Search cyberveille.decio.ch

OpenSSH Backdoors

Imagine this: an OpenSSH backdoor is discovered, maintainers rush to push out a fixed release package, security researchers trade technical details on mailing lists to analyze the backdoor code. Speculation abounds on the attribution and motives of the attacker, and the tech media pounces on the story. A near miss of epic proportions, a blow to the fabric of trust underlying open source development, a stark reminder of the risks of supply-chain attacks. Equal measures brilliant and devious.

#blog.isosceles.com #EN #2024 #openssh #backdoor #analysis #supply-chain

·blog.isosceles.com·Aug 25, 2024

OpenSSH Backdoors

3CX Desktop App Compromised (CVE-2023-29059)

FortiGuard Labs highlights how a digitally signed 3CX desktop app was reportedly used in a supply chain attack against 3CX Voice over Internet Protocol (VoIP) customers. Check back for analysis and coverage updates.

#fortinet #EN #2023 #3CX #FortiGuard-Lab #supply-chain #Threat-Research #CVE-2023-29059 #analysis

·fortinet.com·Apr 4, 2023

3CX Desktop App Compromised (CVE-2023-29059)

FortiGuard Labs highlights how a digitally signed 3CX desktop app was reportedly used in a supply chain attack against 3CX Voice over Internet Protocol (VoIP) customers. Check back for analysis and coverage updates.

#fortinet #EN #2023 #3CX #FortiGuard-Lab #supply-chain #Threat-Research #CVE-2023-29059 #analysis

·fortinet.com·Apr 4, 2023

3CX Desktop App Compromised (CVE-2023-29059)