News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: VOIP

3CX: 3CX Desktop App Security Incident Results
17 April 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

3XC, the provider of the popular Phone System VOIP/PBX software, had an issue with a trojanized version of the 3CX desktop app. With 600.000 customers in 190 countries waiting for answers, 3CX employed specialist Mandiant as the investigation team for the forensic analysis. Now the first findings are available that it is probably a North Korean APT group. Based on Mandiant's previous investigation into the 3CX intrusion and supply chain attack, they assign the activity to a cluster called UNC4736. Mandiant believes with a high degree of certainty that UNC4736 has a North Korean connection. Windows-based malware client…

Read more

VOIP/PBX software 3CX abused for sideloading attack
March 31, 2023
| No comments
| Short news, Sophos
SophosNews

A trojanized version of the popular phone system VOIP/PBX software 3CX is currently making headlines. The business phone system is used by companies in 190 countries worldwide. An installation program including a Trojan is foisted on Windows users via a DLL sideloading attack. The attack appears to have been a supply chain attack, which allowed attackers to add a desktop application installer that ultimately sideloaded a malicious, encrypted payload via a DLL. Phone system secretly attacked Mat Gangwer, VP Managed Threat Response at Sophos on the current situation: "The attackers managed to manipulate the application to create a...

Read more

Lorenz ransomware slips through VoIP phone vulnerability 
September 18, 2022
| No comments
| PR News
Lorenz ransomware slips through VoIP phone vulnerability

Arctic Wolf recently investigated a Lorenz ransomware attack that used a vulnerability in the Mitel MiVoice VoIP appliance (CVE-2022-29499) for first access and Microsoft's BitLocker Drive Encryption for data encryption. Users of the VoIO solution should urgently run the security patches. Lorenz is a ransomware group that has been active since February 2021 at the latest and, like many ransomware groups, exfiltrates data from its attack target before encrypting the systems. In the most recent quarter, the group primarily targeted small and medium-sized businesses in the United States, but organizations in China and Mexico were also hit. SMEs…

Read more

Linux malware targets VoIP platforms
September 26, 2020
| No comments
| Short news
Eset_News

ESET has discovered that a new type of Linux malware is targeting VoIP platforms and has published an analysis of the Linux malware CDRThief. ESET researchers have discovered previously unknown Linux malware that targets Voice over IP (VoIP) soft switches. The malware was named by the analysts at the European IT security manufacturer CDRThief. The attacked Softswitches Linknat VOS2009 and VOS 3000 both come from a Chinese manufacturer. Softswitches are software that connect and control VoIP phone calls. At the same time, these programs can also be used to bill and manage calls. The novel Linux malware has it ...

Read more

© 2024 MedPressIT GbR
Cookie Settings