Friday, April 24, 201

Complete DHS Report for April 24, 2015

Daily Report

Top Stories

 · Deutsche Bank agreed April 23 to pay $2.5 billion to settle allegations that bank employees in London, New York City, Frankfurt, and Tokyo had knowingly manipulated benchmarks used to set interest rates on trillions of dollars in mortgages, student loans, credit cards, and other debt from 2005 – 2009. – New York Times See item 5 below in the Financial Services Sector

 · A 6-mile stretch of eastbound Interstate 16 in Bryan County, Georgia, was closed for at least 6 hours April 22 due to a multi-vehicle, chain-reaction crash that killed 5 individuals, injured 3 others, and damaged 7 vehicles. – Associated Press

8. April 22, Associated Press – (Georgia) 5 nursing students killed in Georgia interstate crash. A 6-mile stretch of eastbound Interstate 16 in Bryan County, Georgia, was closed for at least 6 hours April 22 due to a multi-vehicle, chain-reaction crash that killed 5 individuals, injured 3 others, and damaged 7 vehicles. Source: http://www.wsbtv.com/ap/ap/south-carolina/5-dead-3-injured-in-fiery-crash-on-georgia-interst/nkzpB/

 · The U.S. Department of Agriculture reported April 22 that H5N2 avian flu infections were confirmed on 13 additional Minnesota farms with over 430,000 turkeys. – Associated Press

10. April 22, Associated Press – (Minnesota) Bird flu hits 13 more Minnesota farms with over 430K turkeys. The U.S. Department of Agriculture reported April 22 that H5N2 avian flu infections were confirmed on 13 additional Minnesota farms with ove430,000 turkeys, increasing the total number of farms affected across the State to 44 and the total number of birds affected to 2.6 million. Source: http://minnesota.cbslocal.com/2015/04/22/bird-flu-hits-13-more-minnesota-farms-with-over-430k-turkeys/

 · Repair work was scheduled to begin April 23 on a collapsed sewer line in Davenport, Iowa, that discharged about 3,000 to 5,000 gallons of untreated wastewater per day into tributaries of the Mississippi River. – WQAD 8 Moline

13. April 23, WQAD 8 Moline – (Iowa) Collapsed sewer line sends untreated wastewater into local creeks. The Iowa Department of Natural Resources reported that repair work on a 10-inch sewer line in Davenport was scheduled to begin April 23 after erosion of a stream bank exposed the pipe and led to its collapse, causing the discharge of about 3,000 to 5,000 gallons of untreated wastewater per day into Goose and Duck creeks, which flow into the Mississippi River. Authorities reported that residents should stay away from an unnamed tributary as well as Goose and Duck creeks until 48 hours after the sewer line is repaired. Source: http://wqad.com/2015/04/22/collapsed-sewer-line-sends-untreated-wastewater-into-local-creeks/

Financial Services Sector

5. April 23, New York Times – (International) Deutsche Bank to pay $2.5 billion fine to settle rate-rigging case. U.S. and United Kingdom officials reported April 23 that Deutsche Bank will pay $2.5 billion to authorities to settle allegations that bank employees in London, New York City, Frankfurt, and Tokyo had knowingly manipulated benchmarks used to set interest rates on trillions of dollars in mortgages, student loans, credit cards, and other debt from 2005 – 2009. Other terms included the guilty plea by a British subsidiary, the firing of 7 managers suspected of involvement, and the installation of an independent monitor to confirm that the bank complies with New York laws. Source: http://www.nytimes.com/2015/04/24/business/dealbook/deutsche-bank-settlement-rates.html

For another story, see item 18 below in the Information Technology Sector

Information Technology Sector

16. April 23, Softpedia – (International) Improper parsing of SSID info exposes Wi-Fi client’s memory contents. Security researchers at Alibaba and Google discovered a vulnerability in the cross-platform “wpa_supplicant” Wi-Fi software that affects versions 1.0 – 2.4 with the Config_P2P option turned on and could allow an attacker to create a service set identifier (SSID) buffer overflow condition, potentially exposing sensitive information in the memory of the device and allowing for arbitrary code execution. Source: http://news.softpedia.com/news/Improper-Parsing-of-Wi-Fi-SSID-Info-Exposes-Memory-Contents-479155.shtml

17. April 23, Softpedia – (International) Net Nanny parental control software vulnerable to HTTPS spoofing. Researchers from Carnegie Mellon’s Computer Emergency Response Team (CERT) discovered security vulnerabilities in ContentWatch’s Net Nanny software resulting from its use of man-in-the-middle (MitM) proxies and the same root certificates and private key for all installations, the latter of which is included in plain text in the application. The researchers believe that an attacker could use the key to generate new certificates to spoof legitimate Web sites and avoid user alerts for malicious domains. Source: http://news.softpedia.com/news/Net-Nanny-Parental-Controls-Software-Vulnerable-to-HTTPS-Spoofing-479183.shtml

18. April 23, Help Net Security – (International) Banking botnets persist despite takedowns. Dell SecureWorks released analysis from its annual Top Banking Botnets report revealing that attackers targeted an array of Web sites in addition to traditional banking portals, including those related to corporate finance and payroll services, stock trading, employment portals, and email services in 2014, that over 90 percent of the 1,400 financial institutions targeted worldwide were in the U.S., and that attackers began avoiding countries where international transactions are more difficult, among other findings. Source: http://www.net-security.org/secworld.php?id=18287

19. April 22, Softpedia – (International) Malware uses invisible command line argument in shortcut file. Security researchers at F-Secure discovered that a variant of the Janicab trojan for Microsoft Windows delivered as a link (LNK) file includes invisible shell commands and uses the right-to-left override (RLO) technique to avoid detection. The malware has existed for two years, and uses Python and Visual Basic Scripts (VBScript) to infect machines. Source: http://news.softpedia.com/news/Malware-Uses-Invisible-Command-Line-Argument-in-Shortcut-File-479119.shtml

Communications Sector

20. April 23, WCTI 12 New Bern – (North Carolina) Phone lines back in service in Onslow County. Landline service for Century Link customers in the Jacksonville area of Onslow County was restored April 23 after a disruption due to a faulty piece of equipment that lasted over 24 hours beginning April 22. Source: http://www.wcti12.com/news/phone-lines-down-for-most-of-day-in-jacksonville/32512810

Thursday, April 23, 2015



Complete DHS Report for April 23, 2015

Daily Report

Top Stories

 · Oklahoma’s energy and environment cabinet introduced a Web site April 21 detailing the evidence behind expert studies of the likelihood that wastewater wells are causing the majority of the State’s earthquakes. – New York Times

3. April 21, New York Times – (Oklahoma) Oklahoma recognizes role of drilling in earthquakes. Oklahoma’s energy and environment cabinet introduced a Web site April 21 detailing the evidence behind expert studies of the likelihood that wastewater wells are causing the majority of the State’s earthquakes. The site coincides with a statement by the State-run Oklahoma Geological Survey endorsing that the relationship between oil and gas activity and seismicity were connected over a large area of the State. Source: http://www.nytimes.com/2015/04/22/us/oklahoma-acknowledges-wastewater-from-oil-and-gas-wells-as-major-cause-of-quakes.html

 · Two former employees of New York-based Agape World Inc., were convicted of charges April 21 for their roles in a Ponzi scheme that bilked around 3,800 investors out of about $147 million from 2005 – 2009. – Reuters See item 7 below in the Financial Services Sector

 · Authorities in London arrested a high-frequency trader from Waddell & Reed Financial Inc., and Nav Sarao Milking Markets Ltd., after the U.S. Department of Justice announced criminal charges April 21 in connection to his role in the 2010 “flash crash” that wiped out almost $1 trillion in market value. – Reuters See item 9 below in the Financial Services Sector

 · One person died and at least 23 others were hospitalized by a botulism outbreak connected to a dinner at the Cross Pointe Free Will Baptist Church in Lancaster, Ohio, April 19. – WBNS 10 Columbus

31. April 22, WBNS 10 Columbus – (Ohio) One dead, nearly two dozen hospitalized after botulism outbreak at Lancaster potluck dinner. One person died and at least 23 others were hospitalized by a suspected botulism outbreak connected to a potluck dinner at the Cross Pointe Free Will Baptist Church in Lancaster, Ohio, April 19. Health officials encouraged the approximately 50-60 people who attended the potluck to receive a medical evaluation as a precaution. Source: http://www.10tv.com/content/stories/2015/04/21/lancaster-ohio-several-churchgoers-showing-signs-of-botulism-after-potluck-dinner-in-lancaster.html

Financial Services Sector

7. April 21, Reuters – (New York) Two ex-New York investment firm employees convicted in Ponzi fraud. Two former employees of Long Island-based Agape World Inc., were convicted of charges including securities fraud, conspiracy, and mail fraud April 21 for their roles in a Ponzi scheme that bilked around 3,800 investors out of about $147 million from 2005 – 2009. The pair pocketed about $12.4 million by promising unrealistic returns on investments while paying returns from other investors’ deposits. Source: http://www.reuters.com/article/2015/04/22/us-usa-ponzi-agape-idUSKBN0NC2PC20150422

8. April 21, NorthJersey.com – (National) Romanian charged in ATM scheme extradited to NJ from Spain. A Romanian citizen was arrested and extradited from Spain during the week of April 13 and faced charges April 20 for his alleged role in an ATM-skimming scheme that used card-reading devices and pinhole cameras to steal over $5 million from thousands of Citibank, TD Bank, Wells Fargo, and other financial institutions’ customers on the east coast from 2012 – 2013. Thirteen suspects have been convicted in connection to the scheme. Source: http://www.northjersey.com/news/romanian-charged-in-atm-scheme-extradited-to-nj-from-spain-1.1313568

9. April 21, Reuters – (International) UK speed trader arrested over role in 2010 ‘flash crash’. Authorities in London arrested a high-frequency trader from Waddell & Reed Financial Inc., and Nav Sarao Milking Markets Ltd., after the U.S. Department of Justice (DOJ) announced criminal charges April 21 in connection to his role in the 2010 “flash crash” that wiped out almost $1 trillion in market value, in which he allegedly used an automated program to generate large sell orders that pushed down prices, canceled the orders, and subsequently bought the contracts at lower prices. The DOJ plans to request that the suspect be extradited to the U.S. Source: http://www.reuters.com/article/2015/04/21/us-usa-security-fraud-idUSKBN0NC21220150421

Information Technology Sector

27. April 22, Softpedia – (International) WordPress 4.1.2 fixes critical XSS flaw. WordPress developers announced that the newest release of the blogging platform, 4.1.2, addresses critical security vulnerabilities including a cross-site scripting (XSS) glitch affecting the content management system (CMS) that could allow an attacker to compromise a vulnerable Web site, as well as three other flaws. The release also included increased protection for files that could present a security risk. Source: http://news.softpedia.com/news/WordPress-4-1-2-Fixes-Critical-XSS-Flaw-479043.shtml

28. April 22, Softpedia – (International) White House, US State Department hit with Advanced CozyDuke threat. Security researchers from Kaspersky Lab reported that 2014 cyber-attacks against the White House and the U.S. Department of State were part of an advanced persistent threat (APT) campaign dubbed CozyDuke, also known as CozyBear and CozyCar, and could be connected with the MiniDuke campaign that used spear-phishing emails and malicious attachments and Web sites to target the North Atlantic Treaty Organization (NATO) and European government agencies. Source: http://news.softpedia.com/news/White-House-US-State-Department-Hit-with-Advanced-CozyDuke-Threat-479059.shtml

29. April 22, The Register – (International) ‘No iOS Zone’ Wi-Fi zero-day bug forces iPhones, iPads to crash and burn. Security researchers from Skycure discovered a zero-day denial-of-service (DoS) secure sockets-layer (SSL) vulnerability in Apple’s iOS 8 called “No iOS Zone” that attackers can exploit to create a malicious Wi-Fi hotspot that forces users to connect, and manipulates traffic to cause apps and the operating system (OS) on connected iOS devices to crash, even in offline mode. Source: http://www.theregister.co.uk/2015/04/22/apple_no_ios_zone_bug/

30. April 21, Dark Reading – (International) Zero-day malvertising attack went undetected for two months. Security researchers at Malwarebytes reported that cybercriminals had managed to exploit a zero-day Adobe Flash Player vulnerability patched in February to target U.S. users with the HanJuan exploit kit (EK) containing ransomware embedded in online ads for nearly two months without detection. The attacks infected Web sites belonging to Dailymotion, Huffington Post, and answers.com, among others, and reached over 1 billion users in February alone. Source: http://www.darkreading.com/attacks-breaches/zero-day-malvertising-attack-went-undetected-for-two-months/d/d-id/1320092

Communications Sector

See item 25 below from the Emergency Services Sector

25. April 21, KTVN 2 Reno – (Nevada) Service restored to several counties after AT&T outage. An outage at the emergency 9-1-1 dispatch centers in Pershing, White Pine, Elko, Humboldt, and Lander counties lasted several hours April 21 when vandals severed an AT&T fiber line that also knocked out landline, cell phone, and Internet services. Source: http://www.ktvn.com/story/28859851/att-outage-affecting-several-nevada-counties-1