The recent ransomware attack on Colonial Pipeline inspired a new phishing lure to trick victims into downloading malicious files. The emails are targeted and tailored as urgent notifications to download and install a system update that would defend against the latest ransomware strains. Researchers at cloud-based email security platform INKY analyzed the attack which attempted to compromise computer systems using the Cobalt Strike penetration testing tool. The fake emails use the Colonial Pipeline attack as an example of the devastating consequences a ransomware incident can have on an organization.
Source: https://www.bleepingcomputer.com/news/security/phishing-uses-colonial-pipeline-ransomware-lures-to-infect-victims/