News

If your business uses 3CX for VoIP phone service, you should immediately check to see if you’ve been affected by their desktop application being compromised. Confirmed by 3CX yesterday, the Windows desktop application versions 18.12.407 & 18.12.416 and Mac application versions 18.11.1213, 18.12.402, 18.12.407 & 18.12.416 are affected. A digitally signed and trojanized version of the 3CX V desktop client is reportedly being used to target the company’s customers in an ongoing supply chain attack. The full scale of the attack is currently unknown. “The malicious activity includes beaconing to actor-controlled infrastructure, deployment of second-stage payloads, and, in a small number of cases, hands-on-keyboard activity,” CrowdStrike’s threat intel team said. This appears to have been a targeted attack from an advanced persistent threat, perhaps even state sponsored, that ran a complex supply chain attack and picked who would be downloading the next stages of their malware. The vast majority of systems, although they had the files dormant, were in fact never infected claims 3CX. The company said it’s engaging the services of Google-owned Mandiant to review the incident. In the interim, it’s urging its customers of self-hosted and on-premise versions of the software to update to version 18.12.422. 3CX has evolved from its roots as a PBX phone system to a complete communications platform. They operate in over 190 countries, with 600,000+ installations, and over million users. 3CX Remediation If your business has any of the affected versions installed, we recommend the following steps: Uninstall the 3CX desktop application from all PCs and MACs. Reset 3cx credentials for all users. Begin using the PWA web based application instead. Affected user accounts should have their login passwords reset. Enable Multi Factor Authentication where able. Any site where credential harvesting could have occurred from Chrome/Edge, etc should have the password reset. Invalidate any persistence tokens for sites like Microsoft 365, Google, etc. Invest in EDR (Endpoint Detection & Response) if you haven’t already. 3CX Security Alert Conclusion If you need assistance remediating this 3CX security alert, contact Pennyrile Technologies. We can assist with 3CX removal and securing your network. For additional information, you can follow the 3CX thread here.

For the month of December, we are offering 50% off the setup fee on all new managed service agreements. For more information on how managed services can help your business and request a quote, contact us today!

Pennyrile Technologies recognizes that an important part of any business’ success is when one client’s trust results in a referral to a new client. We appreciate your confidence in us and would like to reward you for referring your friends and colleagues to us! We’re kicking off a new referral and rewards program and here’s how it works: Refer a firm to us and you’ll receive your choice of a Pennyrile Buck, which is redeemable for 1 hour of our services, or a Visa gift card worth $50! If your referral hires Pennyrile Technologies as their IT Service Provider and signs a Managed Services contract, you’ll receive your choice of an Apple iPad* or 8 Pennyrile Bucks with our deepest appreciation. Thank you to all our clients! You are the foundation from which our business grows! Referral Program Terms & Conditions. Offer valid for first-time business referrals. The referral program is only available for active Pennyrile Technology accounts in good standing. To make referrals, you must: (1) Provide us with a valid email address and name of referral; (2) Have an active account in good standing; (3) Each Referee must sign a managed services agreement within 60 days of receiving the referral. Please allow up to four (4) weeks after referral validation for referral reward to be applied. Unused Pennyrile Bucks expire (1) year after issue date. Pennyrile Technologies reserves the right to modify, extend or cancel this Program at any time. *Apple iPad Air 2 16GB Wi-Fi