Microsoft Security Intelligence said it has been tracking a campaign of remote access trojans (RATs) targeting the aerospace and travel industries with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AysncRAT used for data theft, data exfilteration.

The level of targeting is also a reason why it’s so hard to detect attacks. They change and are tailored. SecOps has to align to with threats targeting their organisation specifically and not look for generic threats.Sector oriented spear-phisihing will be higher during this pandemic

It’s not shocking that attackers are targeting the transport sector as the sector is about to come back to life. Therefore, a well-crafted campaign addressing this situation is even better.They can read their emails and use the newly compromised place as heaven to attack their partners.

An email that asks users to do something brand new the sender has never asked them to do before.The action could be harmful to their or their organization’s own best interest.