3CX's Silence about the Supply Chain Attack is not new for the Tech World

As much as I'd prefer my first professional blog post to be something more... personal, I suppose, last night's 3CX Vulnerability reveal is the most recent of many known cybersecurity issues that get very little attention paid onto them until other media resources start talking about it, then it is all hands on deck. Except, not really. Allow me to explain. 

Before I go too deep into this, I want to start off by saying that I'm going to be referencing the article that tipped off to an issue last night before stream, a whole 12 hours before 3CX would make a statement, written by BleepingComputer. The article does a fantastic job of explaining what happened, but for those who are curious, here's a short and sweet version:

• 3CX, a Voice-over Internet Protocol (VoIP) phone company's desktop client was compromised via its GIT repository, in which threat actors injected malicious registry-editing code to 'beacon' back to retrieve the payload.
• Should the payload run, it would harvest system info, including stored credentials from Chrome, Edge, Brave, and Firefox User profiles, then attempt to connect back to deliver the stolen information. 

Here's the fun part about all of this, certain Anti-Virus (AV) systems were already detecting that something wasn't right as of MONDAY.  In fact, some were even doing as they should have and began wiping the 3CX installation from running, so you would think at some point, 3CX would have made a proper statement, right? 

... RIGHT?

Well, they sort of did. As more and more users came pouring into the 3CX support pages, we get this THRILLING bit of information from someone (who probably doesn't have a job anymore) on the support team. Ahem: 

    "While [contacting the AV softwares] sounds ideal, there's hundreds if not thousands of AV solutions out there and we can't always reach out to them whenever an event occurs. ... it makes more sense if the SentinelOne {AV in question} customers contact their security provider and see why this happens. Feel free to post your findings here if you get a reply." - JohnS_3CX

 God, I'd hate to be them right now. And I'm sure it doesn't take a System Administrator to see why this was the absolute worst answer you could've given to a bunch of concerned individuals. In fact, a Gold Partner SweetAction came in to add this great nugget of information after people raised concern about whitelisting the application:

"...the executable is signed by the trusted vendor and the vendor has stated multiple times that you should bring it up with the AV vendor... What does IT do when a business app is being flagged by AV and all indications are that it's a false positive?" But hey, at least you can reach out to their company to have them give your data away. They're great for HOTELS, SCHOOLS, AND MULTI-SITE LOCATIONS. Hell, THEY'RE THEIR SPECIALTIES. 

But you know what the cherry on top is, dear reader? Even the CEO, the CEO of 3CX himself, Nick Galea came out on one of these forum threads and says the following,

"... I don't even know why we promote both and we will review this." 

Mind you that this is in reference to why they have the Desktop version and the PWA (Phone Web App) version. So, not only did they not respond in the way that they should've, but they really hit us with the "Damn I'unno lmao" response too. But, this isn't the first time we've seen something like this, and quite honestly, this won't be the last time we see it either. Allow me to explain. 

See, as someone who has written Disaster Recovery (DR) plans and has implemented them across different locations, this is a pretty common thing to do at first - you keep your mouth shut to the public as long as possible about really happened. Then, once you have a good grasp on the situation, you can then make a public announcement with a plan of attack, remediation options, etc. 

HOWEVER...

It should have never escalated to the level that it did, with the severity of what happened behind it, with as minimal as a response that it got. This was a known issue, something that multiple AV systems were screaming about for almost a week, and thanks to a lack of communication about it, hell, even chalking this up to false positives of all things, was an absolutely terrible way to come about it. Add onto the fact that there has yet to be an official email or anything of the sort to let users know that something to this magnitude has happened, and yeah, I can easily foresee 3CX losing customers. 

Anyway, the phone's ringing, you going to answer it?

"So, you've made a blog; what's it going to be about?"

    You know, I've received this question at least four or five times since creating this blog a few days back. And if you're on any of those "HOW TO MAKE THE BIG MOOLAH WITH A BLOG YEE-HAW" sites that try to sell you on a course you really don't need, they'll hit you with that question too. It's a valid one, don't get me wrong, but it seems... I'unno, wrong? Let me explain. 

    When it came to writing things before in the past, whether that be poetry or short stories, heck even going as far to say full novels, there was one thing to keep in mind: the beginning had to be inviting and the ending had to be satisfying for you, the writer. What I mean by that is that you could pull the wool over your readers, give them one of the most suspenseful reads where they never want to put the book down, and then at the end have a twist that only the truest detail hunters would be able to get a glimpse of its coming. It may be divisive, but if it was satisfying to you, the writer, then who cares? That energy you get from completing something new, that euphoria of seeing people argue your works and discover their own meanings in things; that's the energy you'll cherish and use to your next project. I feel like this blog is just that, me writing whatever I feel like writing and telling my whimsical little stories in my style. 

    Let's be real, there's definitely going to be some structure to all of this, but just like the podcast, I like to ramble and go on side tangents. And from those side tangents, I'll go on another two or three, and then MAYBE after I indulge you on how I used to race for the umpteenth time, I'll get back to what I was originally talking about. That's essentially the energy I'm carrying into this blog - I love having the creative freedom to talk about what I want to talk about, but I'll also keep it somewhat grounded, so here's a few examples of things you could see from me in the coming weeks:

• Supplemental PlumesCast Info - Bro, if you've heard my podcast, PlumesCast, you know that sometimes there's not enough time in the world for me to talk about everything that I want to, so I'll make additional blog points to talk about some of the episodes. Kind of like a retrospective without the retro part :)
• Media Reviews - As I've steadily grown out my 2023 Media list on Twitter and as I've mentioned on the stream a number of times, I wanted to create a book club of sorts for a long while. I figured the blog would be a great spot to do so outside of the Discord - could bring some new faces into the community too!
• Lastly, Recipes - Although it's been a long time since I sat down and did a cooking stream, I would say I'm still very consistent with cooking with the Fox Wife, and one of the many things we've talked about is creating a cookbook together. Now, I know there's a whole world wide web out there for you to get your recipes, but just imagine, having the Plumes Tips and Tricks on how to best prepare it! [Let's be entirely fair here, it'd probably be me laughing about how I burned the hell out of something, but y'know y'know.]

So, with all of that said, there's a plethora of topics just beyond our grasp here, but that's why I also wanted to ask the following: What kind of stuff would you like to read me talk about? Would you prefer a more grounded approach with topical information, such as recent cyber crimes? Or can it be more overarching? Can I teach y'all about some well-being tips that you can start applying to yourselves today? You tell me world; I'm here to make y'all smile, and I'm going to have a good time doing it regardless of the path we take. 

Welcome to the Blog!

Y'know, for the very first blog post, you would expect something professional like "Hello, and welcome to my blog. Today we'll be talking about..." but if you know anything about me, and chances are you may not and this is our first chat but, I'm anything but ordinary. No, for me to start this all off, I'm going to go with something familiar...

HELLO EVERYONE, welcome to the Phantasmagoria of Plumes, a blog dedicated to... well, a lot of things really! If you're one of the people from above that this is the first time we're meeting, then let me take a second to introduce myself:

My name is Seth, and I'm (at the time of writing this) 28 years old. I'm a Systems Administrator with about 10 years worth of experience under my belt, slowly working my way to a Chief Information Security Officer's position. I'm also a Twitch Streamer, and the host of PlumesCast; a podcast dedicated to teaching life lessons through stories, bringing light to our struggles to remind everyone that despite how diverse the world is, we're truly not alone, and making you smile at least once per episode! 

Now, you're probably wondering, 'Well Seth, it's nice to meet you, but why would you lead on your age instead of your experiences?' And that's a good question! You see, I've had the pleasure (read: questionable experience,) of working with a variety of people across my career such as:

• The Old Timer - The 65+ year old who fights change with such a viscous desperation you'd think I was trying to take their actual child away from them. Also assumes that you don't know anything because "you're too green."
• The Exhausted Middle Management - The 40's through 60's, not quite where they want their career to be, but are making more than enough money that they're comfortable where they're at and don't feel like pursuing much else. Probably daydreaming of retirement as I'm typing this.
• The Broken Youth - The under 40's who are still trying to figure out where they want their life to go, how they want to achieve it, and most importantly, how can they afford it? Depending on how they're feeling that day, your day could be quiet or the loudest you've ever seen - the tea is always hot with them though. And last of all...
• The ID10Ts - You really don't know how they ended up in their situation, but man, they'll either sell you on whatever they're doing, or they'll make you wonder what the hiring manager was on and how you could get some. 

Suffice to say, I've worked with a lot of people, and I'm always looking to meet new faces - it's part of the reason that I started streaming. Typically, the only interactions I get to have at work because of my young age, outside of immediate coworkers and friends I make along the way, are with people having issues with their computers. Great for teaching myself stuff for the career and all, but TERRIBLE for the social aspect of y'know, a healthy life. So, in the middle of June 2020, I said "Y'know, I want to make people laugh through this pandemic weirdness, and I want to meet new people!" And thus, PhantasmaPlumes became a reality and I've been going (mostly) strong ever since. 

But, as I began to develop more content and I became more confident in the stuff I was doing, I realized, I didn't really get to talk life advice and tell personal stories as much as I wanted to during streams. It's kind of hard to talk about the importance of good Cyber Hygiene when you're getting destroyed by the Elite Four in Pokemon, as I'm sure you know. That's how PlumesCast, my weekly podcast, started to form within my head: it was actually a Subtember goal for 2021 - I wanted to start a new form of content that anyone who couldn't catch a stream for whatever reason could still hang out with me. But, it wouldn't stay a gaming type podcast for long - in fact, if you search PlumesCast on Spotify, Apple Podcasts, Google Podcasts, or even Alexa, you'll find that most of the episodes are talking about mental health, well-being, so on and so forth. There's a good reason for that, let me explain.

After my Father passed of colon and liver cancer in 2016, I realized how many life questions I never had answered. I felt lost, scared; the deeper I went into that horrific thought pattern, the worse I felt like my life was going. My Mother, by this point in life, was already a drunkard living her best life down in Florida, and my Sister who would fill the crucial role my parents left was often so busy that I felt like I was bothering her with my stupid questions. It's a terrible place to find yourself in; you don't even realize that it's happening until you hit the ground, the air gets knocked out of you, and when you finally get that first breath to look around, it's all dark. Most of the time, people will give up there, accept their fate as a lost soul and march onward trying not to sink deeper - honestly, I nearly did the same. But, I had too many people who relied on me to stay down, too many friends that considered me the Dad of the group to show them my fears - I had to grow up fast once again. 

In doing so, I realized that there are countless people in that rut, filled with questions to give their lives meaning that they're too scared to ask or they don't know who to ask. That's what PlumesCast morphed to become - I wanted people to reach out and ask the questions they were too afraid to, and I wanted to answer them in a way a friend would. Looking back, I think I've done a pretty good job - we've had some serious laughs, some tears, but from those who've I talked to after them finding my humble little podcast, I know I've left a mark on their hearts. And that's why I wanted to take my content one step further. Welcome to The Phantasmagoria of Plumes.