Home / News / US-CERT: Email-Based Phishing Attacks Target Gov’t Agencies, Private Sector

US-CERT: Email-Based Phishing Attacks Target Gov’t Agencies, Private Sector

CyberCrimeKeyboardThe U.S. Computer Emergency Readiness Team has disclosed email-based phishing campaigns that it said operated between June and July to target government agencies and the private sector.

US-CERT said Saturday that it detected three phishing attacks in the form of email-attached website links, compromised corporate websites and a compressed file that contained a malicious executable content.

The attackers worked to spread the campaigns by infecting systems to gain entry into organizational networks and steal critical non-public information, according to US-CERT.

The team recommends organizations implement email server and security gateway filters, web proxy and firewall and DNS server blocks in order to address the threat.

US-CERT also calls on agencies to scan email server logs for applicable sender, subject and attachments; check web proxy, DNS, firewall and IDS logs for malicious activity; and assess anti-virus logs for malware alerts.

For infected systems, US-CERT recommends users capture live memory and forensic images of systems for analysis.

Check Also

Report: Army’s CDID Eyes Robotic Technologies for Precision Strikes Against Enemies

The U.S. Army's capabilities development and integration directorate has teamed up with the National Advanced Mobility Consortium to develop autonomous system and robotic technologies intended for precision strike operations, Military.com reported Monday.

Leave a Reply

Your email address will not be published. Required fields are marked *