The world was shook up by the release of the email server hack that contained 2.6 terabytes of documents that exposed many political leaders going back 40 years, the biggest exfiltration yet. In the meanwhile, in the heat of tax season, we are seeing more crafty tricks of threat actors trying to get their dirty hands on tax returns.  

Highlighting the cyber-security news from the past week in a 120 sec. read. Starting now.

 


Breaches

A giant leak of a financial papers from a Panamanian law firm's hacked server, shocked the world when the 11.5M files exposed 143 politicians, including 12 national leaders and the billions of dollars that they are putting aside in offshore accounts.

why is this signficant?

 

  • It is reported that the files were exposed from an email server hack last year, a Robin Hood sort of hacker/or team of hackers have changed history, making this the largest case of breached documents.
  • The exfiltration of the documents hacked from the email server has already had a detrimental affect on some world leaders thus far.  Only 2 days after the Panama Papers hit the press, Iceland's PM stepped down after country wide protests set in the streets.  Only time will tell how this exfiltrated data will affect the positions of other world leaders and politicians.

Read the full story on The Register

IRS Scams

A reported 55 companies -and counting, are victims of a stream of phishing attacks that are targeting major companies.

why is this signficant?

  • There are reports all over of instances where threat actors are intercepting tax season by filing victim's W-2 forms and the tax refund is being forwarded to the threat actors without the victim even realizing the transaction took place.
  • Ultimately, the weakest link will always be the human. The victim at a target company receives a highly-personalized phishing email requesting the victim to forward the W-2 forms. The victim is then duped by the credible-looking email (for instance, the email is spoofed to appear coming from the CEO or CFO) that the victim is successfully duped.
  • The IRS has reported a 400% increase in phishing and malware attacks in this past year alone.

Read the full story on Info Security

Infiltration

The FBI says that an APT group, nicknamed APT6, could have had access to government databases since 2011, some argue that the sneaky threat actors could have been in the system of government officials as early as 2008.

why is this signficant?

  • It is suspected that the APT6 group has been living within the U.S. government's most sensitive systems, lying dormant for years. While attribution to APT 6 is not confirmed, it is considered sourced by a nation-state, some claiming China.
  • APT groups are nothing that the FBI should turn the other cheek and ignore...  It may be time for the government to throw out projects like the $6B intrusion detection project that failed to detect 94% of threats according to GAO report and look into changing their approach by assuming that the threats are actually within and instead, preventing the actual data exfiltration..

Read the full story on MotherBoard