Tuesday, July 1, 2014




Complete DHS Report for July 1, 2014

Daily Report

Top Stories

 • Symantec researchers identified an ongoing, multi-phase cyberattack campaign targeting the energy sector in the U.S. and several other countries. – Securityweek

1. June 30, Securityweek – (International) Energy companies in Europe, US hit by sophisticated attack campaign. Symantec researchers identified an ongoing cyberattack campaign by a group known as Dragonfly or Energetic Bear targeting the energy sector in the U.S. and several other countries. The campaign has used phishing emails, watering hole attacks, and a recently-uncovered compromise of several industrial control system manufacturers’ Web sites. Source: http://www.securityweek.com/energy-companies-europe-us-hit-sophisticated-attack-campaign
 
 • General Motors announced recalls June 27 covering 474,000 vehicles globally, with the largest recall affecting around 467,000 Chevrolet and GMC trucks and SUVs mainly in the U.S. and Canada. – Associated Press

4. June 27, Associated Press – (International) GM issues 3 more recalls covering 474,000 vehicles. General Motors announced recalls June 27 covering 474,000 vehicles globally, with the largest recall affecting around 467,000 model year 2014 and 2015 Chevrolet Silverado, Suburban, and Tahoe, and GMC Sierra and Yukon vehicles mainly in the U.S. and Canada due to a transmission software glitch that could cause the vehicles to shift into neutral on their own. Source: http://www.wzzm13.com/story/news/2014/06/27/gm-recalling-474k-vehicles/11557881/

  • The Alabama Department of Public Health notified over 500 people that their identities may have been stolen from department records as part of an alleged $20 million tax fraud that operated in Alabama and Georgia. – WBMA 58 Birmingham

20. June 27, WBMA 58 Birmingham – (Alabama; Georgia) Alabama Department of Public Health warns patient records may have been compromised. The Alabama Department of Public Health notified over 500 people that their identities may have been stolen from department records as part of a tax fraud scheme in which 10 people have already been indicted for allegedly using the stolen information to file over $20 million in fake tax returns in Alabama and Georgia. Source: http://www.abc3340.com/story/25888518/alabama-department-of-public-health-warns-patient-records-may-have-been-compromised

  • Butler University in Indianapolis informed 163,000 current and past students and employees that their personal and financial information may have been compromised in a hacking incident sometime between November 2013 and May. – WXIN 59 Indianapolis

22. June 30, WXIN 59 Indianapolis – (Indiana; California) Butler alumni, current and prospective students warned of data breach. Butler University in Indianapolis informed 163,000 current and past students and employees that their personal and financial information may have been compromised in a hacking incident sometime between November 2013 and May. The university began its investigation after authorities in California arrested an individual in possession of a flash drive containing information of Butler University employees. Source: http://fox59.com/2014/06/30/butler-university-alumni-current-students-warned-of-data-breach

Financial Services Sector

6. June 30, Securityweek – (International) “Emotet” banking malware steals data via network sniffing. Researchers at Trend Micro identified a new piece of banking malware dubbed Emotet that attempts to steal banking credentials by logging outgoing traffic and comparing it against a list of targeted financial institutions. The malware is distributed via spam emails containing a link to a malicious Web site, and currently is primarily targeting financial institutions in Germany. Source: http://www.securityweek.com/emotet-banking-malware-steals-data-network-sniffing

For another story, see item 20 from the Healthcare and Public Healthcare Sector below:

20. June 27, WBMA 58 Birmingham – (Alabama; Georgia) Alabama Department of Public Health warns patient records may have been compromised. The Alabama Department of Public Health notified over 500 people that their identities may have been stolen from department records as part of a tax fraud scheme in which 10 people have already been indicted for allegedly using the stolen information to file over $20 million in fake tax returns in Alabama and Georgia. Source: http://www.abc3340.com/story/25888518/alabama-department-of-public-health-warns-patient-records-may-have-been-compromised

Information Technology Sector

26. June 30, The Register – (International) London teen charged over Spamhaus mega-DDoS attacks. Authorities in the U.K. charged a teenager for his alleged involvement in several major distributed denial of service (DDoS) attacks against anti-spam service Spamhaus during 2013. The attacks were also led to worldwide disruptions in Internet exchanges and services. Source: http://www.theregister.co.uk/2014/06/30/ddos_charges/

27. June 30, Threatpost – (International) PHP fixes OpenSSL flaws in new releases. The PHP Group released new versions of PHP, closing two vulnerabilities in OpenSSL that are related to timestamps. Source: http://threatpost.com/php-fixes-openssl-flaws-in-new-releases/106908

28. June 30, Help Net Security – (International) Google Drive update fixes data-leaking flaw. Google closed a security issue in its Google Drive service that previously allowed some files shared with a direct link to be accessed by unauthorized third parties. Some files could still be seen by unauthorized parties, and Google advised users with files that met certain criteria to remove them. Source: http://www.net-security.org/secworld.php?id=17067

For another story, see item 1 above in Top Stories

Communications Sector

See item 25 below from the Emergency Services Sector

25. June 26, Salem Statesman Journal – (Oregon) 9-1-1 service restored in north end of valley. Frontier Communications announced June 26 that a telephone fiber was severed during road construction work near the city of Dundee prompting an outage of emergency 9-1-1 landline phone service, regular landline service, and Internet access in parts of Mid-Valley that lasted for more than 4 hours. Source: http://www.statesmanjournal.com/story/news/2014/06/26/service-restored-north-end-valley/11429945/