Security News

The Internal Revenue Service has warned US tax professionals of identity thieves actively targeting them in a series of phishing attacks attempting to steal Electronic Filing Identification Numbers. Scammers started this ongoing phishing campaign right before the US tax season with the end goal of stealing both client data and tax preparers' identities.

Google has revealed earlier this week that Gmail users from the United States are the most popular target for email-based phishing and malware attacks. After inspecting phishing and malware campaigns blocked by Gmail within five months, Google found that 42% of all targets were from the US, with the next two most targeted users being from the UK and Japan.

Election systems in the U.S. are vulnerable to cyber intrusions similar to the one that hit federal agencies and numerous businesses last year and remain a potential target for foreign hacking, according to a report released Wednesday. The report by the Center for Internet Security, a nonprofit that partners with the federal government on election security initiatives, focuses on how hardware and software components can provide potential entryways for hackers.

President Joe Biden's administration has asked a US federal court to pause proceedings aimed at banning TikTok to allow for a fresh review of the national security threat from the popular Chinese-owned video app. The Trump administration move to ban downloads of TikTok and its presence on online networks had been stalled amid legal challenges.

Image: USCG. The U.S. Coast Guard has ordered MTSA-regulated facilities and vessels using SolarWinds software for critical functions to report security breaches in case of suspicions of being affected by the SolarWinds supply-chain attack. "Reporting malicious cyber activity enhances maritime domain awareness and allows us all to be better postured to prevent and respond to cyber incidents that could disrupt commerce or jeopardize national security."

In Part 1 of this two-part series, we discussed the concept of "Cyber distancing" for employees asked to work from home during the COVID-19 pandemic. While working from home or even while at work for that matter, follow these steps to avoid behaviors that may let the bad guy in.

Brit cops have cuffed eight men in England and Scotland amid a probe into SIM-swapping attacks on high-profile US targets - including sports stars, musicians, and "Influencers" - that had money and personal data stolen. Last year unauthorised third parties took over the Twitter accounts of 130 celebrities including Elon Musk, Bill Gates, and former US president Barrack Obama.

Ten men part of a criminal gang involved in series of SIM swapping attacks targeting high-profile victims in the United States were arrested in the UK, Malta, and Belgium. SIM swap fraud allows scammers to take control of a target's phone number either via social engineering or by bribing mobile operator employees to port it to a SIM controlled by the fraudster.

A hacker's botched attempt to poison the water supply of a small Florida city is raising alarms about just how vulnerable the nation's water systems may be to attacks by more sophisticated intruders. The nation's 151,000 public water systems lack the financial fortification of the corporate owners of nuclear power plants and electrical utilities.

The FBI has discovered that the National Finance Center, a U.S. Department of Agriculture federal payroll agency, was compromised by exploiting a SolarWinds Orion software flaw, according to a Reuters report. NFC provides human resources and payroll services to roughly 170 federal agencies and over 650,000 federal employees since 1973.