10Fold – Security Never Sleeps – 46

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to considerIdentity thieves attempted to steal the E-File PINS that are used to file tax returns, around 464,00 social security numbers were involved. Cisco has patched a critical vulnerability that could allow hackers to Cisco’s firewall. Four third-party Android apps stores have been found with malicious components that seek to gain root access to devices. Gamers who download cheats for Hearthstone games have been plagued with malware after searching for third-party cheat apps.

The IRS Says Identity Thieves Hacked Its Systems Again Publication: Fortune Reporter name: Jonathan Chew

Identity thieves attempted to breach computer systems at the Internal Revenue Service to file fraudulent tax refunds. The criminals were especially after E-file PINs, which are used by some individuals to electronically file a return, the agency said in a statement released Tuesday. Around 464,000 unique social security numbers were involved, and of that total, 101,000 SSNs were used to successfully access an E-file PIN. The thieves used personal taxpayer data that was stolen elsewhere to help generate the PINs, the agency said. No personal data was compromised or disclosed by IRS systems, and affected taxpayers will be notified by mail of the attack. “The IRS is also protecting their accounts by marking them to protect against tax-related identity theft,” the agency added.


Critical VPN key exchange flaw exposes Cisco security appliances to remote hacking Publication: InfoWorld Reporter name: Lucian Constantin

Cisco Systems patched a critical vulnerability that could allow remote attackers to take over Cisco Adaptive Security Appliance (ASA) firewalls configured as virtual private network servers by simply sending malformed network packets to them. For devices that are designed to protect private networks from Internet attacks, this is as bad as it gets. That’s why Cisco rated the vulnerability with the maximum score of 10 in the Common Vulnerability Scoring System. The flaw is located in the Cisco ASA code that handles the Internet Key Exchange version 1 (IKEv1) and IKE version 2 (IKEv2) protocols. More precisely, it stems from a buffer overflow condition in the function that processes fragmented IKE payloads.


Android root malware widespread in third-party app stores Publication: PC World Reporter name: Jeremy Kirk

Four third-party app stores for Android have apps with a malicious component that seeks root access to devices, according to Trend Micro. The security company found 1,163 Android application packages containing the malware, which it calls ANDROIDOS_ LIBSKIN.A, wrote Jordan Pan, a mobile threats analyst with Trend. The malware obtains root access to the phone, the highest level of access and privilege. The apps containing the component were downloaded across 169 countries between Jan. 29 and Feb. 1 from marketplaces called Aptoide, Mobogenie, mobile9 and 9apps.


Hearthstone gamers who download cheats may be cursed with malware Publication: SC Magazine Reporter name: Bradley Barth

Evoking the old axiom “cheaters never prosper,” Symantec yesterday warned online gamers of new Windows-based malware schemes victimizing fans of the strategy card game Hearthstone: Heroes of Warcraft. According to the company’s Security Response blog, hackers behind these cyberthreats are preying on dishonest players who seek out third-party cheat apps to improve their rankings and build their weapons caches.