Friday, July 24, 2015




Complete DHS Report for July 24, 2015

Daily Report                                            

Top Stories

 · A director of security research at IOActive who recently hacked into the system of a 2015 Jeep Cherokee reported that the hack could be repeated on hundreds of thousands of Chrysler vehicles with Uconnect telematics systems. – Computerworld

3. July 23, Computerworld – (National) Hacker: ‘hundreds of thousands’ of vehicles are at risk of attack. A director of security research at IOActive who recently hacked into the system of a 2015 Jeep Cherokee from 10 miles away, reported that the hack could be repeated on hundreds of thousands of vulnerable model year 2013 – 2015 vehicles currently on the road, and that prior access to the vehicle is not required for a zero day-style attack, which works on any Chrysler vehicle with the Uconnect telematics system. Source: http://www.networkworld.com/article/2951837/security/hacker-hundreds-of-thousands-of-vehicles-are-at-risk-of-attack.html#tk.rss_all

 · Fiat Chrysler Automobiles issued a recall July 22 for 144,416 model year 2011 – 2015 Dodge Journey and Fiat Freemont 2.4-liter vehicles in the U.S. due to an issue in which engine covers can be dislodged, posing a fire-risk. – Autoblog

5. July 22, Autoblog – (National) Dodge Journey and Fiat Freemont engine-cover recall affects 350k CUVs. Fiat Chrysler Automobiles issued a recall July 22 for 144,416 model year 2011 – 2015 Dodge Journey and Fiat Freemont 2.4-liter vehicles in the U.S. with 4-cylinder engines due to an issue in which engine covers can be dislodged, posing a fire-risk. Source: http://www.autoblog.com/2015/07/22/dodge-journey-fiat-freemont-engine-cover-recall/

 · Highway 128 in Lake Berryessa, California was shut down while 525 firefighters worked to battle a 6,000-acre wildfire that threatened nearly 200 structures and prompted mandatory evacuations. – KCRA 3 Sacramento

18. July 23, KCRA 3 Sacramento – (California) Lake Berryessa fire grows to 6,000 acres; mandatory evacuations issued. Highway 128 in Lake Berryessa was shut down for an unspecified amount of time while a total of 525 firefighters worked to battle an explosive wildfire that grew to 6,000 acres overnight and threatened nearly 200 structures prompting mandatory evacuations. Officials believe the cause of the fire was a vehicle crash but the investigation is ongoing.

 · Hewlett Packard’s Zero Day initiative released four new remote code execution zero day vulnerabilities in Microsoft Internet Explorer. – The Register See item 20 below in the Information Technology Sector

Financial Services Sector

6. July 22, Reuters – (National) Citi to shut Banamex USA, pay $140 million fine. Citigroup Inc., announced July 22 plans to liquidate subsidiary Banamex USA and pay $140 million in fines to the Federal Deposit Insurance Corporation and California’s Department of Business Oversight to resolve allegations that Banamex USA failed to comply with Federal anti-money laundering requirements and the Bank Secrecy Act. Source: http://www.reuters.com/article/2015/07/22/us-banamex-citigroup-idUSKCN0PW1Z520150722

7. July 22, KYTV 3 Springfield – (Missouri) Springfield restaurant owner and son plead guilty in multi-million dollar fraud scheme. An owner of multiple Springfield area restaurants and commercial properties and his son pleaded guilty July 22 to charges that they submitted false financial documents to Great Southern Bank in order to receive 4 commercial loans worth about $6 million in 2011. Source: http://www.ky3.com/news/local/springfield-restaurant-owner-son-plead-guilty-in-multimillion-dollar-fraud-scheme/21048998_34299122

Information Technology Sector

19. July 23, Threatpost – (International) Four zero days disclosed in internet explorer. Hewlett Packard’s Zero Day Initiative released four new remote code execution (RCE) zero day vulnerabilities in Microsoft’s Internet Explorer, including an issue in how the browser processes arrays representing cells in Hyptertext Markup Language (HTML) tables in which an attacker could execute code under the context of the current process. Source: https://threatpost.com/four-zero-days-disclosed-in-internet-explorer/113911

20. July 23, The Register – (International) Flash zero-day monster Angler dominates exploit kit crime market. Security researchers from SophosLabs reported that the Angler exploit kit’s (EK) prevalence in the underground malware market has ballooned from about 25 – 83 percent between September 2014 and May 2015, likely due to factors including its low cost and high traffic to Angler-infected Web sites. The EK recently incorporated three Adobe Flash zero-day flaws that were exposed in the breach of Hacking Team. Source: http://www.theregister.co.uk/2015/07/23/sophos_angler_ek/

21. July 23, The Register – (International) Cyber poltergeist threat discovered in Internet of Stuff hubs. Security researchers from Tripwire’s Vulnerability and Exposure Research Team (VERT) discovered vulnerabilities in Internet of Things-enabled smart home hubs made by Wink, Vera, and SmartThings, that could allow an attacker to obtain root shell access on the device, provide entry points to the home network. Source: http://www.theregister.co.uk/2015/07/23/home_hub_insecurity_iot_stalking/

22. July 23, Help Net Security – (International) Smartwatches: a new open frontier for attack. Hewlett Packard released findings from an assessment of 10 smart-watches and their Android and iOS cloud and mobile application components revealing that each watch contained significant vulnerabilities, including insufficient authentication, lack of encryption, insecure software, firmware, interfaces, and privacy concerns. Source: http://www.net-security.org/secworld.php?id=18658

23. July 22, Threatpost – (International) Bartalex variants spotted dropping Pony, Dyre malware. Security researchers at Rackspace reported that strains of the macro-based Bartalex malware has been observed dropping Pony loader malware along with the Dyre banking trojan. Source: https://threatpost.com/bartalex-variants-spotted-dropping-pony-dyre-malware/113903

For another story, see item 3 above in Top Stories

Communications Sector

24. July 22, Athens Messenger – (Ohio) Phone service could be out for a while. Frontier Communications reported July 22 that a telephone outage has occurred in the south side area of Athens to the Meigs County Line after a telephone cable was damaged during construction work on Richland Avenue. The extent of damage remains under assessment and a company spokesperson reported that it would take a couple of days for service to be fully restored.

For another story, see item 17 below from the Government Facilities Sector

17. July 22, Alaska Dispatch News – (Alaska) City says contractor error caused phone, email outage at Anchorage City Hall. Employees at Anchorage City Hall lost access to telephones, email, timekeeping, and the electronic financial system for several hours July 22 due to a network outage at the South Anchorage data center. The city’s 9-1-1 system was not affected, and there was no lasting damage. Source: http://www.adn.com/article/20150722/city-says-contractor-error-caused-phone-email-outage-anchorage-city-hall