An organized group of cyber attackers–the same group responsible for the pipeline ransomware attack–are mailing malicious USB flash drives to the public.
Some of the flash drives have contained a message impersonating the US Department of Health and Human Services and claim to be a COVID-19 warning, and other drives were sent with a gift card claiming to be from Amazon. These flash drives install ransomware (malicious software that blocks access to a computer system until a sum of money is paid) on the computer into which they are inserted. Be wary of a USB drive if you do not know exactly from where it came.
In the news