10Fold – Security Never Sleeps – 42

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to considerTaxSlayer LLC has now confirmed that hackers have stolen information from 8,800 customer accounts. Security researcher Mikko Hypponen has published an online library of the complete history of malware. MIT has claimed that RFID chip security concerns are now a thing of the past. Dridex malware has evolved yet again, the botnet now delivers the free Avira antivirus program.

Tax Software Provider Discloses Data Breach – Publication: The Wall Street Journal – Reporter name: Laura Sunders

Criminals may have stolen personal and tax-return information from about 8,800 customers of TaxSlayer LLC, a provider of software to individuals who prepare their own tax returns, according to the company. The data breach is the second reported by a major tax software firm this year. In January, TaxAct said information on about 450 customers had been stolen and there was suspicious activity in about 9,000 other accounts


The Malware Museum: An online archive of computer viruses of yore – Publication: VentureBeat – Reporter name: Paul Sawers

Courtesy of online security guru Mikko Hypponen, the Malware Museum is an Internet Archive-hosted compendium of prominent malware programs from the 1980s and 1990s, mainly viruses. Once actioned, many viruses would display messages or animations to let you know your PC had been infected.


MIT computer experts unveil RFID chip technology that is ‘impossible to hack’ – Publication: International Business Times – Reporter name: Jason Murdock

RFID chips are now commonplace, used in everything from passports and transport swipe cards to amusement-park tickets. However, as security and privacy concerns among the public have grown in recent years, and with people becoming increasingly suspicious of the technology, the MIT research could be welcome news to those that rely on such chips. Now, the researchers claim their cutting-edge findings would mean that security concerns regarding RFID systems become a thing of the past. According to Chiraag Juvekar, an electrical engineering graduate at MIT and a co-author of the research, the new chip has been designed to curb so-called ‘side-channel attacks’ that can be used to steal the encryption keys contained in RFID technology.


Dridex botnet hacked to deliver free antivirus software – Publication: BetaNews – Reporter name: Ian Barker

Widely used by cyber criminals to introduce malware onto systems, the Dridex banking trojan has been subject to a number of high profile investigations, and a takedown by US authorities last year. These things don’t stay dead for long, however, and Dridex is back in business. But in an interesting new twist it seems that the Dridex botnet has been hijacked to deliver the free Avira antivirus program rather than its more usual malicious payload. Dridex is spread by spam, usually using a Word document with malicious macros. Once the file has been opened, the macros download the payload from a remote server, and the computer is infected. In the latest version though the links have been modified to deliver Avira instead.