Hello, Guest.!
/

US-CERT: Email-Based Phishing Attacks Target Gov’t Agencies, Private Sector

1 min read


CyberCrimeKeyboardThe U.S. Computer Emergency Readiness Team has disclosed email-based phishing campaigns that it said operated between June and July to target government agencies and the private sector.

US-CERT said Saturday that it detected three phishing attacks in the form of email-attached website links, compromised corporate websites and a compressed file that contained a malicious executable content.

The attackers worked to spread the campaigns by infecting systems to gain entry into organizational networks and steal critical non-public information, according to US-CERT.

The team recommends organizations implement email server and security gateway filters, web proxy and firewall and DNS server blocks in order to address the threat.

US-CERT also calls on agencies to scan email server logs for applicable sender, subject and attachments; check web proxy, DNS, firewall and IDS logs for malicious activity; and assess anti-virus logs for malware alerts.

For infected systems, US-CERT recommends users capture live memory and forensic images of systems for analysis.

Leave a Reply

Your email address will not be published.