: [AusNOG] Critical 3CX Windows/Mac hack.
We have the paid whiz bang M365 version (you can tell I use Windows, right!?)
When we removed it and then reinstalled it, it grabbed it straight away.
Greg Lipschitz
|
Founder & CEO
|
Summit Internet
glipsch...@summitinternet.com.au<mailto:
Road, Nunawading VIC 3131
Summit Internet
From: Matthew Mace
Sent: 30 March 2023 16:58
To: Greg Lipschitz ; Nathan Brookfield
; Christopher Hawker ;
Rob Thomas ;
Subject: RE: [AusNOG] Critical 3CX Windows/Mac hack.
You don't often get email from matt...@htsol.co
Keeping IT Honest"
[cid:image001.png@01D96320.88ED0BC0]
From: Greg Lipschitz
Sent: Thursday, March 30, 2023 3:48 PM
To: Matthew Mace ; Nathan Brookfield
; Christopher Hawker ;
Rob Thomas ;
Subject: Re: [AusNOG] Critical 3CX Windows/Mac hack.
Windows Defender picked it up too.
Greg Lipsc
ium routers with DPI (Sonicwall, Firebox etc.), do you know if they
>>> picked up this traffic and stopped it? I would be hoping so.
>>>
>>>
>>>
>>> Definitely curious to know either way.
>>>
>>>
>>>
>>>
>>>
>>>
5:57
To: Nathan Brookfield ; Christopher Hawker
; Greg Lipschitz ; Rob
Thomas ;
Subject: RE: [AusNOG] Critical 3CX Windows/Mac hack.
You don't often get email from matt...@htsol.com.au. Learn why this is
important<https://aka.ms/LearnAboutSenderIdentification>
Can anyone definitive
atthew Mace*
>>
>>
>>
>>
>>
>> *From:* AusNOG *On Behalf Of *Nathan
>> Brookfield
>> *Sent:* Thursday, March 30, 2023 2:51 PM
>> *To:* Christopher Hawker ; Greg Lipschitz <
>> glipsch...@summitinternet.com.au>; Rob Thomas ; <
>>
Confirmed now at least...
https://www.3cx.com/community/threads/threat-alerts-from-sentinelone-for-desktop-update-initiated-from-desktop-client.119806/post-558899
___
AusNOG mailing list
AusNOG@lists.ausnog.net
; *From:* AusNOG *On Behalf Of *Nathan
> Brookfield
> *Sent:* Thursday, March 30, 2023 2:51 PM
> *To:* Christopher Hawker ; Greg Lipschitz <
> glipsch...@summitinternet.com.au>; Rob Thomas ; <
> ausnog@lists.ausnog.net>
> *Subject:* Re: [AusNOG] Critical 3CX Windows/Ma
: [AusNOG] Critical 3CX Windows/Mac hack.
To be fair, they likely don’t know much yet and things are probably pretty
hectic…. Give them time, crisis management is probably only kicking in now.
From: AusNOG
mailto:ausnog-boun...@lists.ausnog.net>> On
Behalf Of Christopher Hawker
Sent: Th
Thomas mailto:xro...@gmail.com>>;
mailto:ausnog@lists.ausnog.net>>
mailto:ausnog@lists.ausnog.net>>
Subject: Re: [AusNOG] Critical 3CX Windows/Mac hack.
Here is a list of commands (or make a shell script) to stop it phoning home and
getting more payload.
# Disable 3CX Unattended-Upgrad
7584350.1554770858-1081443428.1554770858>
>
>
> Summit Internet <http://summitinternet.com.au/>
>
>
>
> *From:* AusNOG on behalf of Rob Thomas
>
> *Sent:* 30 March 2023 14:54
> *To:*
> *Subject:* [AusNOG] Critical 3CX Windows/Mac hack.
>
for Android<https://aka.ms/AAb9ysg>
From: AusNOG on behalf of Greg Lipschitz
Sent: Thursday, March 30, 2023 3:09:45 PM
To: Rob Thomas ;
Subject: Re: [AusNOG] Critical 3CX Windows/Mac hack.
Here is a list of commands (or make a shell script) to stop it p
mp; CEO | Summit Internet
glipsch...@summitinternet.com.au
summitinternet.com.au
1300 049 749
Unit 2, 31-39 Norcal Road, Nunawading VIC 3131
Summit Internet
From: AusNOG on behalf of Rob Thomas
Sent: 30 March 2023 14:54
To:
Subject: [AusNOG] Critical 3CX Wind
As no-one's mentioned it here yet, I just thought I'd bring up the
zero-day, in the wild, active RIGHT NOW, trojan 3CX Windows and Mac apps.
If you, or you have clients, running 3CX, make sure they ARE NOT using the
app. If they are, their machines are probably already owned, and all their
stored
14 matches
Mail list logo
