Spam Campaign Abuses Atlassian Jira, Targets Government and Corporate Entities
ATT&CK techniques detected
T1566.002Spearphishing Link
91%
"phishing and abuse of trusted saas platforms. introduction threat actors used atlassian jira cloud and its connected email system to run automated spam campaigns, effectively bypassing traditional email security by abusing the strong domain reputation of atlassian jira cloud prod…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
89%
"used standard jira - generated subject lines, which are less effective in enticing recipients to click on the links associated with online casinos and dubious investment schemes. it is unclear why threat actors used standard jira subject lines ; it might just have been the result…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
83%
"spam campaign abuses atlassian jira, targets government and corporate entities key takeaways - attackers abused atlassian cloud ’ s trusted domain for a spate of spam campaigns. the campaigns tried to leverage the domain name and reputation of this legitimate and well - known saa…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
We uncover how a campaign used Atlassian Jira Cloud to launch automated and targeted spam campaigns, exploiting trusted SaaS workflows to bypass security controls.