Cybersecurity and Infrastructure Security Agency (CISA) Warns of Foreign Actor Conducting Large-Scale Spear-Phishing Campaign with Malicious Files

CISA has received multiple reports of a large-scale spear-phishing campaign targeting organizations in several sectors, including the health care and public health sector. The foreign threat actor, often posing as a trusted entity, is sending spear-phishing emails containing malicious remote desktop protocol files to targeted organizations to connect to and access files stored on the target’s network. Once access has been gained, the threat actor may pursue additional activity, such as deploying malicious code to achieve persistent access to the target’s network.

Access the full press release from CISA to learn more.