Emotet Targeting Government, Military Organisations
The Emotet botnet has been targeting the US government and US military since its resurgence in September 2019. The observation is made by the increase of outbound Emotet email directed at .mil and .gov top-level domains (TLDs) from September to December 2019. It is believed that at least one US government employee has been compromised, which causes a rapid increase in the number of infectious Emotet messages directed at the US government and military by December 2019. Emotet is modular in design and can expand its functionality by retrieving DLLs from its Command and Control server. Its email module can harvest email addresses from the victim's email client and steal the victim's actual emails which are used for social engineering to further distribute Emotet.
References:Stolen Emails Reflect Emotet's Organic Growth
More Weekly Cyber Newsanalysis and insights
Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.
Ensign Systems Integration
Architecting and implementing cybersecurity solutions that bolster defences
Ensign Managed Security Services
Managing your security operations for advanced threat detection, continuous monitoring, and triage services