Threatpost: Hold off on the notion that watering hole attacks may supplant phishing as the initial means of compromise in advanced attacks. A number of recent targeted campaigns have used the crash of Malaysia Airlines 370 as a lure to infect government officials in the U.S. and Asia-Pacific.
FireEye today published research on a number of spear phishing attacks that contained either infected attachments or links to malicious websites. One Chinese group, admin@338, has been active in the past targeting international financial firms that have expertise in analyzing global economic policies. Two days after flight 370 was reported missing, a spear phishing email was sent to government officials in Asia-Pacific, FireEye said, with an attachment referring to the missing airliner.