Friday, January 24, 2014



Complete DHS Report for January 24, 2014

Daily Report

 • The U.S. Department of Justice accused Virginia-based US Investigations Services LLC of defrauding the federal government of millions of dollars by filing more than 660,000 flawed background investigations. – United Press International

13. January 23, United Press International – (National) U.S. accuses firm that vetted NSA contractor of fraud. The U.S. Department of Justice accused Virginia-based US Investigations Services LLC of defrauding the federal government of millions of dollars by filing more than 660,000 flawed background investigations. The company is accused of rushing improperly reviewed background checks through the system and hiding a dumping practice from authorities. Source: http://www.upi.com/Top_News/US/2014/01/23/US-accuses-firm-that-vetted-Snowden-of-fraud/UPI-84301390458900/

 • An analysis of 139 U.S. retailers found 1,035 instances of unique malware infections actively communicating with attackers, averaging 7.5 infections per company. – The Register See item 21 below in the Information Technology Sector

 • Two people were hospitalized and one firefighter was injured after a drug lab exploded at a California apartment complex, leaving at least 146 residents displaced. – KTXL 40 Sacramento

30. January 22, KTXL 40 Sacramento – (California) Explosion rocks Rancho Cordova apartment complex. Two people were hospitalized and one firefighter was injured after a drug lab exploded at a Rancho Cordova apartment complex January 22. At least 146 residents were displaced by the explosion, which forced authorities to shut off services to the building. Source: http://fox40.com/2014/01/22/explosion-rocks-rancho-cordova-apartment-complex/

 • A man was charged with setting at least 10 fires that damaged 3 apartment complexes and a car at an auto dealership in Santa Monica. – Los Angeles Times

34. January 20, Los Angeles Times – (California) Suspected serial arsonist arrested by Santa Monica police. Authorities announced January 20 that a man was charged in connection with setting at least 10 fires that damaged 3 apartment complexes and a car at an auto dealership in Santa Monica during a 10-day span that began December 30, 2013. Source: http://www.latimes.com/local/lanow/la-me-ln-suspected-serial-arsonist-arrested-by-santa-monica-police-20140120,0,6228280.story#axzz2rEyVupz4

Details

Financial Services Sector

4. January 23, Softpedia – (International) Mining pool “Give Me Coins” hacked, 10,000 Litecoins stolen. The administrators of the Give Me Coins virtual currency mining pool stated that the service was compromised by attackers who stole around $230,000 worth of the Litecoin virtual currency. The attackers were believed to have used a SQL injection vulnerability to breach the service. Source: http://news.softpedia.com/news/Mining-Pool-Give-Me-Coins-Hacked-10-000-Litecoins-Stolen-419921.shtml

5. January 21, Denver Post – (Colorado) FDIC sues former execs of United Western Bank to recover on questionable loans. The Federal Deposit Insurance Corporation filed a lawsuit against six former officers and three former directors of the failed United Western Bank, seeking damages related to questionable loans that defaulted and caused $35 million in losses to the bank. Source: http://www.denverpost.com/portal/business/ci_24961568/fdic-sues-ex-uwb-execs-recover-questionable-loans?_loopback=1

For another story, see item 21 below in the Information Technology

Information Technology Sector

20. January 23, Softpedia – (International) Snapchat’s account registration CAPTCHA system hacked. Two researchers separately reported that they developed scripts to automate the solving of Snapchat’s CAPTCHA system, which could allow accounts to be created automatically. Source: http://news.softpedia.com/news/Snapchat-s-Account-Registration-CAPTCHA-System-Hacked-420052.shtml

21. January 23, The Register – (International) When ZOMBIES go shopping; 40m Target customer breach? That’s NOTHING! An analysis of 139 U.S. retailers between November 2013 and January 12 performed by BitSight found 1,035 instances of unique malware infections actively communicating with attackers, averaging 7.5 infections per company. The Neurevt trojan was the most common piece of malware found during the analysis, among other findings. Source: http://www.theregister.co.uk/2014/01/23/retail_malware_epidemic/

22. January 23, SC Magazine – (International) Potentially major XSS/JavaScript flaw found in Office 365. Researchers at Cogmotive identified a vulnerability in Microsoft Office 365 that could allow a user with an organization email to use a JavaScript code to gain full administrator permissions across the organization’s Office 365 environment. The vulnerability was reported to Microsoft and patched. Source: http://www.scmagazineuk.com/potentially-major-xssjavascript-flaw-found-in-office-365/article/330685/

23. January 23, Softpedia – (International) Experts spot third variant of Mac trojan used by governments in targeted attacks. Researchers at Intego identified a new variant of the Crisis trojan that targets Mac OS X systems and has been used by governments in targeted cyberattacks. Source: http://news.softpedia.com/news/Experts-Spot-Third-Variant-of-Mac-Trojan-Used-by-Governments-in-Targeted-Attacks-419899.shtml

24. January 23, Help Net Security – (International) Facebook awards $33,500 bounty for critical flaw. Facebook awarded a security researcher $33,500 as part of its bug bounty program for disclosing an XML external entities (XXE) vulnerability that could be exploited to allow attackers to read arbitrary files on Facebook’s servers. Source: http://www.net-security.org/secworld.php?id=16251

25. January 23, Threatpost – (International) Chrome eavesdropping exploit published. A researcher released exploit code for a vulnerability he reported in Google’s Chrome browser that could allow a malicious Web site to use a computer’s microphone to eavesdrop without the user being aware. Source: http://threatpost.com/chrome-eavesdropping-exploit-published/103798

26. January 22, Softpedia – (International) World Economic Forum’s website plagued by XSS and other security issues. Researchers at High-Tech Bridge identified several security issues on the Web site of the World Economic Forum, including cross-site-scripting (XSS) vulnerabilities, an invalid SSL certificate, and a flaw that exposed the email addresses of individuals who had contacted the organization. Source: http://news.softpedia.com/news/World-Economic-Forum-s-Website-Plagued-by-XSS-and-Other-Security-Issues-419674.shtml

27. January 22, Threatpost – (International) Small number of malicious TOR exit relays snooping on traffic. Researchers reported in a paper that 25 exit relays in the The Onion Router (TOR) network were configured maliciously or in a way that could present a security issue. The malicious or misconfigured exit relays could allow man-in-the-middle attacks and traffic monitoring. Source: http://threatpost.com/small-number-of-malicious-tor-exit-relays-snooping-on-traffic/103771

For another story, see item 4 above in the Financial Services Sector

Communications Sector

Nothing to report