CIS and the MS‑ISAC are convening an urgent Snap Call to provide U.S. state, local, tribal and territorial (SLTT) organizations with a timely threat update following significant developments in Iran and the potential implications for U.S. public sector. As the threat landscape shifts amongst heightened geopolitical tensions, timely information sharing is essential to helping public sector organizations protect their systems and communities. This briefing will [...]

The NJCCIC has issued a threat advisory related to the Active US-Iran Conflict which Likely Signals Opportunistic Threats to US SLTTs in Near-Term. Please click here to view.  

The NJCCIC received multiple reports of a payroll phishing campaign targeting New Jersey school districts. The subject line references a payroll increment project or direct deposit notice. Threat actors impersonate the superintendent or an administrator by compromising their account or spoofing the target organization’s domain to appear legitimate. The urgent emails claim to require district [...]

Data Privacy Week is an international effort to spread awareness and reinforce the importance of online privacy and protecting your data.  This year's theme is "Take control of your data." The National Cybersecurity Alliance offers a series of webinars, articles, and resources to help keep your data safe. Here are some key links to information.  [...]

The NJCCIC observed a campaign posing as delivery failure notifications from the United States Postal Service (USPS). The message is addressed to a generic “customer” and directs the user to click the provided link to update their address details. It also claims that if the user ignores the request, the undelivered package will be returned [...]

Action Not Required: The IT Help Desk Scam Threat actors often impersonate IT support to deceive their targets into disclosing account credentials and installing malware. They usually lure with urgent emails related to account issues, such as expired passwords, full mailboxes, and security alerts. Threat actors send emails containing fraudulent links, malicious attachments, or fake [...]

The NJCCIC observed a phishing campaign targeting several public sector organizations in New Jersey. These emails are sent from accounts ending in the domain "benefitsfactor[.]com" and contain subject lines similar to "Confidential: Compensation Update for (recipient)." The body of the email references a benefits compensation package with an access code to open the attached document [...]

AGENT TESLA The NJCCIC observed a campaign attempting to distribute Agent Tesla malware. Agent Tesla functions as a remote access trojan (RAT) with information-stealing capabilities, including keystroke logging, password harvesting, clipboard theft, and screen capture. While first discovered in 2014, Agent Tesla remains a popular Malware-as-a-Service (MaaS). In this campaign, threat actors send phishing emails claiming to [...]