3CX supply chain attack, Mark Russinovich and Sysinternals, CISA ransomware notifications, and emotional intelligence

Show Topic Summary (less than 300 words)

3CX supply chain attack, Mark Russinovich and Sysinternals, ransomware notifications from CISA, and emotional

intelligence

Youtube VOD: https://www.youtube.com/watch?v=afZHiBUr-2g 

Questions and potential topics (5 minimum):

1. https://www.straitstimes.com/tech/downloading-a-cracked-version-of-fifa-23-or-hogwarts-legacy-for-free-it-s-probably-malware 

2. https://leadershipfreak.blog/2023/03/27/the-7-powers-of-questions/ 

3. https://securityintelligence.com/articles/is-it-time-to-hide-your-work-emails/ 

4. https://www.lollydaskal.com/leadership/what-remote-leaders-do-differently-to-be-successful/ 

5. https://www.lollydaskal.com/leadership/the-role-of-emotional-intelligence-in-leadership-why-it-matters/ 

6. https://www.cybersecuritydive.com/news/3cx-mandiant-investigate-supply-chain-attack/646543/ 

7. https://www.bleepingcomputer.com/news/security/openai-chatgpt-payment-data-leak-caused-by-open-source-bug/ 

8. https://www.cybersecuritydive.com/news/cisa-pre-ransomware-notification/646041/ 

9. https://www.sentinelone.com/labs/the-life-and-times-of-sysinternals-how-one-developer-changed-the-face-of-malware-analysis/ 

 

Additional information / pertinent Links (would you like to know more?):

https://unit42.paloaltonetworks.com/3cxdesktopapp-supply-chain-attack/ 

https://www.orangecyberdefense.com/global/blog/research/3cx-voip-app-supply-chain-compromise 

https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

https://www.linkedin.com/feed/update/urn:li:activity:7047156405715300352/ 

Sigma Rule - https://github.com/SigmaHQ/sigma/blob/master/rules/windows/process_creation/proc_creation_win_malware_3cx_compromise_susp_children.yml 

https://en.wikipedia.org/wiki/Information_Sharing_and_Analysis_Center 

https://www.cisa.gov/news-events/news/cisa-establishes-ransomware-vulnerability-warning-pilot-program 

https://www.fda.gov/media/166614/download 

https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189 

https://medium.com/@martin-thissen/llama-alpaca-chatgpt-on-your-local-computer-tutorial-17adda704c23 

 

Show Points of Contact:

Amanda Berlin: @infosystir @hackershealth 

Brian Boettcher: @boettcherpwned

Bryan Brake: @bryanbrake @bryanbrake@mastodon.social

Website: https://www.brakeingsecurity.com Twitch: https://twitch.tv/brakesec Youtube: https://www.youtube.com/c/BDSPodcast 

Email: bds.podcast@gmail.com