Overview
Dive into a comprehensive analysis of the macOS payloads involved in the recent nation-state supply chain attack against 3CX, a popular PBX software provider. Explore the intricacies of what is believed to be the first "chained" supply chain attack, where initial access to 3CX was gained through a separate supply chain compromise. Focus on the unique aspects of this attack that targeted macOS systems, a rarity in the landscape of supply chain attacks which typically impact Windows-based computers. Gain insights into the damaging potential of such cybersecurity incidents, capable of infecting numerous unsuspecting users and companies through widely used and trusted software. Learn from security expert Patrick Wardle as he breaks down the technical details of this significant attack in this 42-minute Black Hat conference talk.
Syllabus
Mac-ing Sense of the 3CX Supply Chain Attack: Analysis of the macOS Payloads
Taught by
Black Hat