IRS, Security Summit Partners Warn of Surge in “New Client” Scams Aimed at Tax Pros As 2024 Filing Season Approaches
The Internal Revenue Service and the Security Summit partners recently alerted tax professionals to watch out for a new round of filing season-related email schemes where cybercriminals pose as potential clients. (IRS)
“Phishing scams pose a heightened threat during tax season, as cybercriminals exploit the urgency and complexity of filing taxes to target unsuspecting taxpayers and tax professionals.
– Hunter Landry, Senior SOC Analyst at Ingalls Information Security
“Professional monitoring and personal vigilance are integral parts of the fabric that makes up safeguarding financial service activities. This warning from the IRS Security Summit is a timely reminder that a proactive approach in developing comprehensive strategies for evolving threats is needed.
– Jessica Owens, Senior SOC Analyst at Ingalls Information Security
A critical Microsoft SharePoint server bug that can form part of a remote code execution (RCE) exploit chain has been added to the Cybersecurity and Infrastructure Security Agency’s (CISA’s) Known Exploited Vulnerabilities (KEV) Catalog. The bug, tracked as CVE-2023-29357, is an elevation of privilege vulnerability with a CVSS v3 score of 9.8. It was patched by Microsoft in June last year. (SC Media)
Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to execute arbitrary commands on the underlying system. Tracked as CVE-2024-20272 (CVSS score: 7.3), the vulnerability is an arbitrary file upload bug residing in the web-based management interface and is the result of a lack of authentication in a specific API and improper validation of user-supplied data. (The Hacker News)
In December, Wordfence received a submission for an Authorization Bypass vulnerability in POST SMTP Mailer, a WordPress plugin with over 300,000+ active installations. This vulnerability makes it possible for unauthenticated threat actors to reset the API key used to authenticate to the mailer and view logs, including password reset emails on WordPress sites that use this plugin. We also received another submission shortly after for an Unauthenticated Stored Cross-Site Scripting vulnerability in POST SMTP Mailer plugin from another researcher. This vulnerability enables threat actors to inject malicious web scripts into pages. (Wordfence)
Recent posts on the Dark Web introduced a new tool that incorporates Artificial Intelligence (AI) for creating fraudulent invoices used for wire fraud and Business E-Mail Compromise (BEC). According to an FBI Report, successful business email compromise (BEC) scams (such as invoice fraud) resulted in an average loss of over $120,000 per incident, inflicting a staggering financial toll of more than $2.4 billion on organizations. (Securityaffairs)
Intel, AMD, Zoom, and Splunk have each released security advisories on the first Patch Tuesday of 2024 to inform customers about vulnerabilities found in their products. (SecurityWeek)