As the city of Atlanta continues to recover from the epic ransomware incident that occurred in March, security researchers have discovered a rash of active Wi-Fi phishing attacks around Atlanta City Hall and the Georgia State Capital Building. As the prolonged aftermath of the SamSam ransomware attack plagues Atlanta, malicious actors seek ways to gain unauthorized access to the city's computer systems through phishing for valuable user credentials. Attackers are attempting to harvest credentials by establishing rogue access points and specially crafted web pages designed to mimic the city’s Wi-Fi access portals. Cybersecurity company Coronet reports they are detecting 678 active threats within a 5-mile radius of Atlanta's City Hall. It would appear threat actors are attempting to take advantage of other weaknesses during a time when staff are distracted with original recovery efforts. HelpNetSecurity.