Joint #CISA- #FBI #Cybersecurity Advisory on Sophisticated #Spearphishing Campaign

Read Time42 Second

Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

05/28/2021 05:52 PM EDT


Original release date: May 28, 2021
CISA and the Federal Bureau of Investigation (FBI) are responding to an ongoing spearphishing campaign targeting government organizations, intergovernmental organizations, and non-governmental organizations. A sophisticated cyber threat actor leveraged a compromised end-user account from Constant Contact—a legitimate email marketing software company—to spoof a U.S. government organization and distribute links to malicious URLs.

In response, CISA and FBI have released Joint Cybersecurity Advisory AA21-148A: Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs and Malware Analysis Report MAR-10339794-1.v1, providing tactics, techniques, and procedures (TTPs); downloadable indicators of compromise (IOCs); and recommended mitigations.

CISA strongly encourages organizations to review AA21-148A and  MAR-10339794-1.v1 and apply the necessary mitigations.

About Post Author

Robert Williams

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: