On its forums, 3CX has posted an update that recommends uninstalling the desktop app and using the Progressive Web App (PWA) client instead. In late March 2023, security researchers revealed that threat actors abused a popular business communication software from 3CX - in particular, the reports mention that a version of the 3CX VoIP (Voice over Internet Protocol) desktop client was being employed to target 3CX's customers as part of an attack. EDT: We added the execution flow diagram, a link to Trend Micro support page, and a list of Mac IOCs and detection names. EDT: We added technical details, an analysis of the info-stealer payload, and information on Trend Micro XDR capabilities for investigating and mitigating risks associated with the 3CX desktop app. EDT: We added a guide on how Vision One can be used to search for potential threats associated with the 3CX desktop app. EDT: We added details on d3dcompiler_47.dll 's abuse of CVE-2013-3900 to make it appear legitimately signed. EDT: We added Trend Micro XDR filters to the solutions. EDT: We added Windows, Mac, and network commands to the Trend Micro Vision One™️ guide in the linked PDF.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |