10Fold – Security Never Sleeps – 54

Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.

Big items to considerA hacker accessed the UC Berkeley financial system that holds 80,000 records of students and alumni. Researchers revealed that more than 300 apps in the google play store have hidden porn clicker Trojans. The idea of a ‘golden key’ backdoor originally surfaced in 2014. Over the weekend the IRS has admitted that the taxpayers data breach was bigger than they initially thought.

Data breach affects 80,000 UC Berkeley faculty, students and alumni Publication: Fox News Reporter name: Staff

A hacker broke into the University of California, Berkeley computer system holding financial data of 80,000 students, alumni, current and former employees, school officials said Friday. The university said that although there is no evidence that any information has been stolen, it has notified potential victims of the breach so they can watch for signs of possible misuse of their personal data. Those notified include students and staff who received non-salary payments though electronic fund transfers, such as financial aid awards and work-related reimbursements. Vendors whose financial information was in the system for payment purposes are also at risk. The hack occurred in December right after Christmas and just as UC Berkeley was in the middle of patching a security flaw in the financial management system.


Google Play Store: Porn clicker trojans masquerading as legitimate apps on Android app store Publication: International Business Times Reporter name: Agamoni Ghosh

Researchers at security firm ESET, say they have found more than 300 apps on Google Play in the last seven months that are porn clicker trojans but masquerade as legitimate apps mostly in the form of games and direct traffic to specific sites, mainly pornographic. Malicious porn clickers are mostly fake versions of popular games with names and icons very similar to legitimate applications. ESET malware researcher Lukas Stefanko says that the porn clicker is one of the longest and most successful malware infiltrations in the history of the Google Play Android app store and cyber criminals are continuing to upload further variants to the platform.


Most software already has a “golden key” backdoor: the system update Publication: Ars Technica Reporter name: Leif Ryge

In 2014 when The Washington Post Editorial Board wrote “with all their wizardry, perhaps Apple and Google could invent a kind of secure golden key they would retain and use only when a court has approved a search warrant,” the Internet ridiculed them. Many people painstakingly explained that even if there were somehow wide agreement about who would be the “right” people and governments to hold such an all-powerful capability, it would ultimately be impossible to ensure that such power wouldn’t fall in to the “wrong” hands.


IRS: 390K More Victims of IRS.Gov Weakness Publication: Krebs on Security Reporter name: Brian Krebs

The U.S. Internal Revenue Service (IRS) today sharply revised previous estimates on the number of citizens that had their tax data stolen since 2014 thanks to a security weakness in the IRS’s own Web site. According to the IRS, at least 724,000 citizens had their personal and tax data stolen after crooks figured out how to abuse a (now defunct) IRS Web site feature called “Get Transcript” to steal victim’s prior tax data. The number is more than double the figures the IRS released in August 2015, when it said some 334,000 taxpayers had their data stolen via authentication weaknesses in the agency’s Get Transcript feature. Turns out, those August 2015 estimates were more than tripled from May 2015, when the IRS shut down its Get Transcript feature and announced it thought crooks had abused the Get Transcript feature to pull previous year’s tax data on just 110,000 citizens.