/
Navigation
Chronicles
Browse all articles
Explore
Semantic exploration
Research
Entity momentum
Nexus
Correlations & relationships
Story Arc
Topic evolution
Drift Map
Semantic trajectory animation
Posts
Analysis & commentary
Pulse API
API keys, docs, usage dashboard
Browse
Entities
Companies, people, products, technologies
Domains
Browse by publication source
Handles
Browse by social media handle
Detection
Concept Search
Semantic similarity search
High Impact Stories
Top coverage by position
Sentiment Analysis
Positive/negative coverage
Anomaly Detection
Unusual coverage patterns
Analysis
Rivalry Report
Compare two entities head-to-head
Semantic Pivots
Narrative discontinuities
Crisis Response
Event recovery patterns
Connected
Search: /
Command: ⌘K
Embeddings: large
TEXXR

Chronicles

The story behind the story

days · browse · Enter similar · o open

Mandiant says the North Korea-linked hack of VoIP company 3CX's customers is the first confirmed incident of one software-supply-chain attack enabling another

perhaps the first confirmed case of one software supply chain attack causing another. https://www.wired.com/... Kim Zetter / @kimzetter : I've updated story about 3XC/X_Trader with new info: per @symantec at least 4 other orgs were infected with the compromised X_Trader software, besides 3CX. They include two orgs in energy sector - one in US, one in EU - and two orgs in financial trading. https://zetter.substack.com/ ... Andy Greenberg / @a_greenberg : Yesterday Mandiant revealed North Korea's supply chain attack hijacking the X_Trader app led to the 3CX supply chain attack: https://www.wired.com/... Now Symantec adds it also infected two energy-related critical infrastructure orgs, 1 in US and 1 in EU. https://symantec-enterprise- blogs.security.com/... @esetresearch : #ESETResearch confirms Lazarus is linked to the recent #3CX supply-chain attacks. Based on code similarities and network infrastructure, we connect the 3CX incident with a Linux case of DreamJob, a long-term Lazarus operation using job offer as lures. 1/6 https://www.welivesecurity.com/ ... Kim Zetter / @kimzetter : Several security firms have attributed 3CX hack to N Korean - and specifically the Lazarus group, without showing proof. Now ESET brings it onnects the dots to Lazarus and provides evidence that they likely already had a foothold in 3CX network last Dec https://www.welivesecurity.com/ ... Heather Adkins / @argvee : Multi-layered supply chain attack. To gently disagree with @riskybusiness and @Metlstorm, this 3CX situation is a super interesting example and a warning to us all about software development in small companies whose specialization and expertise is not software development. https://twitter.com/... Kim Zetter / @kimzetter : Hack of 3CX software was a first-of-its kind threaded supply-chain hack that began when a 3CX employee downloaded tainted software from another software maker, says Mandiant. It's 1st time software supply-chain attack has led to another supply-chain hack https://zetter.substack.com/ ...

Wired