I’m using Blueshield for a while and with the 3CX hack it had been a perfect chance to verify if Blueshield is a good choice.
On March the 29th Crowdstrike released an Article with domains which might be used for malicious traffic.
I’ve used the Domains from the Crowdstrike article to verify if Blueshield would’ve blocked the all of them
You may read the full article here:
I’ve created a csv with all the Domains and uploaded it to Blueshield for a Live Lookup
Here’s the result, but one Domain hadn’t been blocked because there hadn’t been a DNS entry for that Domain.
But that’s fine, because if it gets registered then Blueshield will block it automatically.
In my opinion this shows that the whitelisting concept of Blueshield is a good choice and we’ll integrate Blueshield into our Secure WAN solution.
Here’s a link to the official statement from 3CX and what they recommed regarding the attack:
3CX’s Latest Security Incident Updates | Saturday 1 April 2023
