Security News

A Walmart phishing campaign is underway that attempts to steal your personal information and verifies your email for further phishing attacks. A new email phishing campaign pretends to be from Walmart with a subject line of "Your Package delivery Problem Notification lD#" stating that they could not deliver your package because your address is incorrect.

The group behind the infamous SolarWinds hacks is on another cyberattack spree, this time targeting not just government agencies but others as well. In a report published Thursday, Microsoft revealed that the threat actor Nobelium launched a series of attacks this past week against government agencies, think tanks, consultants, and non-governmental organizations.

The FBI on Thursday published indicators of compromise associated with the continuous exploitation of Fortinet FortiOS vulnerabilities in attacks targeting commercial, government, and technology services networks. In early April, the FBI along with the Cybersecurity and Infrastructure Security Agency warned that threat actors had been targeting serious security holes in Fortinet's flagship operating system FortiOS for initial access into victims' networks.

The Russia-linked threat group believed to be behind the SolarWinds attack has been observed launching a new campaign this week. The attacks have targeted the United States and other countries, and involve a legitimate mass mailing service and impersonation of a government agency.

Nobelium, the Russia-aligned gang identified as the perpetrators of the supply chain attack on SolarWinds' Orion software, has struck again, Microsoft vice president Tom Burt in a blogpost Thursday. Burt's post says the attacks saw Nobelium gain access to accounts on the email marketing service "Constant Contact" operated by The United States Agency for International Development.

The security team at Forrester busts a number of security myths. Recently, an op-ed sent information security Twitter into a tizzy by blaming cybersecurity industry best practices for recent high-profile security breaches.

Canada Post has informed 44 of its large commercial customers that a ransomware attack on a third-party service provider exposed shipping information for their customers. Yesterday, Canada Post disclosed that a third-party supplier named Commport Communications suffered a ransomware attack where threat actors accessed data stored in their systems.

Security researchers found a new BazarCall email phishing campaign that manages to bypass automated threat detection systems to deliver the BazarLoader malware used by the TrickBot gang. BazarCall is a new phishing method in use since the beginning of the year that relies on call centers to direct users to downloading malware laced documents.

A May 1 ransomware attack against California hospital chain Scripps Health continues to impact both the organization and its patients almost a month later. On Monday, Scripps Health published an FAQ with new details about the attack as well as directions for affected patients.

Vulnerabilities in Visual Studio Code extensions could be exploited by malicious attackers to steal valuable information from developers and even compromise organizations, researchers with open-source software security firm Snyk say. Generally considered secure, VS Code extensions could expose millions of developers to malicious attacks, potentially leading to the compromise of information stored on developer machines, such as credentials, or even opening the route to further attacks.