Author: Dave King

It has been a tough week for MSPs who supply 3CX as part of their package offerings. And a lesson learnt to those who’s EDR tools flagged the compromise, and they decided to whitelist it as a false positive.

For those that don’t know, the issue started when a few MSPs posted on various forums that the latest 3CX app had been flagged as containing a threat actor. More of that can be read on the Huntress post: https://www.huntress.com/blog/3cx-voip-software-compromise-supply-chain-threats

A common issue amongst MSPs is the inability to mailshot all of your users in one go. As we know, these are forever changing, and would require constant updates.

Furthermore, some PSAs allow the syncing of tenants to their CRM to be able to log tickets against your users. But we do not want all of the service accounts and unlicensed users, right?