The NCCIC has released a Threat Alert on the Emotet malware, an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the most costly and destructive malware affecting state, local, tribal, and territorial (SLTT) governments, and the private and public sectors. Emotet is disseminated through malspam (emails containing malicious attachments or links) that uses branding familiar to the recipient and imitates PayPal receipts, shipping notifications, or “past-due” invoices. Consequences of Emotet infection include temporary or permanent loss of sensitive or proprietary information, disruption to regular operations, financial losses incurred to restore systems and files, and potential harm to an organization’s reputation. The Threat Alert contains additional details about Emotet, including how it functions and solutions for protecting systems, which include restricting inbound SMB communication between client systems and creating an organization policy regarding suspicious emails, among others. NCCIC/US-CERT.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!