Tag Archives: phishing

Information technology security company Lookout released a report stating that over 70 percent of phishing-based threats to agencies last year used tactics to obtain sensitive information through login credentials. The report also found that credential harvesting techniques significantly increased for federal agencies compared to state and local entities. Credential theft tactics that impacted federal agencies rose by 90 percent.

The Cybersecurity and Infrastructure Security Agency (CISA), Department of the Treasury (DOT) and the FBI have released a joint advisory about the AppleJeus malware and other indicators of compromise that North Korea-backed threat actors use to perform cryptocurrency theft. The joint advisory released Wednesday provides technical details about seven versions of AppleJeus malware that Hidden Cobra actors have been using since 2018. 

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an analysis report in response to cyber attacks on cloud services of various organizations. The agency also found that hackers take advantage of email forwarding rules created by users to gain access to sensitive data. CISA has recommended several measures to help organizations protect cloud environments.

Greg Sisson, acting deputy chief information officer for cybersecurity and chief information security officer at the Department of Energy (DOE), said the public must be wary of scams that use social engineering tactics amid the pandemic. Sisson explained that social engineering scams use human interaction through texts, phone calls, emails and online platforms to obtain personal information.

NASA officials told the House Space Subcommittee o n Friday that the transition to telework due to the COVID-19 pandemic has led to new cybersecurity challenges. Paul Martin, NASA inspector general, told the House subpanel during the hearing that the space agency has seen an increase in cyber threats including phishing attempts during the period.

The National Institute of Standards and Technology (NIST)  has created a new method that organizations may use to protect themselves from phishing, a cyber attack that uses emails with malicious links potentially containing malware. The method, known as The Phish Scale, is designed to inform explanations behind the click rates of links found in phishing emails.

Maria Roat, deputy federal chief information officer (CIO) and 2020 Wash100 Award recipient, recently discussed how developing emerging technologies, such as quantum computing, could invalidate encryption methodologies in the future. She added that federal systems must evolve to support innovation. Roat noted that investing in modern zero-trust security architectures and flexible, scalable cloud-solutions is essential to agencies. 

The Cybersecurity and Infrastructure Agency and its U.K. counterpart are urging the public to be cautious of malicious actors that use the current health crisis to conduct scams and other cyber attacks.

The Internal Revenue Service is calling on taxpayers to be wary of fraudsters using social media posts, emails, texts and calls to obtain financial information amid the current public health crisis, The Hill reported Thursday.

The Department of Energy’s office of cybersecurity, energy security and emergency response has advised partners in the government and energy industry to be vigilant to phishing attacks, malicious emails and other cyber threats amid the new coronavirus pandemic. CESER is calling on corporate leaders to advise their employees to be aware of risks associated with phishing, external emails and social engineering, DOE said Thursday.