NEWS - April 14, 2014

"Over six hours, tax IDs plucked from servers run by the Canada Revenue agency."

Underscoring the severity of the Heartbleed bug affecting huge swaths of the Internet, hackers exploited the vulnerability to steal taxpayer data for at least 900 Canadian citizens and an unknown number of businesses, officials in that country warned Monday morning.

Canada Revenue Agency (CRA) officials said they removed public access to online tax services last Tuesday, a day after the catastrophic defect in the widely used OpenSSL cryptography library surfaced. But by then it was too late. Hackers casing online CRA services were nonetheless able to exploit the OpenSSL flaw, which makes it possible to pluck private encryption keys, passwords, and other sundry sensitive data out of the private computer memory of servers running vulnerable versions of the open-source library.

Continued : http://arstechnica.com/security/2014/04/heartbleed-bug-exploited-to-steal-taxpayer-data/

Related:
Confirmed Heartbleed victim: Canada Revenue Agency
Heartbleed bug: 900 SINs stolen from Revenue Canada
Canadian taxman says hundreds pierced by Heartbleed SSL skewer

"Malwarebytes Unpacked" Blog:

We're seeing numerous Youtube videos advertising programs and functionality related to Windows XP, which is interesting given it just rode off into the sunset.

A relevant angle to start off with: security programs, because a little extra security on an XP box certainly won't hurt these days: [Screenshot]

The above links lead to PUP executables (Potentially Unwanted Programs), which in this case Malwarebytes Anti-Malware detects as PUP.Optional.Amonetize.A. The VirusTotal score is 16 / 51, and you can see a Malwr analysis here. [Screenshot]

We saw more downloads elsewhere, such as the following "Media Center" keygen which we detect as RiskWare.Tool.CK.

Continued : http://blog.malwarebytes.org/online-security/2014/04/xp-themed-downloads-and-offers-doing-the-rounds/

Many companies believe that if they protect their intellectual property and customers' information, they've done a decent job of safeguarding their crown jewels from attackers. But in an increasingly common scheme, cybercriminals are targeting the Human Resources departments at compromised organizations and rapidly filing fraudulent federal tax returns on all employees.

Last month, KrebsOnSecurity encountered a Web-based control panel that an organized criminal gang has been using to track bogus tax returns filed on behalf of employees at hacked companies whose HR departments had been relieved of W2 forms for all employees. [Screenshot]

According to the control panel seen by this reporter, the scammers in charge of this scheme have hacked more than a half-dozen U.S. companies, filing fake tax returns on nearly every employee. At last count, this particular scam appears to stretch back to the beginning of this year's tax filing season, and includes fraudulent returns filed on behalf of thousands of people — totaling more than $1 million in bogus returns.

Continued : http://krebsonsecurity.com/2014/04/crimeware-helps-file-fraudulent-tax-returns/

A report in the Wall Street Journal says that Google is considering a boost in search ranking for sites that use encryption.

The story cites Google Distinguished Engineer Matt Cutts, who is in charge of the company's webspam program for removing spam results from search. It says Cutts "hinted" at the possibility at a recent conference.

A Google spokesperson said the company had no announcements at this time.

Google's page ranking algorithm is famously complex, with many variables to reward and punish sites. It's possible that such a change would, at least in the short term, reward sites that attempt to game the Google ranking.

Continued : http://www.zdnet.com/google-may-boost-search-ranking-for-https-sites-7000028404/

Related: Google said to be eyeing a boost to encrypted sites in search results