Complete DHS Report for
November 5, 2015
Daily Report
Top Stories
• U.S. auto safety
regulators fined Takata Corporation November 3 for deliberately mishandling a
recall of more than 23 million air bags that have contributed to the death of
at least 7 Americans. – CBS News
5. November
3, CBS News – (International) Takata fined up to $200 million for air bag
bungle. U.S. auto safety regulators fined Japanese automotive parts maker Takata
Corporation November 3 for deliberately mishandling a recall of more than 23
million air bags that have contributed to the death of at least 7 Americans.
Takata will be forced to pay up to $200 million in penalties, stop all sales of
inflators that use ammonium nitrate propellant, and will be subject to Federal
oversight for 5 years, among other requirements. Source: http://www.cbsnews.com/news/takata-fined-up-to-200-million-for-air-bag-bungle
• The Federal U.S.
Attorney’s Office announced November 3 that nine Jacksonville, Florida
residents were charged for allegedly defrauding the supplemental nutrition
assistance program (SNAP) of more than $1.8 million by redeeming SNAP benefits
through unauthorized Electronic Benefits Transfers. – WJXT 4 Jacksonville
20. November
3, WJXT 4 Jacksonville – (Florida) 9 indicted for SNAP fraud in
Jacksonville. The Federal U.S. Attorney’s Office announced November 3 that
9 Jacksonville, Florida residents were charged for allegedly defrauding the
supplemental nutrition assistance program (SNAP) of more than $1.8 million by
reportedly redeeming SNAP benefits through unauthorized Electronic Benefits
Transfers, and for setting up fake stores at local homes that never sold goods.
Six suspects were in custody while the remaining 3are still on the run. Source: http://www.news4jax.com/news/9-indicted-for-snap-fraud-in-jacksonville/36230982
• Researchers from
Akamai discovered a new spam botnet in the wild, dubbed Torte that infects
machines via Executable and Linkable Format Linux binaries and Hypertext
Preprocessor scripts placed on the targeted server’s filesystem. – Softpedia
See item 22 below in the Information Technology Sector
• FireEye
researchers discovered the malware XcodeGhost is still active and has evolved
to support Xcode 7 and iOS 9, allowing attackers collect information from
infected devices and open arbitrary Web sites. – Securityweek See item 23 below in the Information Technology Sector
Financial Services Sector
See item 21 below from the Government Facilities
Sector
21. November
3, MLive.com – (Michigan) Roofing company pleads guilty in unemployment
fraud case over ‘banking hours.’ Lutz Roofing Company in Shelby Township
pleaded guilty November 2 to defrauding Michigan’s Unemployment Insurance
Agency of more than $104,000, and multiple health care plans of more than
$70,000 by allowing part-time employees to file for full unemployment benefits
and log ‘banking hours,’ as well as directing workers to falsely reports
on-the-job injuries in order to obtain health care benefits. Source: http://www.mlive.com/news/detroit/index.ssf/2015/11/roofing_company_pleads_guilty.html
Information Technology Sector
22. November
3, Softpedia – (International) Spam botnet leverages vulnerable WordPress
sites. Researchers from Akamai Security Intelligence Research Team (SIRT)
discovered a new spam botnet in the wild dubbed Torte that infects machines via
Executable and Linkable Format (ELF) Linux binaries and Hypertext Preprocessor
(PHP) scripts placed on the targeted server’s filesystem after the SIRT team
received a suspicious PHP script for analysis. The botnet is one of the largest
in recent years and accounts for 83,000 infections across 2 of 4 infection
layers. Source: http://news.softpedia.com/news/spam-botnet-leverages-vulnerable-wordpress-sites-495659.shtml
23. November
3, Securityweek – (International) XcodeGhost Malware updated to target iOS 9. FireEye
researchers discovered the malware XcodeGhost designed to target Apple’s mobile
operating system (iOS) and graphical interface operating systems (OS X) is
still active and has evolved to support Xcode 7 and iOS 9, allowing attackers
to perform various actions including collecting information from infected
devices and opening arbitrary Web sites. The malware has primarily targeted
China, Germany, and the U.S. Source: http://www.securityweek.com/xcodeghost-malware-updated-target-ios-9
24. November
3, Securityweek – (International) Malware served via anti-adblocking service
pagefair. The anti-adblocking solutions provider, PageFair reported hackers
breached its systems after gaining access to a key email account via a spear
phishing attack, which allowed attackers to hijack the content delivery network
MaxCDN account and change its settings to replace the legitimate analytics
JavaSript tag with malware disguised as an Adobe Flash Player update. PageFair
reported that just 2.3 percent of the affected Web sites’ visitors were at risk
of infection before neutralizing the attack. Source: http://www.securityweek.com/malware-served-anti-adblocking-service-pagefair
25. November
3, The Register – (International) Password reset invoked after vBulletin.com
forum software site defaced. The official Web site of vBulletin.com was
compromised October 30 following a hacker attack that used the handle
“Coldzer0” by exploiting a zero-day vulnerability in its systems to hack its
Web site and other Web sites powered by the company. User data including user
names, email addresses, security questions and answers, and password salts were
exposed, and as a precaution, vBulletin reset all account passwords. Source: http://www.theregister.co.uk/2015/11/03/vbulletin_forum_software_hacked_defaced/
Communications Sector
26. November
3, Washington Post – (Maryland) Hilton, M.C. Dean being fined for blocking guests’
Wi-Fi. The U.S. Federal Communications Commission announced November 2 that
Hilton Worldwide and M.C. Dean face a total of $750,000 in fines related to
complaints that revealed the companies allegedly obstructed people from accessing
personal Wi-Fi hot spots at the Baltimore Convention center. M.C. Dean also
faces fines for failure to cooperate with the investigation that revealed the
hotel chain blocked Wi-Fi access at its properties. Source: https://www.washingtonpost.com/news/capital-business/wp/2015/11/03/hilton-m-c-dean-being-fined-for-blocking-guests-wi-fi/
No comments:
Post a Comment