EUVD-2019-8350

Malware in sbrugna...

CVE-2019-18626

Harris Ormed Self Service before 2019.1.4 allows an authenticated user to view W-2 forms belonging to other users via an arbitrary empNo value to the ORMEDMIS/Data/PY/T4W2Service.svc/RetrieveW2EntriesForEmployee URI, thus exposing sensitive information including employee tax information, social...

CVE-2019-18626

Harris Ormed Self Service before 2019.1.4 allows an authenticated user to view W-2 forms belonging to other users via an arbitrary empNo value to the ORMEDMIS/Data/PY/T4W2Service.svc/RetrieveW2EntriesForEmployee URI, thus exposing sensitive information including employee tax information, social...

Carbon Black Report Finds Tax Fraud & “Identity Theft On Demand” Continuing to Take Shape on the Dark Web

While online sales of identity and banking information have both been easily accessible to malicious actors for a decade or more, there has been a recent maturation in the dark web economy focused on tax identity theft. Carbon Black’s recent research into various marketplaces on the dark web foun...

FBI Warns Of Spike In W-2 Phishing Campaigns

The Federal Bureau of Investigation is warning businesses about a spike in phishing campaigns requesting W-2 information from payroll personnel. In a recent security advisory the FBI warned it has seen an increase since January in reports of compromised or spoofed emails involving W-2 forms. Thes...

Business Email Compromise Losses Up 2,370 Percent Since 2015

Business Email Compromise BEC schemes, where executives are scammed via social engineering and phishing compromises that ultimately lead to fraudulent wire transfers, grew at a jaw-dropping rate of 2,370 percent in the last two years. The FBI yesterday published its latest statistics on these...