Suspected nation-state involvement by the threat actor LABYRINTH CHOLLIMA
. The application is available for Windows, macOS, #Linux, & mobile. At time of writing, activity has been observed on both #Windows & #macOS #software #supply #chain #vuln #systems #products #malware #networks #cyber #infrastructure #softphone #mobile #application #voip #phones #sip #threats #informatique ( thx: Colin Cowie ( @th3_protoCOL ) & Florian Roth (@cyb3rops
) )
★ https://github.com/SigmaHQ/sigma/pull/4151/files
★ https://github.com/Neo23x0/signature-base/blob/master/yara/gen_mal_3cx_compromise_mar23.yar