June 21, 2021

SpywareNews.com

Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!

FBI – Constant Contact spear phishing alert May 2021

Highly targeted “spear phishing” cyber-attacks are occurring where information known by the attacker is used to create legitimate looking emails to gain unauthorized access to sensitive information

Joint CISA-FBI Cybersecurity Advisory on Sophisticated Spearphishing Campaign | CISA

Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs | CISA

Microsoft Points to Nobelium in USAID Spearphishing Attacks — Redmondmag.com

CISA and the Federal Bureau of Investigation (FBI) are responding to an ongoing spearphishing campaign targeting government organizations, intergovernmental organizations, and non-governmental organizations. A sophisticated cyber threat actor leveraged a compromised end-user account from Constant Contact—a legitimate email marketing software company—to spoof a U.S. government organization and distribute links to malicious URLs.

In response, CISA and FBI have released Joint Cybersecurity Advisory AA21-148A: Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs and Malware Analysis Report MAR-10339794-1.v1, providing tactics, techniques, and procedures (TTPs); downloadable indicators of compromise (IOCs); and recommended mitigations. CISA strongly encourages organizations to review AA21-148A and  MAR-10339794-1.v1 and apply the necessary mitigations.