Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We will continue to update on this dynamic situation as more details become available. CrowdStrike’s Intelligence team is in contact with 3CX. On March 29, 2023, CrowdStrike observed unexpected malicious activity emanating from a legitimate, signed binary, 3CXDesktopApp — a softphone application from 3CX. The malicious activity includes beaconing to actor-controlled infrastructure, deployment of second-stage payloads, and, in a small number of cases, hands-on-keyboard activity.

The recent SCARLETEEL incident highlights the importance of detecting security threats early in the development cycle. With Terraform state files, attackers can easily access sensitive information and gain unauthorized access to your cloud infrastructure. In this case, the attackers exploited a containerized workload and used it to perform privilege escalation into an AWS account, stealing software and credentials.

Defining and implementing a network microsegmentation strategy is paramount to securing the network and protecting assets. However, it’s also a time-consuming and resource-intensive endeavor. This means it’s vital that enterprises are confident that their zone-to-zone security policy is functioning as intended.

When a restaurant expects an inspection from the Health Department, management takes a number of steps to prepare. The team needs to understand what the inspector will look for and take proactive measures to address any obvious concerns. This involves cleaning, scrubbing, and being on best behavior. Conducting an ISO 27001 internal audit is like preparing for a health department inspection. An internal audit analyzes an organization’s information security management to find vulnerabilities.

The US FBI is warning of business email compromise (BEC) attacks designed to steal physical goods. While BEC attacks are typically associated with stealing money, criminals can use the same social engineering tactics to hijack deliveries of valuable materials. The FBI says fraudsters are particularly interested in stealing construction materials, agricultural supplies, computer technology hardware and solar energy products.

The Australian Federal Police (AFP) have arrested four alleged members of an organized crime group known for carrying out business email compromise (BEC) attacks, BleepingComputer reports. The victims of the gang’s attacks lost between $2,500 and $500,000. “Four members of an alleged cyber criminal syndicate accused of money laundering $1.7 million in stolen cash from Australian and overseas victims have been charged in Brisbane, Adelaide and Melbourne,” the AFP said in a statement.

The latest Salt Labs State of API Security report is out, and we’re excited to share with you some of the key findings. The security industry news has frequently covered high-profile application programming interface (API) breaches over the past few years, so it’s no surprise that our research found that attackers have upped their activity. Salt Labs analyzed the past year of Salt customer data and found a 400% increase in unique attackers just over the last six months alone.

It’s no exaggeration to say that APIs are the backbone of the modern digital economy. API usage has seen staggering exponential growth over the last two decades with sources like Postman's 2022 State of the API Report illustrating just how embedded APIs are into our modern world. In 2022, the Postman API platform saw 20 million users and over 1 billion API requests created.

Over the past 24 hours, Cloudflare has observed HTTP DDoS attacks targeting university websites in Australia. Universities were the first of several groups publicly targeted by the pro-Russian hacker group Killnet and their affiliate AnonymousSudan, as revealed in a recent Telegram post. The threat actors called for additional attacks against 8 universities, 10 airports, and 8 hospital websites in Australia beginning on Tuesday, March 28.