Home / News / US-CERT: Email-Based Phishing Attacks Target Gov’t Agencies, Private Sector

US-CERT: Email-Based Phishing Attacks Target Gov’t Agencies, Private Sector

CyberCrimeKeyboardThe U.S. Computer Emergency Readiness Team has disclosed email-based phishing campaigns that it said operated between June and July to target government agencies and the private sector.

US-CERT said Saturday that it detected three phishing attacks in the form of email-attached website links, compromised corporate websites and a compressed file that contained a malicious executable content.

The attackers worked to spread the campaigns by infecting systems to gain entry into organizational networks and steal critical non-public information, according to US-CERT.

The team recommends organizations implement email server and security gateway filters, web proxy and firewall and DNS server blocks in order to address the threat.

US-CERT also calls on agencies to scan email server logs for applicable sender, subject and attachments; check web proxy, DNS, firewall and IDS logs for malicious activity; and assess anti-virus logs for malware alerts.

For infected systems, US-CERT recommends users capture live memory and forensic images of systems for analysis.

Check Also

AFRL Seeks Health Monitoring, Warfighter Dev’t Concepts

The Air Force Research Laboratory is looking for concepts to speed up human-monitoring research and development initiatives for warfighters. The laboratory is in need of prototypes to support performance enhancement, health monitoring and diagnostics systems, the Wright-Patterson Air Force Base said Thursday.

Leave a Reply

Your email address will not be published. Required fields are marked *