3CX VOIP Compromised in March 2023 Supply Chain Attack

  Рет қаралды 25,491

Lawrence Systems

Lawrence Systems

Күн бұрын

Пікірлер: 50
@_JohnHammond
@_JohnHammond Жыл бұрын
NICE SHIRT :)
@LAWRENCESYSTEMS
@LAWRENCESYSTEMS Жыл бұрын
We should have coordinated wearing the same shirts for this topic.
@JzJad
@JzJad Жыл бұрын
Going to have to send him another shirt :D
@64cheesepuffs
@64cheesepuffs Жыл бұрын
Just had a late night dealing with this and am happy to see it blowing up in the news more this morning. The 3CX forum threw me for a loop with considering it a false positive last week, especially with the 3CX LTD official signature on the files.
@sarhtaq
@sarhtaq Жыл бұрын
At 16:55 UTC they have this on their blog: windows app shipped in Update 7, version numbers 18.12.407 & 18.12.416, included a severe security issue. We since learned that Electron Mac App version numbers 18.11.1213, 18.12.402, 18.12.407 & 18.12.416 have also been affected.
@Raima888s
@Raima888s Жыл бұрын
Was on the team that detected the incident last week with sentinelone which was then notified to 3CX.
@markalmada9662
@markalmada9662 Жыл бұрын
Well done. 👍
@awsomehackz21
@awsomehackz21 Жыл бұрын
I agree that open source code is a good thing for the community!
@TheFlatronify
@TheFlatronify Жыл бұрын
Thanks, great quick summary! This is going to be interesting in the long run.
@cheebydi
@cheebydi Жыл бұрын
Thumbnail on point - gave us a chuckle.
@FrederickMarcoux
@FrederickMarcoux Жыл бұрын
We were part of those who signaled 3CX on the 22nd about S1 flagging it. Most of us thought it was a false positive at first.
@LAWRENCESYSTEMS
@LAWRENCESYSTEMS Жыл бұрын
Don't feel bad most everybody thought it was a false positive.
@JordanAlbaladejo
@JordanAlbaladejo Жыл бұрын
Great video! Thanks for sharing on social media when alerted!
@berndeckenfels
@berndeckenfels Жыл бұрын
I Wonder if upstream source was compromised and others might distribute that ffmpeg as well or if they had their built system directly compromised.
@allannjuguna598
@allannjuguna598 Жыл бұрын
big fan of your detailed breakdowns, from the solar winds video, i became hooked, big fan from kenya :)
@markalmada9662
@markalmada9662 Жыл бұрын
Thanks as always Tom. I notice your wearing specticals these days just like me. I contacted 3cx day one when sentinel one stopped the update in 111ms. Warned the team this could be a supply chain attack. Confusion among the guys as digitally signed thinking a fasle positive Only 3x Nodes with desktop app. We uninstalled and held. I think it was 3 days get a response of any sense from 3cx to confirm it was a compromise.
@armedscubasteve
@armedscubasteve Жыл бұрын
Wow! Thanks for the update!!
@jaybigboy34
@jaybigboy34 Жыл бұрын
Thanks for the quick heads up.
@raymondjr592
@raymondjr592 Жыл бұрын
Where did you get that screensaver
@vaughngx4
@vaughngx4 Жыл бұрын
This has been Tom, reporting to you live from Hollywood :P
@LAWRENCESYSTEMS
@LAWRENCESYSTEMS Жыл бұрын
yup!
@JosephBrunsman
@JosephBrunsman Жыл бұрын
Thanks for the update Tom! great info!
@EmperorCheed
@EmperorCheed Жыл бұрын
We moved off 3CX last year, dodged a little bullet with this one.
@aaron6841
@aaron6841 Жыл бұрын
We used this at work untill today
@blakedrayson
@blakedrayson Жыл бұрын
Great video very informative thanks for the clear explanation, total aside what is running on your monitor in the background?
@JzJad
@JzJad Жыл бұрын
Yeah the client update and install was a week previous, then we started seeing activity all at once.
@sbccave4015
@sbccave4015 Жыл бұрын
Thanks for the heads-up. RMM is showing us all clear with our clients :)
@IndyColts1987
@IndyColts1987 Жыл бұрын
today was such a rough day getting everyone to uninstall and switch to web.
@ackzero5972
@ackzero5972 Жыл бұрын
Alright the title brought me here but the desktop screensaver in the background mesmerized me...need info.
@LAWRENCESYSTEMS
@LAWRENCESYSTEMS Жыл бұрын
It's a Linux package called Hollywood.
@markalmada9662
@markalmada9662 Жыл бұрын
Agreed, looks sweet
@idahofur
@idahofur Жыл бұрын
I assume you saw the report years ago about the shipping between two spots and credit card machines being infected?
@speedermarto
@speedermarto Жыл бұрын
What is going on with that monitor behind you? Is that some video wallpaper? 😅
@dominix
@dominix Жыл бұрын
nice t-shirt
@TheLakeJake3
@TheLakeJake3 Жыл бұрын
Lmao at the thumbnail
@user9005
@user9005 Жыл бұрын
So nobody knows if this virus was succesful at doing anything malicious?
@markalmada9662
@markalmada9662 Жыл бұрын
I think what Toms getting at it is. they comprised 3cx everyone updated. The potential hackers probably state sponsored then used it to access and compromise some specific people. Diplomat for example.
@x91w
@x91w Жыл бұрын
00:29 - Your spellchecker has been hacked "Verions" intead of "Versions" ?
@28469
@28469 Жыл бұрын
Big whoop
@perryuploads776
@perryuploads776 Жыл бұрын
Why involve the North Korean guy 😂He has nothing to do with it
@randomicon918
@randomicon918 Жыл бұрын
“North Korea guy”? Is a Google search that hard? Kim jong-un’s government hackers are the suspected culprits. So yeah, he is involved.
@d_must4309
@d_must4309 Жыл бұрын
Because western propaganda
@YouTubeGlobalAdminstrator
@YouTubeGlobalAdminstrator Жыл бұрын
​@@d_must4309 Triggered much? 😂 Continue sipping your Starbucks latte, on your Mac with your Che Guevara T-shirt. 😂
@markalmada9662
@markalmada9662 Жыл бұрын
Rocket man loves using 3CX 😮
@harveybolton
@harveybolton Жыл бұрын
The biggest concern from me is 3CX still haven't named the upstream library that they claim was infected, and there is no reason not to. Was it an open source library they didn't provide attribution and code for? Was it a complete lie? We need to know if the 3cx development pipeline was compromised or if there is an infected library out there that could affect other services and projects
@chris_schenkel
@chris_schenkel Жыл бұрын
Congrats Tom. You are now a professional youtuber. Clickbait thumbnails and wasteful intros. Well done. I subbed back in 2018 when you had less than 10k subs. The beatnik Tom days. Back then you were just an IT pro sharing some useful knowledge. It was great. I even clicked on some ads to help you out. Then came the hobo Tom phase. Much more commercial and much less interesting and informative. That's when I implemented pfBlocker and Brave browser to block all ads. Just for you. Now, in 2023, we are entering the fake intellectual Tom phase with the glasses and the clickbait and the intros. I have no interest in or respect for people who think that youtube is a profession. It won't be long until the sponsored reviews start to appear, if they haven't already. Greed is always followed by corruption. I"m out.
@pqowi9098
@pqowi9098 Жыл бұрын
First
3CX: How this malware almost hacked every business
10:39
The PC Security Channel
Рет қаралды 159 М.
龟兔赛跑:好可爱的小乌龟#short #angel #clown
01:00
Super Beauty team
Рет қаралды 92 МЛН
Mom had to stand up for the whole family!❤️😍😁
00:39
MAGIC TIME ​⁠@Whoispelagheya
00:28
MasomkaMagic
Рет қаралды 17 МЛН
Когда отец одевает ребёнка @JaySharon
00:16
История одного вокалиста
Рет қаралды 16 МЛН
Why Are Open Source Alternatives So Bad?
13:06
Eric Murphy
Рет қаралды 661 М.
7 Cybersecurity Tips NOBODY Tells You (but are EASY to do)
13:49
All Things Secured
Рет қаралды 693 М.
CrowdSec Absolute Beginners Workshop
46:57
CrowdSec
Рет қаралды 11 М.
When you Accidentally Compromise every CPU on Earth
15:59
Daniel Boctor
Рет қаралды 869 М.
Announcing TrueNAS 24.10
39:06
Lawrence Systems
Рет қаралды 6 М.
host ALL your AI locally
24:20
NetworkChuck
Рет қаралды 1,2 МЛН
The Stuxnet Story: What REALLY happened at Natanz
37:38
OTbase
Рет қаралды 174 М.
How 3CX Got Hacked
9:41
Lawrence Systems
Рет қаралды 30 М.
龟兔赛跑:好可爱的小乌龟#short #angel #clown
01:00
Super Beauty team
Рет қаралды 92 МЛН