Security News > 2021 > May
Canada Post, the primary postal operator in Canada, has informed 44 of its large business customers that some information was compromised as a result of a malware attack at a supplier. The impacted supplier is Commport Communications, an electronic data interchange provider that Canada Post uses to manage shipping manifest data for large parcel business customers.
Microsoft Edge Canary has received a new experimental Chromium-based Sharing Hub feature that makes it easier to share content with other people. Earlier this month, Google added a new experimental feature to Google Chrome Canary that adds a paper plan icon to your address bar, that when clicked, opens a new Sharing Hub feature.
The cybercriminal group behind the notorious SolarWinds attack is at it again with a sophisticated mass email campaign aimed at delivering malicious URLs with payloads enabling network persistence so the actors can conduct further nefarious activities. Microsoft Threat Intelligence Center began tracking this latest campaign of Nobelium in late January when it was in the reconnaissance stage, and observed as it "Evolved over a series of waves demonstrating significant experimentation," according to a blog post by the Microsoft 365 Defender Threat Intelligence Team.
The FBI on Thursday published indicators of compromise associated with the continuous exploitation of Fortinet FortiOS vulnerabilities in attacks targeting commercial, government, and technology services networks. In early April, the FBI along with the Cybersecurity and Infrastructure Security Agency warned that threat actors had been targeting serious security holes in Fortinet's flagship operating system FortiOS for initial access into victims' networks.
Recently, two highly publicized ransomware victims received a decryptor that was too slow to make it effective in quickly restoring the victim's network. In addition to the bugs, Wosar told BleepingComputer that ransomware operations' decryptors are "Atrociously slow", which makes them a lot less effective than restoring files from backups.
The Microsoft Threat Intelligence Center has discovered that the Russian-backed hackers behind the SolarWinds supply-chain attack are now coordinating an ongoing phishing campaign targeting government agencies worldwide. "While organizations in the United States received the largest share of attacks, targeted victims span at least 24 countries."
The Microsoft Threat Intelligence Center has discovered that the SolarWinds hackers are behind an ongoing spear-phishing campaign targeting government agencies worldwide. "While organizations in the United States received the largest share of attacks, targeted victims span at least 24 countries."
Considering recent announcements of major attacks caused by external malicious actors, including a ransomware attack on a U.S. gasoline pipeline, the need for increased security posture is as important as ever, and multilayered security remains the key. President Joe Biden signed an executive order this week that includes initiatives aimed at improving the nation's cybersecurity; across the Atlantic, a recent report by the U.K.'s National Cyber Security Centre shows how the U.K. is ramping up its cybersecurity defense measures.
The Russia-linked threat group believed to be behind the SolarWinds attack has been observed launching a new campaign this week. The attacks have targeted the United States and other countries, and involve a legitimate mass mailing service and impersonation of a government agency.
There, an Amazon Web Services cloud vulnerability, compounded by Capital One's own struggle to properly configure a complex cloud service, led to the disclosure of tens of millions of customer records, including credit card applications, Social Security numbers, and bank account information. As long as a cloud provider isn't losing customers by the droves - which generally doesn't happen after a security incident - it is incentivized to underinvest in security.