IRS Taxpayer Accounts Breached

IRS: 100,000 Taxpayer Accounts Breached

100,000 taxpayer accounts were breached via the IRS Get Transcript service.  Taxpayers’ transcripts were accessed after hackers authenticated to the system using the service’s multi-step authentication process.  Several pieces of personal information were utilized to successfully authenticate to the system.  It is likely that the attackers acquired the personal data utilized in this breach from a previous data breach unrelated to the IRS.

New Flaw Discovered – LogJam

Massive ‘Logjam’ Flaw Discovered

20-year-old flaw in TLS discovered.  TLS protects data during transmission over the Internet from eavesdropping. This includes websites, mail servers and VPNs.

Anyone hosting a web server or mail server “should disable support for export cipher suites and generate a unique 2048-bit Diffie-Hellman group”. Make sure your vendors are aware and taking appropriate action. You can test your server here. Everyone should apply appropriate patches to their web browsers.

Penn State Breach

China Blamed for Penn State Breach

Penn State University is the latest victim of cyberattacks. The cyberattacks have been going on for at least two years and have targeted the College of Engineering.  Investigations are still underway, but they have concluded that usernames and passwords have been compromised.  Research universities have become a target due to the sensitive information and intellectual property they hold.

Zero-Day Vulnerability: Venom

VENOM Zero-Day May Affect Thousands of Cloud, Virtualization Products
Bigger than Heartbleed, ‘Venom’ security vulnerability threatens most datacenters

New zero-day vulnerability has been identified today.  Attackers can exploit the vulnerability that exists in the open-source QEMU hypervisor. By doing so they can break out of the affected virtual machine and have access to the physical server and the other virtual machines.  QEMU is utilized in some capacity in other more widely used virtualization products such as Xen, KVM (kernel-based virtual machine) and Oracle VM VirtualBox.  Venom will be extremely detrimental for data centers.
Not affected: VMware, Microsoft Hyper-V, and Bochs hypervisors.

Apple Pay Exploit #2

How Apple Pay Is Exploited For Fraud

The technology of Apple Pay has not been exploited; however, weaknesses in setting up Apple Pay do exist. The first method, reported earlier this year, involved fraudsters setting up stolen credit cards on Apple Pay due to weak or non-existent customer authentication methods. Now fraudsters are continuing this practice; however, this time they are using out-of-band authentication methods, such as verification by phone. The fraudsters are porting phone numbers, most commonly customers’ landlines.