"Emotet Is Back and Phishing State and Local Governments, CISA Warns"

The Cybersecurity and Infrastructure Security Agency (CISA) published an alert about the recent resurgence of the credential-stealing malware Emotet. Since its return, there has an increase in Emotet attacks against U.S. state and local governments. Researchers discovered that Emotet is now applying new tactics, including the use of subject lines in phishing email attacks that capitalize on the COVID-19 crisis. The Emotet downloader is also now contained in a password-protected archive file to avoid the security gateways implemented to protect email accounts. This article continues to discuss CISA's warning about the return of Emotet, researchers' findings surrounding this malware's new tactics, and suggested steps that state and local IT organizations can take to avoid falling victim to Emotet attacks. 

StateScoop reports "Emotet Is Back and Phishing State and Local Governments, CISA Warns"