“At time of writing, activity has been observed on both Windows and macOS,” CrowdStrike said. “The malicious activity includes beaconing to actor-controlled infrastructure, deployment of second-stage payloads, and, in a small number of cases, hands-on-keyboard activity,” the company warned. Threat hunters at CrowdStrike and SentinelOne are tracking what is believed to be an active supply chain attack hitting businesses using a desktop app distributed by video conferencing software firm 3CX.ĬrowdStrike’s threat intelligence team sounded the alarm on Wednesday after observing unexpected malicious activity from a legitimate, signed version of the 3CXDesktopApp.
0 Comments
Leave a Reply. |