Complete DHS Report for
July 27, 2015
Daily Report
Top Stories
· Fiat Chrysler Automobiles U.S. issued a
voluntary recall and software update July 24 for various 1.4 million model year
2013 – 2015 vehicles with Uconnect systems to increase their security against
remote manipulation. – Autoblog
4. July 24,
Autoblog – (National) FCA issuing software update for 1.4M vehicles to
prevent hacking. Fiat Chrysler Automobiles U.S. issued a voluntary recall
and software update for 1.4 million model year 2013 – 2015 Chrysler 200 and
300, Dodge Charger, Challenger, Viper, Ram, Durango, and Jeep Cherokee and
Grand Cherokee vehicles with 8.4-inch touchscreen Uconnect systems to protect
vehicles from remote manipulation, following reports that a security expert
remotely hacked a vehicle via a cellular connection.
· The U.S. Office of Personnel Management
announced July 23 that access to the Web-based e-QIP system is being
incrementally restored following security upgrades performed in response to
detected vulnerabilities. – Nextgov
19. July 23,
Nextgov – (National) OPM says background check system now back online
after security tweaks. The U.S. Office of Personnel Management announced
July 23 access to the Web-based e-QIP system is being incrementally restored
after security upgrades, including enhanced password protections and secured
transmission of data within the system, were performed in response to detected
vulnerabilities.
Source: http://www.nextgov.com/cybersecurity/2015/07/opm-says-background-check-system-back-online/118503/
· About 87,000 Verizon phone lines in
Santa Monica, California were without service for almost 9 hours July 24 after
water damaged a call routing center July 23. – Los Angeles Daily News See item 28 below in the Communications Sector
· The Louisiana State Police reported
July 24 that an Alabama man indiscriminately shot and killed 2 people and
injured 9 others before shooting himself while attending a movie in Lafayette
July 23. – CNN
29. July 24,
CNN – (Louisiana) Man described as drifter kills 2, himself in
Lafayette, Louisiana movie theater. The Louisiana State Police reported
July 24 that an Alabama man indiscriminately shot and killed 2 people and
injured 9 others before shooting himself while attending a movie in Lafayette
July 23. The theater was evacuated and police are investigating the case.
Financial Services Sector
8. July 23,
KCBS 2 Los Angeles – (California) Retired LAPD detective arrested in series of
‘Snowbird Bandit’ bank robberies. Orange County authorities arrested a
former Los Angeles Police Department detective July 23 on suspicion of being
the ‘Snowbird Bandit,” who robbed at least 5 Orange County banks since March.
9. July 23,
Bay City News Service – (California) Four east coast men arrested
in San Carlos for credit card fraud. San Mateo County officials arrested 4
suspects July 22 after deputies discovered hundreds of fraudulent gift and
credit cards, equipment used to manufacture cards, and various merchandise
valued at $125,000 in their vehicle. Source: http://patch.com/california/sancarlos/four-east-coast-men-arrested-san-carlos-credit-card-fraud
10. July 22,
Reuters – (National) Discover to pay $18.5 mln over student loan
allegations. U.S. regulators reported July 22 that Discover Financial
Services agreed to pay
$18.5 million in penalties and consumer refunds to resolve allegations that
Discover Bank overstated minimum amounts due on billing statements, took unfair
actions on debt collection, and failed to provide basic student loan servicing
functions. Source: http://www.reuters.com/article/2015/07/22/usa-banks-studentloans-idUSL1N1021F620150722
Information Technology Sector
26. July 24,
Securityweek – (International) Red Hat patches “libuser” library
vulnerabilities. Red Hat patched two vulnerabilities in its “libuser” library,
including a race condition flaw that could lead to a denial-of-service (DoS)
condition and a bug in the chfn function of the userhelper utility that an
attacker could leverage to create a DoS condition and achieve privilege
escalation on the system.
Source: http://www.securityweek.com/red-hat-patches-%E2%80%9Clibuser%E2%80%9D-library-vulnerabilities
27. July 24,
SC Magazine – (International) Sophos moves to patch Web Security Appliance
flaws. A security researcher from Info-Assure Ltd discovered two vulnerabilities
in Sophos Security’s Web Appliance prior to version 4.0.4 that could allow
unauthenticated users to read files from the device and inject arbitrary
JavaScript via its management interface. Source: http://www.scmagazineuk.com/sophos-moves-to-patch-web-security-appliance-flaws/article/428301/
For additional stories, see
item 4 above in Top Stories
item 5 below from the Critical
Manufacturing Sector and item 20 below from the Government Facilities Sector
5. July 24,
Computerworld – (International) Firewalls can’t protect today’s connected
cars. Security and automotive experts reported on the risks associated with
Internet-enabled vehicles, including a lack of operational security and
multiple access wireless access points to vehicles’ controller area networks
(CAN). The researchers recommended alternate approaches to vehicle security
such as encrypted CAN messaging
or detection-software. Source: http://www.networkworld.com/article/2951888/security/firewalls-cant-protect-todays-connected-cars.html#tk.rss_all
20. July 23,
FierceGovernmentIT – (National) Census Bureau confirms ‘unauthorized access’ to
system; Anonymous members claim responsibility. The online activist group
Anonymous claimed responsibility July 22 for a cyber-attack on the U.S. Census
Bureau, which leaked non-confidential information including email addresses,
phone numbers,
and job titles of the organization’s 4,200 employees. The organization’s
internal systems were not affected, and the compromised servers have been
locked down. Source: http://www.fiercegovernmentit.com/story/census-bureau-confirms-unauthorized-access-system-anonymous-claims-responsi/2015-07-23
Communications Sector
28. July 24,
Los Angeles Daily News – (California) Verizon phone service
restored in Santa Monica. About 87,000 Verizon phone lines in Santa Monica
were without service for nearly 9 hours July 24 after water damaged a call
routing center July 23, leaving customers unable to make or receive calls from
outside the affected area. Calls to 9-1-1 centers were not affected.Source: http://www.dailynews.com/general-news/20150723/verizon-phone-service-down-in-santa-monica
No comments:
Post a Comment