Complete DHS Report for October 5, 2015
• A Romanian citizen in Florida pleaded guilty October 1 in connection to an ATM scheme where criminals installed skimming devices and made multiple illegal withdrawals at SunTrust bank branches from 2013 – 2015. – South Florida Sun Sentinel See item 5 below in the Financial Services Sector
• A California resident was accused October 1 of operating a worldwide pyramid scheme that raised over $32 million by misleading investors about a non-existent initial public offering for USFIA Inc. – U.S. Securities and Exchange Commission See item 6 below in the Financial Services Sector
• An alleged shooter was killed by police after the suspect killed 9 students and injured at least 10 others at Umpqua Community College in Oregon October 1. – Washington Post
12. October 2, Washington Post – (Oregon) Oregon shooter said to have singled out Christians for killing in ‘horrific act of cowardice.’ An alleged shooter was killed by police following an exchange of gunfire after the shooter armed with 4 guns, killed 9 students and injured at least 10 others after entering classrooms of Umpqua Community College in Oregon October 1. The school was evacuated and authorities continue to investigate the incident. Source: http://www.washingtonpost.com/news/morning-mix/wp/2015/10/02/oregon-shooter-said-to-have-singled-out-christians-for-killing-in-horrific-act-of-cowardice/
• T-Mobile announced October 1 that the personal information of 15 million customers was compromised after a third-party vendor was hacked between September 2013 and September 2015. – Softpedia See item 20 below in the Communications Sector
Financial Services Sector
5. October 1, South Florida Sun Sentinel – (National) South Florida ATM skimmer pleads guilty, apologizes. A Romanian citizen living in south Florida who was arrested June 1 in North Carolina pleaded guilty October 1 in connection to an ATM-skimming scheme in which criminals installed skimming devices and made multiple illegal withdrawals at SunTrust bank branches in Broward, Palm Beach, and Miami-Dade counties as well as banks in Tennessee, Georgia, North and South Carolina, Virginia, and Maryland from 2013 – 2015.
6. October 1, U.S. Securities and Exchange Commission – (International) SEC halts $32 million scheme that promised riches from amber mining. The U.S. Securities and Exchange Commission announced October 1 charges and asset freezes against a California resident accused of operating a worldwide pyramid scheme via 13 California-based entities which raised over $32 million by misleading investors about a non-existent initial public offering for USFIA Inc., and claims that the company owned several large, valuable amber mines in Argentina and the Dominican Republic.
For another story, see item 20 below in the Communications Sector
Information Technology Sector
16. October 2, Help Net Security – (International) Unexpectedly benevolent malware improves security of routers, IoT devices. Security researchers from Symantec discovered an apparently benevolent botnet scheme targeting Internet of things (IoT)-connected devices utilizing code dubbed Wifatch that aims to protect devices from attacks via threat updates and removal of known malware families, among other features. Source: http://www.net-security.org/malware_news.php?id=3120
17. October 2, Softpedia – (International) Latest Upatre trojan version targets Windows XP users. Researchers from AppRiver reported a new spam-scareware campaign targeting Microsoft Windows XP users with ZIP archives containing the Upatre trojan, which primarily acts as an entry point for other infections including Dryeza, Rovnix, Crilock, and Zeus, and shuts down when executed on a non-Windows XP platform. Source: http://news.softpedia.com/news/latest-upatre-trojan-version-targets-windows-xp-users-493401.shtml
18. October 2, Softpedia – (International) Stored XSS in Jetpack plugin allows attackers to run code in the WordPress backend. Security researchers from Sucuri discovered a persistent cross-site scripting (XSS) vulnerability in Automattic’s Jetpack WordPress plugin versions 3.7 and lower in which an attacker could run malicious code that would execute whenever a WordPress administrator access the Feedback section of the admin panel, by crafting a malicious email string that would end up in the WordPress database. The development team released version 3.7.1 patching the XSS bug.
19. October 1, Softpedia – (International) HTTP denial of service vulnerability found in Node.js 4.x and io.js 3.x. Node reported the existence of a hypertext transfer protocol (HTTP) denial-of-service (DoS) vulnerability affecting recent Node.js and io.js platforms, and urged users to migrate back to a previous version until a fix is released. Source: http://news.softpedia.com/news/http-denial-of-service-vulnerability-found-in-node-js-4-x-and-io-js-3-x-493363.shtml
20. October 1, Softpedia – (National) Experian hacked, data for 15 million T-Mobile customers lost. T-Mobile announced October 1 that the names, addresses, Social Security numbers, and birthdates of 15 million customers was compromised after Experian, a third-party vendor that processes the company’s credit applications, was hacked between September 2013 and September 2015. Source: http://news.softpedia.com/news/experian-hacked-data-for-15-million-t-mobile-customers-lost-493377.shtml
Complete DHS Report for October 2, 2015
• Officials reported September 28 that the number of information security incidents affecting systems supporting the Federal Government grew 1,121 percent since 2006 and the number of incidents involving personal identifiable information more than doubled from 2009 to 2014. – Network World
23. September 30, Network World – (National) Network security weaknesses plague federal agencies. The U.S. Government Accountability Office released a report the week of September 28 which found that the number of information security incidents affecting systems supporting the Federal Government grew 1,121 percent since 2006 and that the number of incidents involving personal identifiable information (PII) more than doubled from 2009 to 2014. The report also detailed how information and systems remain at high risk of unauthorized access and disruption, and that weaknesses existed at effectively implementing security controls, among other findings.
• Apple released OS X version 10.11 El Capitan to address over 100 security vulnerabilities. – Threatpost See item 25 below in the Information Technology Sector
• Researchers discovered a series of Android media processing vulnerabilities, dubbed Stagefright 2.0, affecting over 1 billion devices which could allow an attacker to trick users into visiting maliciously crafted Web sites. – IDG News Service See item 26 below in the Information Technology Sector
• Researchers disclosed a critical zero day WinRAR remote code execution vulnerability affecting up to 500 million users, where an attacker could inject malicious code into an archive that would automatically execute upon unzipping. – Computerworld See item 27 below in the Information Technology Sector
Financial Services Sector
6. September 30, KDKA 2 Pittsburgh – (Pennsylvania) Feds seize assets, cash from woman accused in $15M embezzlement scheme. Federal authorities were investigating a former Matthews International Corporation treasurer specialist in Pittsburgh and seized millions of dollars in cash and assets September 30 in connection to an alleged fraud scheme in which the suspect allegedly took $15 million from the company since 2003. Source: http://pittsburgh.cbslocal.com/2015/09/30/feds-seize-assets-cash-from-woman-accused-in-15m-embezzlement-scheme/
Information Technology Sector
25. October 1, Threatpost – (International) Apple patches 100+ vulnerabilities in OS X, Safari, iOS. Apple released OS X version 10.11 El Capitan addressing over 100 security vulnerabilities, including 20 hypertext preprocessor (PHP) flaws, XARA password stealing vulnerabilities which could allow an attacker to use a malicious application to access a user’s keychain, and 45 issues in the Safari 9 Web browser, among others. Source: https://threatpost.com/apple-patches-100-vulnerabilities-in-os-x-safari-ios/114876/
26. October 1, IDG News Service – (International) New Android vulnerabilities put over a billion devices at risk of remote hacking. Security researchers from Zimperium discovered a series of Android media processing vulnerabilities, dubbed Stagefright 2.0, affecting over 1 billion devices which could allow an attacker to trick users into visiting maliciously crafted Web sites that would exploit the flaws and lead to remote code execution on almost all devices starting with version 1.0 of the operating system (OS). Source: http://www.computerworld.com/article/2988157/android/new-android-vulnerabilities-put-over-a-billion-devices-at-risk-of-remote-hacking.html
27. September 30, Computerworld – (International) Critical flaw puts 500 million WinRAR users at risk of being pwned by unzipping a file. Security researchers disclosed a critical zero day WinRAR remote code execution vulnerability affecting up to 500 million users, in which an attacker could inject malicious code into an archive that would automatically execute upon unzipping. The vulnerability can be exploited without system user privileges or user interaction. Source: http://www.computerworld.com/article/2987749/cybercrime-hacking/critical-flaw-puts-500-million-winrar-users-at-risk-of-being-pwned-by-unzipping-a-file.html
Nothing to report