The CyberWire Daily Podcast 3.31.23
Ep 1792 | 3.31.23

A glimpse into Mr. Putin’s cyber war room. 3CXDesktopAppsupply chain risk. XSS flaw in Azure SFX can lead to remote code execution. AlienFox targets misconfigured servers.

Show Notes

The Vulkan papers offer a glimpse into Mr. Putin’s cyber war room. The 3CXDesktopApp vulnerability and supply chain risk. A cross site scripting flaw in Azure Service Fabric Explorer can lead to remote code execution. Rob Boyce from Accenture Security on threats toEV charging stations. Our guest is Steve Benton from Anomali Threat Research, sharing a ‘less is more’ approach to cybersecurity. And AlienFox targets misconfigured servers.

Selected reading.

A Look Inside Putin's Secret Plans for Cyber-Warfare (Spiegel)

Secret trove offers rare look into Russian cyberwar ambitions (Washington Post) 

7 takeaways from the Vulkan Files investigation (Washington Post)

‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics (the Guardian)

Contracts Identify Cyber Operations Projects from Russian Company NTC Vulkan (Mandiant)

3CX DesktopApp Security Alert - Mandiant Appointed to Investigate (3CX)

Information on Attacks Involving 3CX Desktop App (Trend Micro)

3CX Confirms Supply Chain Attack as Researchers Uncover Mac Component  (SecurityWeek)

There’s a new supply chain attack targeting customers of a phone system with 12 million users (TechCrunch)

Super FabriXss: From XSS to an RCE in Azure Service Fabric Explorer by Abusing an Event Tab Cluster Toggle (CVE-2023-23383) (Orca Security)

Dissecting AlienFox | The Cloud Spammer’s Swiss Army Knife (SentinelOne)