Complete DHS Report for February 5, 2016
• Honda Motor Co., Ltd. expanded a February 1 recall February 3 and added an additional 2.23 million of its Acura and Honda vehicles due to potentially defective Takata PSDI-5 driver-side inflators which could rupture and kill vehicle occupants. – Reuters
2. February 4, Reuters – (International) Honda adds 2.2 million vehicles to Takata air bag recall. Honda Motor Co., Ltd. expanded a February 1 recall February 3 and added an additional 2.23 million of its model years 2005 – 2016 Acura and Honda vehicles sold in the U.S., following the recall of 269,000 similar models sold in Canada that were equipped with potentially defective Takata PSDI-5 driver-side inflators which could rupture and kill vehicle occupants. The automaker also recalled 341,000 of its model years 2008 – 2010 Honda Accords due to a defect in the supplemental restraint system’s electronic control unit, which could result in airbags failing to deploy.
• A boil water advisory was issued February 4 for thousands of businesses, residents, and five schools in North Fort Worth after an operational error led to the draining of an elevated water tank. – KTVT 11 Fort Worth
8. February 4, KTVT 11 Fort Worth – (Texas) Thousands told to boil drinking water in far North Fort Worth. A boil water advisory was issued February 4 for thousands of businesses, residents, and five schools in North Fort Worth while officials run contamination test following an operational error that lead to the draining of an elevated water tank, resulting in a dramatic pressure decrease in parts of the water system. The drop in pressure could allow microbes and harmful bacteria to get into the water. Source: http://dfw.cbslocal.com/2016/02/04/thousands-asked-to-boil-drinking-water-far-north-fort-worth/
• The governor of Florida declared a state of emergency February 3 in four counties where a total of nine people were diagnosed with travel-related cases of the Zika virus. – ABC News
11. February 3, ABC News – (Florida) Florida gov. declares state of emergency in counties with Zika virus. The governor of Florida declared a state of emergency February 3 in four counties where a total of nine people were diagnosed with travel-related cases of the Zika virus. The Florida Department of Health is working with Federal health officials and medical centers in the State to monitor the virus. Source: http://abcnews.go.com/Health/florida-gov-declares-state-emergency-counties-zika-virus/story?id=36696887
• The U.S. Internal Revenue Service announced that it suffered a hardware failure February 3, which caused several of its tax processing systems to go offline through at least February 4 while the agency worked to repair and restore operations. – USA Today; Associated Press
13. February 4, USA Today; Associated Press – (National) IRS computer problems shut down e-file system. The U.S. Internal Revenue Service announced that it suffered a hardware failure February 3, which caused several of its tax processing systems to go offline through at least February 4 while the agency worked to repair and restore operations. Source: http://www.usatoday.com/story/money/business/2016/02/03/irs-computer-problems/79792890/
Financial Services Sector
3. February 3, KRGV 5 Weslaco – (International) 2 doctors facing charges in wire fraud case. Two doctors from a family medicine clinic in Mexico were charged February 3 for their roles in a $5 million insurance benefits scheme in which the pair allegedly conspired with American Family Life Insurance Company (AFLAC) policyholders to prepare over 50,000 fraudulent claim forms and accident reports, file the false claims in the McAllen area, and then deliver the claims to the clinic in Mexico to receive benefit checks from the insurance company from September 2001 – August 2010.
For another story, see item 13 above in Top Stories
Information Technology Sector
16. February 4, SecurityWeek – (International) Cisco patches high severity flaws in several products. Cisco released software updates for its Application Policy Infrastructure Controller (APIC) and several other products that patched high severity vulnerabilities including a denial-of-service (DoS) flaw in Nexus 900 switches, a remote authentication flaw in ASA-CX and Prime Security Manager (PRSM), and a logic issue in the role-based access control (RBAC) processing code that allowed unauthenticated attackers to make configuration changes. In addition, Cisco released advisories detailing three medium severity issues that have yet to be patched.
17. February 4, SecurityWeek – (International) Serious Crypto flaw found in Socat tool. A security researcher from Microsoft discovered a backdoor in the networking utility, Socat versions 220.127.116.11 and 2.0.0-b8 that could allow attackers to eavesdrop on communications and recover the shared secret from a key exchange within its encrypted channels after finding that to the “p” parameter in 1024-bit Diffie-Hallman (DH) was not prime. Source: http://www.securityweek.com/serious-crypto-flaw-found-socat-tool
18. February 4, SecurityWeek – (International) Flaws expose Sauter SCADA systems to takeover. Sauter released firmware updates for its moduWEB Vision SCADA products after a researcher from Outpost24 discovered multiple vulnerabilities could be exploited by a remote attacker to take control of the products via a pass the hash attack. The attack can be administered through the use of default accounts, which have the password hash for the administrative account as a backup feature.
19. February 3, Computerworld – (International) Google expands Chrome’s Safe Browsing defenses to sniff out ad scams. Google reported February 3 that it is expanding its Safe Browsing technology to help protect users from misleading embedded content, such as social engineering ads which deceived users into providing their personal information and convinced users to download malware disguised as updates for name-brand software. Source: http://www.computerworld.com/article/3029735/internet/google-expands-chromes-safe-browsing-defenses-to-sniff-out-ad-scams.html#tk.rss_security
20. February 3, SecurityWeek – (International) Microsoft EMET adds Windows 10 compatibility. Microsoft released updated version 5.5 for its Enhanced Mitigation Experience Toolkit (EMET) to include Windows 10 capability and several other improvements including enhanced writing of the mitigations to the registry, ease in leveraging existing tools to manage EMET mitigations via Group Policy (GPO), and support for untrusted fonts mitigation in Windows 10.
Nothing to report
Complete DHS Report for February 4, 2016
• Severe snow storms traveling across the Midwest closed 14 highways in several States, cancelled more than 950 nationwide flights February 2 – February 3, and prompted school closures to remain in effect February 2. – CNN
6. February 3, CNN – (National) Winter storm buries parts of Midwest; sets off tornadoes in deep South. Severe snow storms traveling across the Midwest closed 14 highways in several States, cancelled more than 950 national flights February 2 – February 3, created tornadoes in Mississippi and Alabama, and prompted schools to remain closed February 2 in response to the storm.
• A former U.S. Nuclear Regulatory Commission scientist pleaded guilty February 2 and admitted to an attempted cyberattack on U.S. government computers in an attempt to extract sensitive information on nuclear weapons that could be passed to a foreign country. – Associated Press
13. February 2, Associated Press – (International) Guilty plea in attempted cyberattack on US govt. computers. A former U.S. Nuclear Regulatory Commission (NRC) scientist pleaded guilty February 2 and admitted to an attempted cyberattack on U.S. government computers where he spear-phished U.S. Department of Energy employees with emails that he thought contained a virus in order to extract sensitive information on nuclear weapons that could be passed to a foreign country. The former NRC scientist entered a foreign embassy in the Philippines and offered to sell more than 5,000 addresses of government employees in exchange for over $18,000. Source: http://www.foxnews.com/us/2016/02/02/guilty-plea-in-attempted-cyber-attack-on-us-govt-computers.html
• Microsoft issued a recall February 2 for about 2.25 million of its AC power cords sold with its Surface Pro convertible tablet devices due to the power cords overheating, emitting flames, and posing electrical shock hazards. – Reuters See item 2 below in the Information Technology Sector
• A February 3 fire at a Highland Park warehouse housing multiple businesses caused extensive damage to the facility, prompted an evacuation of surrounding areas, and caused a boil water advisory for area residents, among other actions. – Detroit News
25. February 3, Detroit News – (International) Highland Park issues boil water alert amid massive fire. A February 3 fire at a Highland Park warehouse housing multiple businesses caused extensive damage to the facility, prompted an evacuation of surrounding areas, caused a boil water advisory for area residents, and closed the George Washington Carver Elementary school due to impact of the fire. Officials were working to determine the cause of the fire and were assessing the total amount of damages. Source: http://www.detroitnews.com/story/news/local/wayne-county/2016/02/03/highland-park/79742504/
Financial Services Sector
4. February 2, Reuters – (National) Morgan Stanley to pay $63 million U.S. mortgage bond settlement: FDIC. The U.S. Federal Deposit Insurance Corp. (FDIC) announced February 2 that Morgan Stanley agreed to pay $62.95 million to settle allegations that the bank misrepresented securities in offering documents and sold toxic mortgage-backed securities to 3 banks, the Colonial Bank of Montgomery, Alabama; Security Savings Bank of Henderson, Nevada; and United Western Bank of Denver, which later failed. Source: http://www.reuters.com/article/us-morgan-stanley-settlement-idUSKCN0VB249
Information Technology Sector
19. February 3, Softpedia – (International) Dual-Mode DMA ransomware cracked, users can recover files for free. Security researchers from Malwarebytes discovered a flaw in the DMA ransomware that could allow victims to decrypt their encrypted files without paying the ransomware after discovering that the ransomware’s encryption key was hard-coded in its binary, allowing victims to re-download the malicious file and input the encryption key inside the ransom note to unlock their files. Source: http://news.softpedia.com/news/dual-mode-dma-ransomware-cracked-users-can-recover-files-for-free-499848.shtml
20. February 3, SecurityWeek – (International) WordPress 4.4.2 patches open redirect, SSRF flaws. WordPress released version 4.4.2 for its content management system that patched an open redirection vulnerability, a server-side request forgery (SSRF) which affected certain local Uniform Resource Identifiers (URLs), and 17 flaws affecting WordPress versions 4.4 and 4.4.1.
21. February 3, SecurityWeek – (International) Comodo browser breaks security: Google researcher. A researcher from Google found that the Chromodo web browser that comes installed with Comodo’s Internet Security product disables the same origin policy (SOP) and effectively turns off all Web security, allowing malicious scripts opened in one browser to interact with other windows and infect several systems. Comodo released a patch to fix the vulnerability, but researchers found the patch was ineffective. Source: http://www.securityweek.com/comodo-browser-breaks-security-google-researcher
22. February 2, Reuters – (National) Microsoft recalls 2.3 mln power cords sold with Surface Pro tablets. Microsoft issued a recall February 2 for about 2.25 million of its AC power cords sold with certain models of the Microsoft Surface Pro convertible tablet devices after the company received a total of 61 consumer reports that the power cords overheated, emitted flames, and posed electrical shock hazards. Source: http://www.cnbc.com/2016/02/02/microsoft-recalls-23-mln-power-cords-sold-with-surface-pro-tablets.html
Nothing to report