3cx

Show Topic Summary (less than 300 words)

3CX supply chain attack, Mark Russinovich and Sysinternals, ransomware notifications from CISA, and emotional

intelligence

Questions and potential topics (5 minimum):

1. https://www.straitstimes.com/tech/downloading-a-cracked-version-of-fifa-23-or-hogwarts-legacy-for-free-it-s-probably-malware 

2. https://leadershipfreak.blog/2023/03/27/the-7-powers-of-questions/ 

3. https://securityintelligence.com/articles/is-it-time-to-hide-your-work-emails/ 

4. https://www.lollydaskal.com/leadership/what-remote-leaders-do-differently-to-be-successful/ 

5. https://www.lollydaskal.com/leadership/the-role-of-emotional-intelligence-in-leadership-why-it-matters/ 

6. https://www.cybersecuritydive.com/news/3cx-mandiant-investigate-supply-chain-attack/646543/ 

7. https://www.bleepingcomputer.com/news/security/openai-chatgpt-payment-data-leak-caused-by-open-source-bug/ 

8. https://www.cybersecuritydive.com/news/cisa-pre-ransomware-notification/646041/ 

9. https://www.sentinelone.com/labs/the-life-and-times-of-sysinternals-how-one-developer-changed-the-face-of-malware-analysis/ 

Additional information / pertinent Links (would you like to know more?):

https://unit42.paloaltonetworks.com/3cxdesktopapp-supply-chain-attack/ 

https://www.orangecyberdefense.com/global/blog/research/3cx-voip-app-supply-chain-compromise 

https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

https://www.linkedin.com/feed/update/urn:li:activity:7047156405715300352/ 

Sigma Rule - https://github.com/SigmaHQ/sigma/blob/master/rules/windows/process_creation/proc_creation_win_malware_3cx_compromise_susp_children.yml 

https://en.wikipedia.org/wiki/Information_Sharing_and_Analysis_Center 

https://www.cisa.gov/news-events/news/cisa-establishes-ransomware-vulnerability-warning-pilot-program 

https://www.fda.gov/media/166614/download 

https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189 

https://medium.com/@martin-thissen/llama-alpaca-chatgpt-on-your-local-computer-tutorial-17adda704c23 

Show Points of Contact:

Amanda Berlin: @infosystir @hackershealth 

Brian Boettcher: @boettcherpwned

Bryan Brake: @bryanbrake @bryanbrake@mastodon.social

Website: https://www.brakeingsecurity.com
Twitch: https://twitch.tv/brakesec
Youtube: https://www.youtube.com/c/BDSPodcast 

Email: bds.podcast@gmail.com