China’s Salt Typhoon Hackers Breached the US National Guard for Nearly a Year

Plus: Secret IRS data-sharing with ICE, a 20-year-old hackable vulnerability in train brakes, and more...

Threat actors leverage tax season to deploy tax-themed phishing campaigns

As Tax Day approaches in the United States on April 15, Microsoft has observed several phishing campaigns using tax-related themes for social engineering to steal credentials and deploy malware. These campaigns notably use redirection methods such as URL shorteners and QR codes contained in...

CVE-2024-24757

open-irs is an issue response robot that reponds to issues in the installed repository. The .env file was accidentally uploaded when working with git actions. This problem is fixed in 1.0.1. Discontinuing all sensitive keys and turning into secrets...

After concerns of handing Facebook taxpayer info, four companies found to have improperly shared data

Four tax preparation software companies failed to comply with government rules that require the sharing of tax-related info to be done only with specific disclosures and full tax-payer consent, according to an audit released by the Treasure Inspector General for Tax Administration TIGTA in the...

69,000 Bitcoins Are Headed for the US Treasury—While the Agent Who Seized Them Is in Jail

The $4.4 billion in crypto is set to be the largest pile of criminal proceeds ever sold off by the US. The former IRS agent who seized the record-breaking sum, meanwhile, languishes in a Nigerian jail cell...

Malware Campaign Lures Users With Fake W2 Form

The following analysts contributed to the research: Evan McCann, Matt Smith, Ipek Solak, Jake McMahon Rapid7 has recently observed an campaign targeting users searching for W2 forms using the Microsoft search engine Bing. Users are subsequently directed to a fake IRS website, enticing them to...

Tax scammer goes after small business owners and self-employed people

While most tax payers don’t particularly look forward to tax season, for some scammers it’s like the opening of their hunting season. So its no surprise that our researchers have found yet another tax-related scam. In this most recent scam, weve not seen the lure the scammer uses, but it is likel...

CVE-2024-24757

open-irs is an issue response robot that reponds to issues in the installed repository. The .env file was accidentally uploaded when working with git actions. This problem is fixed in 1.0.1. Discontinuing all sensitive keys and turning into secrets...

CVE-2024-24757

CVE-2024-24757 affects the open-irs repository bot where an ".env" file was accidentally uploaded during git actions, revealing sensitive keys. This exposure is documented across multiple sources (NVD entry with CVSS v3.1 base score 9.8; Red Hat entry; PT-Security). The root cause is an accidenta...

CVE-2024-24757 open-irs .env Exposure

open-irs is an issue response robot that reponds to issues in the installed repository. The .env file was accidentally uploaded when working with git actions. This problem is fixed in 1.0.1. Discontinuing all sensitive keys and turning into secrets...

CVE-2024-24757 open-irs .env Exposure

open-irs is an issue response robot that reponds to issues in the installed repository. The .env file was accidentally uploaded when working with git actions. This problem is fixed in 1.0.1. Discontinuing all sensitive keys and turning into secrets...

CVE-2024-24757 open-irs .env Exposure

open-irs is an issue response robot that reponds to issues in the installed repository. The .env file was accidentally uploaded when working with git actions. This problem is fixed in 1.0.1. Discontinuing all sensitive keys and turning into secrets...

open-irs Information Disclosure Vulnerability

Degamisu open-irs is an issue response bot from Degamisu Japan for responding to issues in installed repositories. An information disclosure vulnerability exists in open-irs, which stems from the accidental upload of an .env file during a git operation...

PT-2024-20535 · Open-Irs · Open-Irs

Name of the Vulnerable Software and Affected Versions: open-irs versions prior to 1.0.1 Description: The issue concerns an accidentally uploaded .env file when working with git actions, which contains sensitive information. This problem has been fixed in version 1.0.1. The solution involves...

Tax season is here, so are scammers

The Internal Revenue Service has announced that the 2024 tax filing season has officially begun, with an expected 146 million individual tax returns to be filed. While it is costly and complex for the IRS to process so many digital and paper documents, it can also be a headache for many Americans...

Tax preparation firms shared sensitive information with Meta

A group of seven US senators has sent a letter to the heads of the IRS, the Department of Justice, the Federal Trade Commission and the IRS watchdog, revealing that they have found evidence that reveals "a shocking breach of taxpayer privacy by tax prep companies and by Big Tech firms." According...

Malware authors join forces and target organisations with Domino Backdoor

Theres a new ransomware gang in town, stitched together from members of well known threat creators to push a new kind of malware focused on punishing unwary organisations. The malware family, called "Domino", is the brainchild of FIN7 and ex-Conti ransomware members. Domino has been seen in attac...

Beware: Fake IRS tax email wants your Microsoft account

Last week, the IRS reminded taxpayers that Tax Day, April 18, is Tuesday this week. However, in some states like Alabama, California, and New York, the federal office extended the filing deadlines due to natural disasters. This is an excellent reason for scammers to keep launching tax scam...

Pinduoduo, a Top Chinese Shopping App, Is Laced With Malware

Plus: 119 arrested during a sting on the Genesis dark-web market, the IRS aims to buy an online mass surveillance tool, and more...

Visitors of tax return e-file service may have downloaded malware

The IRS-authorized electronic filing service for tax returns, eFile.com, has been caught serving a couple of malicious JavaScript JS files these past few weeks, according to several security researchers and corroborated by BleepingComputer. Note this security incident only concerns eFile.com, not...