KQL for 3CX Compromise

Afternoon fellow blue teamers. I have some queries to detect IOCs from the recent 3CX compromise. I have a JSON file with an analytics rule you could import, as well as Defender advanced hunting queries.

https://github.com/melatonein5/3CXBeacoingKQLQuery

I thought I would make some of your lives easier. Happy Thursday!