- 2023-03-29 - SITUATIONAL AWARENESS - CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers - - #LabyrinthChollima
2023-04-03 > Software supply chain is one of the biggest areas of concern for most companies right now. Every company doing open source development has a responsibility to publish an SBOM (Software Bill of Materials). _A popular softphone application, 3CX, was the victim of a supply chain attack. 3CX is a VoIP (Voice over Internet Protocol) platform used by many Fortune 100 or Global 1000 customers and the attack has been attributed to a sub cluster of APT43 known as LabyrinthChollima. --Chris Wilder_ [View Article](http://reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/) 2023-03-30 _To determine if you are affected by this issue, Falcon Discover customers can use the link provided to check for the 3CXDesktopApp in their environment. Falcon Insight customers can investigate if the 3CXDesktopApp is running in their environment with the query provided. Additionally, they should scan for any of the domains listed that have been seen sending out signals which could be a sign of malicious activity. To protect yourself from this issue, make sure your prevention policies are set up correctly with "Suspicious Processes" enabled and consider blocking any suspicious domains identified. --Darien Kindlund_ [View Article](http://reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/)