3CX Breach Widens as Cyberattackers Drop Second-Stage Backdoor

"Gopuram" is a backdoor that North Korea's Lazarus Group has used in some campaigns dating back to 2020, some researchers say. [TechWeb]( Follow Dark Reading: [RSS]( April 04, 2023 LATEST SECURITY NEWS & COMMENTARY [3CX Breach Widens as Cyberattackers Drop Second-Stage Backdoor]( "Gopuram" is a backdoor that North Korea's Lazarus Group has used in some campaigns dating back to 2020, some researchers say. [For Cybercrime Gangs, Professionalization Comes With 'Corporate' Headaches]( They rake in millions, but now, as much as zero-days and ransoms, cybercriminals are dealing with management structures and overhead. [4 Steps for Shifting Left & Winning the Cybersecurity Battle]( If companies prioritize communications and make the DevOps process more transparent, team members will better know what vulnerabilities to look for. [Data Breach Strikes Western Digital]( The company behind digital storage brand SanDisk says its systems were compromised on March 26. [DoJ Recovers $112M in Crypto Stolen With Romance Scams]( Authorities claw back funds from six crypto accounts they say were linked to a "pig-butchering" cybercrime ring. [(Sponsored Article) Open Source Vulnerabilities Still Pose a Big Challenge for Security Teams]( Open source software continues to pose a challenge for companies. With the proper security practices, you can reduce your open source risk and manage it. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Patch Now: Cybercriminals Set Sights on Critical IBM File Transfer Bug]( A vulnerability with a 9.8 CVSS rating in IBM's widely deployed Aspera Faspex offering is being actively exploited to compromise enterprises. [Microsoft Patches 'Dangerous' RCE Flaw in Azure Cloud Service]( The vulnerability would have allowed an unauthenticated attacker to execute code on a container hosted on one of the platform's nodes. [What CISOs Can Do to Build Trust & Fight Fraud in the Metaverse]( Until a degree of confidence is established, a platform's credibility can be eroded by scammers and unsuspecting gamers who fall victim to their attacks. [MORE]( EDITORS' CHOICE [Vulkan Playbook Leak Exposes Russia's Plans for Worldwide Cyberwar]( Russian intelligence services, together with a Moscow-based IT company, are planning worldwide hacking operations that will also enable attacks on critical infrastructure facilities. LATEST FROM THE EDGE [Designing Tabletop Exercises That Actually Thwart Attacks]( Have you ever wondered how they design blue team exercises? One ransomware and cyber extortion simulation demonstrates the best practices. LATEST FROM DR TECHNOLOGY [How Good Is Your Advanced Threat Management?]( Whether protecting a financial institution or a hospital, everyone needs an effective strategy for fending off slippery threats like those that hide in memory. WEBINARS - [How to Launch a Threat Hunting Program]( Security teams need to be more proactive about finding threats before they can cause too much damage. How do these enterprises build threat hunting programs? What stakeholders needs to be involved? What skills are necessary for the threat hunting team? ... - [How Applications Are Attacked: A Year in Application Security]( Cloudflare sees up to 61 million requests per second, meaning we have an unprecedented view into Internet trends like application attacks and API traffic, and automated bot activity. We have put that incredible visibility to use by profiling a year of ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Essential Guide to Secure Web Gateway]( - [Evaluator's Guide for Managed Detection and Response (MDR) Services]( - [Why Account Security Doesn't Stop at Login]( - [Securing OT, Remote Access and Converged SOC Operations]( - [Top Three Considerations To Build, Deploy, and Run Your Application Journey]( - [Cloud Journey Migration Stage: Adaptive Cloud Security]( - [Cloud Incident Response Datasheet]( [View More White Papers >>]( FEATURED REPORTS - [Shoring Up the Software Supply Chain Across Enterprise Applications]( Supply chain security attacks are growing at an alarming pace, and things are going to keep getting worse until DevSecOps teams get on the same page. A little help from the feds could also be welcome Modern-day software development depends ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Elastic Expands Cloud Security Capabilities for AWS]( [Mimecast Report Reveals Nearly 60% of Companies in UAE and Saudi Arabia Need to Increase Cybersecurity Spending]( [DataDome Closes $42M in Series C Funding to Advance the Fight Against Bot-Driven Cyberattacks and Fraud]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Shoring Up the Software Supply Chain Across Enterprise Applications]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)