Hello and welcome to the Friday, April 21st, 2003 edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich and today I'm recording from Augusta, Georgia.

Many organizations are moving away from forcing their users to regularly change their passwords, but this doesn't mean

that there aren't organizations that still do, and also some compliance regimens that still require.

You do implement passport rotation in your organization. If you do still force users to rotate passwords,

and of course one of the pain points is that users forget it,

their passwords get expired, and then it often involves like a help desk call to unlock accounts.

To help with this particular pain point, Rob today in his diary published a PowerShell script

that you can use to proactively warn your users with an email that their password is about

to expire.

Warning users in time also helps them then hopefully come up with a better password than being

sort of confronted with the warning

that they must change their password now, which of course then just makes them want to get

work started and pick the weakest possible password, passing whatever password policy you have.

And Mandian published an update to its investigation into the compromise of 3CX.

This was the voice over IP company that was compromised.

And as part of the compromised, its customers received malicious software embedded into its voiceover IP client.

The interesting part is that the initial infection of 3CX actually derived from another

supply chain compromise. Apparently one user at 3CX downloaded a package known as X-Trader, online trading software

that is overall legitimate, that was, however, discontinued in 2020 and as of late 2022,

still available for download from the original company's website.

However, it turns out that the particular version downloaded by this user was itself compromised,

...