(Palo Alto) https://unit42.paloaltonetworks.com/3cxdesktopapp-supply-chain-attack/

Trend Micro Research https://www.trendmicro.com/en_us/research/23/c/information-on-attacks-involving-3cx-desktop-app.html

CheckPoint Research https://twitter.com/CPResearch/status/1641424448740810754

Objective See https://objective-see.org/blog/blog_0x73.html

Fortinet https://www.fortinet.com/blog/threat-research/3cx-desktop-app-compromised

Orange Cyberdefense https://www.orangecyberdefense.com/global/blog/research/3cx-voip-app-supply-chain-compromise

Symantec (Broadcom) https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/3cx-supply-chain-attack

Cyble https://blog.cyble.com/2023/03/31/a-comprehensive-analysis-of-the-3cx-attack/

Nextron Systems https://www.nextron-systems.com/2023/03/31/using-thor-lite-to-scan-for-indicators-of-lazarus-activity-related-to-the-3cx-compromise/

Automox https://www.automox.com/blog/3cx-desktop-app-compromised

Malwarebytes https://www.malwarebytes.com/blog/news/2023/03/3cx-desktop-app-used-in-a-supply-chain-attack

Rapid7 https://www.rapid7.com/blog/post/2023/03/30/backdoored-3cxdesktopapp-installer-used-in-active-threat-campaign/

Talos (Cisco) https://blog.talosintelligence.com/3cx-softphone-supply-chain-compromise/

Trustwave https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/trustwave-action-response-supply-chain-attack-using-3cx-pbax-software/

Blackberry https://blogs.blackberry.com/en/2023/03/initial-implants-and-network-analysis-suggest-the-3cx-supply-chain-operation-goes-back-to-fall-2022

Reference in New Issue View Git Blame Copy Permalink