Entries in 3CX (3)

Friday
Apr282023

3CX has put a Security Action Plan together to prevent a recurrence of the supply chain attack

DateFriday, April 28, 2023 at 7:33AM

They have put together a 7 Step plan to prevent the security issue again. Sound pretty good if they adhere to it. Click here to see their plan.

  1.  Hardening Multiple Layers of Network Security
  2. Revamping Build Security
  3. Ongoing Product Security Review with Mandiant
  4. Enhancing Product Security Features
  5. Performing Ongoing Penetration Testing
  6. Refining our Crisis Management and Alert Handling Plan
  7. Establishing a New Department for Network Operations and Security

 

AuthorBob Appleby | CommentPost a Comment |
in ,
Friday
Mar312023

More Articles on the 3CX Compromise

DateFriday, March 31, 2023 at 7:55AM

CSO has a good report and responsible things to do to keep yourself safe.It is worth a read.

Computer Weekly also had an article you can read here.

An updated report from Sophios can be found here. Sophos is one of the first security companies finding, protecting. and reporting on this problem. They are again proving to be on the front edge of the security business.

AuthorBob Appleby | CommentPost a Comment |
in , ,
Thursday
Mar302023

3CX Desktop Attack: Sophos Customer Information

DateThursday, March 30, 2023 at 2:21PM

Here is a good article from Sophos that describes what is going on.

3CX CEO Nick Galea is urging users to uninstall the affected software, which includes versions 18.12.407 and 18.12.416 of the Windows app. The company is working on an update to fully resolve the threat. In the meantime, 3CX says users can use its web-based app as a substitute.

I have moved back to an earlier version of the app in the meantime but we have heard that another update should be available shortly to take care of this issue.

AuthorBob Appleby | CommentPost a Comment |
in , ,