Friday, June 26, 2015




Complete DHS Report for June 26, 2015

Daily Report

Top Stories

 · Fiat Chrysler is recalling 164,000 model year 2014 – 2015 Jeep Cherokee vehicles worldwide to address an issue in which water could get into the vehicle’s power rear lift gate controls, posing a risk of fire. – Associated Press

5. June 24, Associated Press – (National) Fiat Chrysler issues recall for 164,000 Jeep Cherokees. Fiat Chrysler is recalling 164,000 model year 2014 – 2015 Jeep Cherokee vehicles worldwide to address a seal issue in which water could get into the vehicle’s power rear lift gate controls, posing a risk of fire. The company will install shields and replace control modules exposed to water. Source: http://www.nytimes.com/2015/06/25/business/fiat-chrysler-issues-recall-for-164000-jeep-cherokees.html?_r=0

 · Authorities arrested a second Clinton Correctional Facility prison guard June 24 for allegedly trading tools to the escaped convicts in exchange for artwork. – NBC News

17. June 25, NBC News – (New York) New York prison guard allegedly swapped artworks for tools. Authorities arrested a second Clinton Correctional Facility prison guard June 24 for his role in the escape of two fugitive convicts. The guard allegedly accepted paintings from the convicts in exchange for tools, in which the paintings were allegedly burned and destroyed around the time of the escape. Source: http://www.nbcnews.com/storyline/new-york-prison-escape/new-york-prison-guard-gene-palmer-allegedly-took-escapees-paintings-n381531

 · European authorities from six countries, Europol, and Eurojust arrested five suspects in Ukraine believe to be part of a major cybercriminal ring that infected tens of thousands of users’ computers worldwide with banking Trojans. – Help Net Security (See item 22) below in the Information Technology Sector

 · Ionia County, Michigan declared a state of emergency after a June 22 tornado heavily damaged 70 homes, more than 12 businesses, and at least 4 churches. – Lansing State Journal

35. June 24, Lansing State Journal – (Michigan) 70 homes, many businesses damaged in tornado. Ionia County, Michigan declared a state of emergency after a June 22 tornado heavily damaged 70 homes, more than 12 businesses, and at least 4 churches. Clean-up crews were deployed and repairs to the city are ongoing. Source: http://www.lansingstatejournal.com/story/news/local/2015/06/23/update-homes-many-businesses-damaged-portland-tornado/29163575/

Financial Services Sector

7. June 23, New Hampshire Union Leader – (New Hampshire) St. Mary’s Bank issues new debit cards following breach. St. Mary’s Bank officials in Manchester, New Hampshire reported June 23 that the bank was reissuing 5,029 debit cards and replacing about $25,000 in funds after about 160 cards were found to have been compromised in a breach. Source: http://www.unionleader.com/article/20150623/NEWS02/150629609

For additional stories, see items 22 and 23 below in the Information Technology Sector

Information Technology Sector

21. June 25, Help Net Security – (International) Samsung disables Windows Update, undermines the security of your devices. A security researcher discovered that the Samsung SW Update software for Microsoft Windows personal computers (PCs) runs an executable file upon start-up that disables Windows Update to prevent driver and update software conflicts, posing a security risk to users. Microsoft has reportedly contacted Samsung to address the issue. Source: http://www.net-security.org/secworld.php?id=18553

22. June 25, Help Net Security – (International) The downfall of a major cybercrime ring exploiting banking trojans. European authorities from six countries along with Europol and Eurojust arrested five suspects in Ukraine believed to be part of a major cybercriminal ring that developed, exploited, and distributed Zeus and SpyEye malware, actively traded stolen credentials, laundered profits, and infected tens of thousands of users’ computers worldwide with banking Trojans. Source: http://www.net-security.org/malware_news.php?id=3064

23. June 25, Help Net Security – (International) Why a Dyre infection leads to more than just stolen banking credentials. Symantec reported that in addition to targeting banks, financial institutions, customers of electronic payment services, and users of digital currencies, cybercriminals are employing the Dyre Trojan to collect credentials for career and human resource Web sites, as well as Web hosting companies. The group using Dyre has reportedly targeted customers of over 1,000 organizations worldwide. Source: http://www.net-security.org/malware_news.php?id=3063

24. June 25, SC Magazine – (International) Study: 61 percent of critical infrastructure execs confident systems could detect attack in less than a day. Tripwire released survey results from 400 executives in the energy, oil, gas, and utility industries in its “Critical Infrastructure Study” revealing that executives had high levels of confidence regarding their organizations’ ability to quickly detect cyber-attacks on their systems, while noting that attacks could seriously damage their infrastructure, among other findings. Source: http://www.scmagazine.com/critical-infrastructure-execs-recognize-companies-are-targets-believe-their-systems-can-quickly-detect-attacks/article/422676/

25. June 25, V3.co.uk – (International) Android malware dominates mobile threat landscape. Pulse secure released findings from its Mobile Threat Report revealing that 97 percent of mobile malware is targeted at Android devices, and that in 2014 almost 1 million individual malicious apps were released. The report also highlighted the dangers in jailbroken and non-jailbroken iOS devices, among other findings. Source: http://www.v3.co.uk/v3-uk/news/2414871/android-malware-dominates-mobile-threat-landscape

26. June 24, SC Magazine – (International) Cyber-crime economy triggers rise in malicious macros. Proofpoint released The Cybercrime Economics of Malicious Macros report, revealing that malicious macro campaigns have grown in size, frequency, sophistication, and effectiveness while increasingly relying on inexpensive vectors and techniques to exploit the human factor, among other findings. Source: http://www.scmagazineuk.com/cyber-crime-economy-triggers-rise-in-malicious-macros/article/422479/

27. June 24, SC Magazine – (International) MacKeeper flaw enables attacker to run code with admin rights. Security researchers discovered a serious vulnerability in ZeoBit’s MacKeeper utility program in which an attacker could use a phishing email containing a malicious link that prompts a user for a password, effectively executing the malware with administrator rights. ZeoBit reportedly acknowledged and patched the vulnerability. Source: http://www.scmagazineuk.com/mackeeper-flaw-enables-attacker-to-run-code-with-admin-rights/article/422516/

28. June 24, SC Magazine – (International) COA Network breached, all customer data treated as potentially compromised. New Jersey-based COA Network Inc., reported that it had detected a pattern of irregular activity in its systems June 5, and is considering all customer contact and payment information as possibly having been compromised. The company took actions to increase security and protect customer information, and has notified all customers. Source: http://www.scmagazine.com/coa-network-breached-all-customer-data-treated-as-potentially-compromised/article/422637/

29. June 24, Softpedia – (International) ESET patches scan engine against remote root exploit. ESET pushed an update for its scan engine addressing a vulnerability in antivirus products’ code emulator component in which an attacker used a remote root exploit to take complete control of a system. NOD32 Antivirus, Microsoft Windows, Apple OS X, Linux, and numerous other consumer and business antivirus solutions, utilize the product. Source: http://news.softpedia.com/news/eset-products-vulnerable-to-remote-root-exploit-485191.shtml

30. June 24, Help Net Security – (International) Deadly Windows, Reader font bugs can lead to full system compromise. A security engineer with Google Project Zero shared the discovery of 15 flaws in font engines used by Microsoft Windows, Adobe Reader, and other popular software that could allow an attacker to compromise systems in a variety of ways including creating an exploit chain leading to a full-system compromise. All of the reported vulnerabilities have been patched in recent updates. Source: http://www.net-security.org/secworld.php?id=18549

31. June 24, Securityweek – (International) Visibility challenges industrial control system security: survey. Findings from a SANS Institute survey of over 314 respondents across several industries that interact with industrial control systems (ICS) revealed the perceived threats posed by internal and external attackers and the challenges of ICS protection. Challenges cited include poor optimization of ICS protection for information technology (IT) environments, the difficulty in detecting threats that spread without affecting operations, and the integration of IT into previously isolated ICS platforms, among other findings. Source: http://www.securityweek.com/visibility-challenges-industrial-control-system-security-survey

For another story, see item 15 below from the Government Facilities Sector

15. June 25, Securityweek – (International) Leaked government credentials abundant on public Web. Recorded Future released a report June 24 revealing that login credentials belonging to 47 U.S. Government agencies have been discovered on the public Web since November 2014, with the most affected agencies being the U.S. Department of Energy and Department of Commerce. The company shared its finding with affected agencies and is unsure if attackers attempted to leverage any stolen information. Source: http://www.securityweek.com/leaked-government-credentials-abundant-public-web

Communications Sector

32. June 24, WPVI 6 Philadelphia – (Pennsylvania) Verizon wireless service restored in Pennsylvania, New Jersey and Delaware. Severe storms June 23 across Pennsylvania, New Jersey, and Delaware caused a 9-hour cellular phone service outage for Verizon Wireless customers, which included calls from cell phones to 9-1-1 voice services. Services have since been fully restored. Source: http://6abc.com/weather/verizon-wireless-service-restored-in-pa-nj-del/802810/

For additional stories, see items, 24, 25, 28 and 31 above in the Information Technology Sector