Stay informed on the latest in information security tax issues with expert analysis, tips, and updates on cybersecurity financial aspects.
Search across headline titles and summaries.
Background for this topic.
Tax is the compulsory financial charge or a sort of levy imposed by governmental organizations on individuals or entities to fund various public expenditures. In the context of information security, the topic of tax revolves around protecting sensitive financial data associated with tax filings, ensuring compliance with tax-related regulations, and safeguarding against tax-related fraud and cyber threats.
Information security measures in tax matters are crucial because they involve a high volume of personally identifiable information (PII), financial details, and often, proprietary business information. Cybersecurity protocols help in preventing unauthorized access, ensuring data integrity, and protecting against cyber attacks such as phishing schemes that specifically target tax information. These measures are essential to maintain trust in tax systems and to prevent financial loss or identity theft arising from potential security breaches.
Weekly headline count for the current query.
More than 1,600 socially engineered messages from the China-backed advanced persistent threat (APT) group target various sectors to deliver the previously undocumented ABCDoor backdoor, ValleyRAT, and other malware.
The China-based cybercrime group known as Silver Fox (aka Monarch, SwimSnake, The Great Thief of Valley, UTG-Q-1000, and Void Arachne) has been linked to a new campaign targeting organizations in Russia and India with a new malware called ABCDoor
How Risk-Centric Architecture, Unified Pricing Give SOC Managers Total VisibilitySecurity teams can't afford to leave assets unprotected, but per-endpoint pricing forces exactly that trade-off. Learn how abandoning rigid license models and adopting risk-centric architecture gives SOC teams total visibility and kernel-level prevention across every environment.
Security teams can't test distributed denial-of-service defenses in a vacuum. They need to test during periods of high demand, such as tax-filing deadlines.
Tax-season phishing floods deliver RMM malware, credential theft, BEC and tax-form scams
A large-scale malvertising campaign active since January 2026 has been observed targeting U.S.-based individuals searching for tax-related documents to serve rogue installers for ConnectWise ScreenConnect that drop a tool named HwAudKiller to blind security programs using the bring your own vulnerable driver (BYOVD) technique
Silver Fox pivots from ValleyRAT tax lures to WhatsApp‑style stealers, blending espionage & phishing
Microsoft has warned of fresh campaigns that are capitalizing on the upcoming tax season in the U.S. to harvest credentials and deliver malware
Went from triumph at having busted tax dodgers to embarrassment at losing the proceeds South Korea’s National Tax Service has apologized after it leaked passwords to a stash of stolen crypto, which parties unknown used to make off with the digi-cash.…
South Korea's National Tax Service accidentally exposed the mnemonic recovery phrase of a seized cryptocurrency wallet in an official press release, allowing hackers to steal 6.4 billion won ($4.8M) worth in cryptocurrency. [...]
A Nigerian national was sentenced to eight years in prison for hacking multiple tax preparation firms in Massachusetts and filing fraudulent tax returns seeking over $8.1 million in refunds. [...]
Booz Allen Loses Treasury Work in Move Tied to Trump Waste CrackdownThe U.S. Department of Treasury said it canceled all active contracts with Booz Allen Hamilton, citing data protection failures in handling taxpayer information. Treasury cited a criminal case against Charles Littlejohn, a former employee who leaked the tax returns of President Donald Trump.
Cybersecurity researchers have discovered an ongoing campaign that's targeting Indian users with a multi-stage backdoor as part of a suspected cyber espionage campaign
Direct debits? Maybe February. Birth certificates? Dream on. Council tax bills? Oh, those are coming Hammersmith & Fulham Council says payments are now being processed as usual, two months after a cyberattack that affected multiple boroughs in the UK's capital city.…
The threat actor known as Silver Fox has turned its focus to India, using income tax-themed lures in phishing campaigns to distribute a modular remote access trojan called ValleyRAT (aka Winos 4.0)
The UK’s tax office has received 135,500 reports of suspected scams in the past 10 months including 4800 related to self assessment filings
New ITRC research finds 81% of US small businesses suffered a data or security breach in the past year
China-based phishing groups blamed for non-stop scam SMS messages about a supposed wayward package or unpaid toll fee are promoting a new offering, just in time for the holiday shopping season: Phishing kits for mass-creating fake but convincing e-commerce websites that convert customer payment card data into mobile wallets from Apple and Google. Experts say these same phishing groups also are now using SMS lures that promise unclaimed tax refunds and mobile rewards points.
Also, Envoy Air Confirms Data Compromise Following Clop Extortion CampaignThis week, Qilin didn't hack a Spanish tax agency, Nexperia standoff, Envoy Air confirmed a data compromise, Experian Netherlands fined 2.7M euros, ToolShell used to breach global networks, flaws in TP-Link Omada and Festa VPN routers and a New York firm settled a cybersecurity investigation.
Also: Trader Loses $21M on Hyperliquid, Fund for Tornado Cash Dev DefenseThis week, "Bitcoin Jesus" paid $50M to settle tax charges, a trader lost $21M on Hyperliquid, Ethereum Foundation and Keyring launched fund for Tornado Cash developers, India probing Binance traders, hackers' $32.5M record dump and New York City launched first mayoral blockchain office.