In the latest attack to hit the tech world, hundreds of thousands of unsuspecting users of the PBX app 3CX have downloaded trojanized Windows and Mac applications. These malicious downloads were handed out as part of a massive supply chain attack. The attack was first discovered on November 23 when researchers at cyber security firm… Continue reading Trojanized Windows
Tag: malicious
Trojanized Windows
In a massive supply chain attack targeting users of the enterprise communications platform 3CX, hackers have been delivering Trojanized Mac and Windows applications. The supply chain attack, also known as a “living off the land” attack, involves hackers compromising a trusted software or provider used by the victim and then using it to deliver malicious… Continue reading Trojanized Windows
Trojanized Windows
Supply chain attacks have become a major concern for businesses as cybercriminals increasingly find new ways to target their systems. The latest episode of such a supply chain attack has been seen with the Trojanized Windows and Mac apps specifically targeting users of 3CX, the cloud-based unified communications software. According to security researchers, the attack… Continue reading Trojanized Windows
Trojanized Windows
The 3CX VoIP phone system is the latest victim of a massive supply chain attack, with multiple trojanized Windows and Mac applications that have been used to infiltrate the phone system. The attack was first discovered on Wednesday when security firm Morphisec identified the malicious apps, which were identified as trojanized versions of authorized applications.… Continue reading Trojanized Windows
Trojanized Windows
In a recent security breach revealed by cybersecurity experts, malicious versions of software applications made for Windows and Mac machines have been used to target users of popular tele- and conferencing software 3CX. The attack is thought to have originated from the supply chain, where malicious code was inserted into otherwise legitimate packages of the… Continue reading Trojanized Windows
Microsoft fixes reversible screenshot vulnerability on Windows
In a move to deal with a serious security issue, Microsoft recently released a patch to fix a reversible screenshot vulnerability on their Windows operating system. The issue was first reported by Kaspersky Lab and affects all versions of Windows. At its core, the vulnerability allowed a malicious actor to take multiple screenshots of a… Continue reading Microsoft fixes reversible screenshot vulnerability on Windows
Hackers are selling a service that bypasses ChatGPT restrictions on malware
In recent weeks, a service has become available that enables hackers to bypass the restrictions put in place by ChatGPT, a security platform designed to protect people from malicious software. ChatGPT is an online platform created to protect users against malware and other malicious software by helping them avoid clicking on malicious links or downloading… Continue reading Hackers are selling a service that bypasses ChatGPT restrictions on malware
More malicious packages posted to online repository. This time it’s PyPI
If you are a developer, then you are likely aware of the importance of online code repositories and how they minimize the time it takes to build an application or improve existing ones. Unfortunately, these repositories can sometimes be used to post malicious packages. The most recent example is the Python Package Index (PyPI), a… Continue reading More malicious packages posted to online repository. This time it’s PyPI
How ‘radioactive data’ could help reveal malicious AIs
With the increasing development of Artificial Intelligence (AI), cyber security has become an even more pressing issue for governments, companies and individuals worldwide. Although the rise of AI has enabled us to automate mundane tasks, opening up the potential for greater efficiency, the downside is that it also creates potential for malicious AI and malicious… Continue reading How ‘radioactive data’ could help reveal malicious AIs
Microsoft digital certificates have once again been abused to sign malware
On October 14th, 2020, malicious actors once again took advantage of Microsoft digital certificates to sign dangerous malware. According to security research firm Morphisec, the attackers abused trusted certificates issued by Microsoft to sign malware in order to circumvent security measures. The malicious code was signed with a certificate issued by Microsoft Office and the… Continue reading Microsoft digital certificates have once again been abused to sign malware