Complete DHS Report for
June 1, 2015
Daily Report
Top Stories
· AEP/SWEPCO
reported May 28 that service had been restored to 54,000 of the 60,000 homes
and businesses that had lost power due to severe storms that moved through
Texas May 25. – Mount Pleasant Daily Tribune
3. May 29,
Mount Pleasant Daily Tribune – (Texas) Power largely restored. AEP/SWEPCO
reported May 28 that service had been restored to 54,000 of the 60,000 homes
and businesses that had lost power due to severe storms that moved through the
area on May 25. Source: http://www.dailytribune.net/news/power-largely-restored/article_5272945e-0606-11e5-a93b-83f439289ef0.html
· Fiat
Chrysler Automobiles announced plans to recall an additional 1.4 million
vehicles globally in connection to an issue with air bags manufactured by the
Takata Corporation.– USA Today
6. May 29,
USA Today – (International) Automakers add millions more cars to
Takata air bag recalls. Fiat Chrysler Automobiles announced plans to recall
an additional 1.4 million vehicles globally, Honda Motor Company, Ltd., added
350,000 vehicles in the U.S., and BMW added 420,100 in the U.S. in connection
to an issue with air bags manufactured by the Takata Corporation that could
cause them to prematurely inflate or explode, increasing the risk of injury and
crashes to drivers and passengers. Source: http://www.usatoday.com/story/money/cars/2015/05/28/automakers-takata-recall-nhtsa/28074627/
· Security
researchers discovered a malware campaign, dubbed Grabit, which has infiltrated
businesses worldwide with a commercial keylogger called HawkEye and several
remote administration tools distributed via emails. – Softpedia See item 22 below in the Information Technology Sector
· Security
researchers identified over 50 vulnerabilities in network-attached storage and
network video recorder products from D-Link, including information leakage,
authentication flaws, CGI vulnerabilities, input validation problems, and Web
page issues. – Securityweek See item 23 below in the Information Technology Sector
Financial Services Sector
8. May 29,
Asbury Park Press – (New Jersey) Jackson man admits $6M mortgage scam. A
former loan officer in North Jersey pleaded guilty May 28 to his role in a $6
million mortgage fraud scheme in which he allegedly conspired with 9 others to
target 15 institutions in Newark and Elizabeth and used information about
potential “straw buyers” along with falsified documents to obtain mortgage
loans. Authorities believe the scheme caused establishments around $10 million
in losses over a 4-year period. Source: http://www.app.com/story/news/crime/jersey-mayhem/2015/05/28/joseph-divalli-jackson-mortgage-scam/28080355/
9. May 28,
Leesburg Today – (Virginia) Bicycle Bank Bandit indicted on 16 counts. The
suspect dubbed the “Bicycle Bandit” was indicted May 28 on charges that he
allegedly robbed 5 Northern Virginia banks and attempted to rob another between
2013 – 2015. The suspect was originally charged in March but escaped from a
hospital where he was receiving treatment, triggering a large manhunt. Source: http://www.leesburgtoday.com/news/bicycle-bank-bandit-indicted-on-counts/article_f0d74f9e-0576-11e5-b96c-97fc7e4608bc.html
Information Technology Sector
22. May 29, Softpedia – (International) Non-sophisticated
malware steals thousands of credentials from targeted SMBs. Security
researchers from Kaspersky discovered a large malware campaign, dubbed Grabit
that has infiltrated small and medium businesses worldwide across a variety of
sectors with a commercial keylogger called HawkEye and several remote
administration tools (RATs) distributed via emails containing malicious
macro-laden Microsoft Word documents. The researchers reported that the
campaign has collected about 10,000 files from the U.S., India, and Thailand
since February. Source: http://news.softpedia.com/news/Non-Sophisticated-Malware-Steals-Thousands-of-Credentials-from-Targeted-SMBs-482696.shtml
23. May 29, Securityweek – (International) Researchers
find over 50 security flaws in D-Link NAS, NVR devices. Security
researchers at SEARCH-LAB identified over 50 vulnerabilities in
network-attached storage (NAS) and network video recorder (NVR) products from
D-Link, including information leakage, authentication flaws, CGI
vulnerabilities, input validation problems, and Web page issues, some of which
attackers could exploit remotely to execute arbitrary code and take over
affected devices. Source: http://www.securityweek.com/researchers-find-over-50-security-flaws-d-link-nas-nvr-devices
24. May 29, Threatpost – (International) Angler
Exploit Kit exploiting new Adobe vulnerability, dropping CryptoWall 3.0. A
security researcher at SANS Internet Storm Center discovered variants of the
Angler Exploit Kit (EK) dropping CryptoWall ransomware on affected machines for
the first time, and security researchers at FireEye observed that the EK added
a recent Adobe Flash Player vulnerability in which attackers could exploit a
race condition in its shader class to execute arbitrary code.. Source: https://threatpost.com/angler-exploit-kit-exploiting-new-adobe-vulnerability-dropping-cryptowall-3-0/113044
For another story, see
item 25 below from the Commercial Facilities Sector
25. May 29, Security Week – (International) Sally
Beauty: Cybercriminals planted malware on PoS Systems for 6 weeks. Sally
Beauty announced May 28 that cybercriminals had deployed malware on multiple
company point-of-sale (PoS) systems between March and April, and that it had
cleaned the malware from all affected systems. The company believes attackers
accessed names, credit and debit card numbers, expiration dates, cardholder
verification values, and service codes in the breach. Source: http://www.securityweek.com/sally-beauty-cybercriminals-planted-malware-pos-systems-6-week
Communications Sector
See item 22 above in the Information Technology
Sector
No comments:
Post a Comment