3CX Supply Chain Attack Tied to Financial Trading App Breach

Mandiant found that North Korea's UNC4736 gained initial access on 3CX's network when an employee downloaded a weaponized but legitimately-signed app from Trading Technologies. [TechWeb]( Follow Dark Reading: [RSS]( April 21, 2023 LATEST SECURITY NEWS & COMMENTARY [3CX Supply Chain Attack Tied to Financial Trading App Breach]( Mandiant found that North Korea's UNC4736 gained initial access on 3CX's network when an employee downloaded a weaponized but legitimately-signed app from Trading Technologies. ['GhostToken' Opens Google Accounts to Permanent Infection]( A bug in how Google Cloud Platform handles OAuth tokens opened the door to Trojan apps that could access anything in users' personal or business Google Drives, Photos, Gmail, and more. ['AuKill' Malware Hunts & Kills EDR Processes]( Attackers are using custom malware to exploit drivers and terminate security processes so they can deploy ransomware. [Global Spyware Attacks Spotted Against Both New & Old iPhones]( Campaigns that wielded NSO Group's Pegasus against high-risk users over a six-month period demonstrate the growing sophistication and relentless nature of spyware actors. [GPT-4 Provides Improved Answers While Posing New Questions]( As is typical with emerging technologies, both innovators and regulators struggle with developments in generative AI, much less the rules that should govern its use. [Expert Insight: Dangers of Using Large Language Models Before They Are Baked]( Today's LLMs pose too many trust and security risks. [Twitter's 2FA Policy Is a Call for Passkey Disruption]( Overcoming the limitations of consumer MFA with a new flavor of passwordless. [Major US CFPB Data Breach Caused by Employee]( The sensitivity of the personal information involved in the breach has yet to be determined by agency officials, but it affects 256,000 consumers. [Trigona Ransomware Trolling for 'Poorly Managed' MS-SQL Servers]( Vulnerable MS-SQL database servers have external connections and weak account credentials, researchers warn. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Russian Fancy Bear APT Exploited Unpatched Cisco Routers to Hack US, EU Gov't Agencies]( The nation-stage threat group deployed custom malware on archaic versions of Cisco's router operating system. Experts warn that such attacks targeting network infrastructure are on the rise. [How to Prevent 2 Common Attacks on MFA]( MFA isn't immune from the tug of war between attackers and defenders. [MORE]( EDITORS' CHOICE [Killnet Boss Exposes Rival Leader in Kremlin Hacktivist Beef]( Killnet's leader outs the identity of the new Anonymous Russia leader, in an effort to consolidate power among pro-Russia cybercriminals. LATEST FROM THE EDGE [New Policy Group Wants to Improve Cybersecurity Disclosure, Support Researchers]( The new Security Legal Research Fund and the Hacking Policy Council are aimed at protecting "good faith" security researchers from legal threats and giving them a voice in policy discussions. LATEST FROM DR TECHNOLOGY [OpenSSF Adds Software Supply Chain Tracks to SLSA Framework]( The Open Source Security Foundation's SLSA v1.0 release is an important milestone in improving software supply chain security and providing organizations with the tools they need to protect their software. WEBINARS - [Unleashing AI to Assess Cybersecurity Risk]( Advancements in artificial intelligence technology and machine learning and deep learning algorithms can also transform enterprise risk management by giving security teams greater visibility and insights to assess the organization's cyber risk and overall security posture. In this webinar, experts ... - [What's "CNAPP-ening"? Bring Your Cloud Security into Focus!]( What's CNAPP-ening is your organization is churning out code every day to make your business more money, but traditional security approaches fail to provide adequate controls for cloud-native applications. Modernize your perspective by embracing an application-centric view of security in ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Ultimate Guide to the CISSP]( - [Proof-Based Scanning: No noise, just facts]( - [A Buyer's Guide to Securing Privileged Access]( - [Large Insurer goes beyond Breach and Attack Simulation (BAS) with Cymulate]( - [The 3 Approaches to Breach & Attack Simulation Technologies]( - [What Are the Top and Niche Use Cases for Breach and Attack Simulation Technology?]( - [The Cloud Security Workflow Handbook]( [View More White Papers >>]( FEATURED REPORTS - [Successfully Managing Identity in Modern Cloud and Hybrid Environments]( Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Infoblox Uncovers DNS Malware Toolkit & Urges Companies to Block Malicious Domains]( [Red Canary Announces Readiness]( [Bitsight Expands into Integrated Cyber-Risk Management]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Successfully Managing Identity in Modern Cloud and Hybrid Environments]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)