The Cybersecurity and Infrastructure Security Agency (CISA) has released the following statement regarding a spearphishing campaign targeting government organizations, intergovernmental organizations (IGOs), and non-governmental organizations (NGOs):
“CISA and the FBI are engaged in addressing malicious activity by a cyber threat actor that leveraged an account hosted by a third-party email service to send malicious emails to approximately 350 organizations, including federal agencies and NGOs. At this point CISA has not identified significant impact on federal government agencies resulting from these activities. CISA continues to work with the FBI to understand the scope of these activities and assist potentially impacted entities. While many organizations have controls in place to block malicious emails and prevent associated impacts, we encourage all organizations to review our Activity Alert and take steps to reduce their exposure to these types of threats.”
Read more at CISA
New Sophisticated Email-Based Attack from Attacker Behind SolarWinds Exploits USAID