Complete DHS Report for
July 16, 2015
Daily Report
Top Stories
· Over 168,000 Duke Energy customers in
Ohio and Kentucky were without power July 14 and 7,000 remained without service
after recent storms July 15. – WXIX 19 Cincinnati
2. July 15,
WXIX 19 Cincinnati – (Ohio; Kentucky) Duke energy: outages should be restored by
Thursday night. Over 168,000 Duke Energy customers in Ohio and Northern
Kentucky were without power July 14 after powerful storms damaged power lines
across the area, and 7,000 remained without service July 15. Duke Energy
officials expect power to be restored to customers by July 16. Source: http://www.fox19.com/story/29550788/thousands-without-power-following-storms
· Three suspects pleaded guilty in
Florida July 14 to their roles in a $64 million fraud scheme in which Great
Country Mortgage Bankers employees targeted customers with U.S. Federal Housing
Administration loans.– WFOR 4 Miami; Associated Press See item 10 below in the Financial Services Sector
· A July 14 report revealed that the U.S.
Office of Personnel Management has yet to officially notify 21.5 million
victims of a cyberattack discovered in May. – Reuters
22. July 15,
Reuters – (National) OPM hack: U.S. has not notified 21.5 million
victims of massive data breach. A July 14 report revealed that the U.S. Office
of Personnel Management (OPM) has yet to officially notify 21.5 million victims
of a cyberattack discovered in May which exposed sensitive information
disclosed in security clearance investigations. Multiple Federal agencies are
working with OPM to develop a central system to inform victims, although
officials reported this could be delayed for several weeks due to the
complicated nature of the data. Source: http://www.ibtimes.com/opm-hack-us-has-not-notified-215-million-victims-massive-data-breach-2008940
·
Officials filed charges against 12 suspects affiliated with the Darkode hacker
Web forum after officials shut down the site and arrested or searched 70
members worldwide. – IDG News Service See item 25 below in the Information Technology Sector
Financial Services Sector
10. July 14,
WFOR 4 Miami; Associated Press – (Florida) Three plead guilty
in $64M mortgage fraud scheme. Three suspects pleaded guilty July 14 to
their roles in a $64 million mortgage fraud scheme in which Great Country
Mortgage Bankers employees targeted first-time, low-income, and poor-credit
buyers with U.S. Federal Housing Administration loans which they would obtain
with falsified documents, before selling them at a profit. Twenty-five have
pleaded guilty in connection with the scheme. Source: http://miami.cbslocal.com/2015/07/14/three-plead-guilty-in-64m-mortgage-fraud-scheme/
11. July 14,
U.S. Securities and Exchange Commission – (National) SEC Charges 34
defendants in microcap market manipulation schemes. The U.S. Securities and
Exchange Commission charged 15 individuals and 19 entities July 14 for
allegedly attempting to manipulate the trading of microcap stocks by acting as
unregistered broker-dealers for customers wanting to hide their stock ownership
and manipulate the microcap market. Source: http://www.sec.gov/news/pressrelease/2015-146.html
Information Technology Sector
25. July 15,
IDG News Service – (International) Darkode computer hacking forum shuts after
investigation spanning 20 countries. U.S. authorities filed hacking charges
against 12 suspects affiliated with the Darkode hacker Web forum after the FBI
and law enforcement organizations from 20 countries shut down the site and
arrested or searched 70 Darkode members worldwide. The Web site allowed hackers
to share technology and tradecraft used to infect computers and wireless
devices of victims. Source:
http://www.networkworld.com/article/2948634/darkode-computer-hacking-forum-shuts-after-investigation-spanning-20-countries.html#tk.rss_all
26. July 15,
Softpedia – (International) Hacking Team malware hides in UEFI BIOS to
survive PC reinstalls. Security researchers from Trend Micro discovered
that Hacking Team ensured surveillance malware persistence on systems by using
Unified Extensible Firmware Interface (UEFI) Basic Input/Output System (BIOS)
rootkit to re-install the malware every time it was deleted from the system. Source:
http://news.softpedia.com/news/hacking-team-malware-hides-in-bios-to-survive-pc-reinstalls-486949.shtml
27. July 15,
Securityweek – (International) Oracle patches Java zero-day, 192 other
security bugs. Oracle released updates addressing 193 security issues
across multiple product lines, including a Java remote code execution
vulnerability that was exploited by the advanced persistent threat (APT) group
Pawn Storm, 54 flaws in third-party components in Oracle product distributions,
and 23 vulnerabilities in Java SE that can be exploited remotely by an
unauthenticated attacker, among other fixes. Source: http://www.securityweek.com/oracle-patches-java-zero-day-192-other-security-bugs
28. July 15,
Help Net Security – (International) TeslaCrypt 2.0 makes it impossible to decrypt
affected files. Security researchers at Kaspersky Lab discovered that
recent TeslaCrypt version 2.0 ransomware infections display a Cryptowall 3.0
Web page, possibly in an attempt to convince victims that the malware uses more
robust encryption than it actually does. Source: http://www.net-security.org/malware_news.php?id=3075
29. July 15,
Softpedia – (International) HTML5 can be used to hide malware in drive-by
download attacks. Italian security researchers discovered that Hypertext
Markup Language 5 (HTML5)-based obfuscation techniques could be used to hide
malware in drive-by download exploits using HTML technologies and application
program interfaces (API). Source: http://news.softpedia.com/news/html5-can-be-used-to-hide-malware-in-drive-by-download-attacks-486974.shtml
30. July 14,
Securityweek – (International) Microsoft patches Hacking Team zero-days,
other vulnerabilities. Microsoft released 14 bulletins addressing
vulnerabilities in Windows, Office, SQL Server, and Internet Explorer,
including a zero-day Jscript 9 use-after-free memory corruption bug in Internet
Explorer 11 and a memory corruption flaw in the Adobe Type Manager Font Driver
that could both allow an attacker to take complete control of a vulnerable
system, as well as a remote code execution flaw affecting the Remote Desktop
Protocol (RDP). Source: http://www.securityweek.com/microsoft-patches-hacking-team-zero-days-other-vulnerabilities
Communications Sector
Nothing to report