Complete DHS Report for
August 5, 2015
Daily Report
Top Stories
· New York officials reported August 3
that the death toll from a Legionnaires’ disease outbreak had risen to 7, and
that there were a total of 81 reported cases of the disease in the South Bronx
area. – FoxNews.com; Associated Press
14. August 4,
FoxNews.com; Associated Press – (New York) Death toll in South
Bronx Legionnaires’ disease outbreak rises to 7, officials say. Health
officials in New York reported August 3 that the death toll from a
Legionnaires’ disease outbreak had risen to 7, and that there were a total of
81 reported cases of the disease in the South Bronx area. Five cooling towers
that returned positive results for the legionella bacteria were decontaminated
and authorities continue to investigate the source of the bacteria. Source: http://www.foxnews.com/health/2015/08/04/death-toll-in-south-bronx-legionnaires-disease-outbreak-rises-to-7-officials/
· California crews reached 12 percent
containment August 4 of the 60,000-acre Rocky Fire burning in 3 counties that
led to the evacuation of more than 13,000 people. – CNN
16. August 4,
CNN – (California) California wildfires torch 134,000 acres – and
counting. Crews in California reached 12 percent containment August 4 of
the 60,000-acre Rocky Fire burning in Lake, Yolo, and Colusa counties that led
to evacuation orders for more than 13,000 people. Firefighters worked to
contain a total of 21 wildfires in the State that have burned over 134,000
acres collectively. Source:
http://www.cnn.com/2015/08/03/us/california-wildfires/
· Researchers discovered that the Yahoo!
advertising network was hit by a large malvertising attack starting July 28
that leveraged Microsoft Azure Web sites to redirect users to pages hosting the
Angler exploit kit to infect systems with ransomware and possibly malware.– Securityweek
See item 21 below in the Information Technology Sector
· An August 3 fire prompted the
evacuation of 125 residents from the Courtyard Apartment Complex in California,
and injured two residents. – KGO 7 San Francisco
31. August 3,
KGO 7 San Francisco – (California) Apartment fire in Hayward prompts evacuation of
125 residents. An August 3 fire prompted the evacuation of 125 residents
from the Courtyard Apartment Complex after 3 fires, in separate locations,
began on the third floor of the building. Two residents were treated for minor
injuries and an investigation is ongoing to determine the cause of the fires. Source: http://abc7news.com/news/apartment-fire-in-hayward-prompts-evacuation-of-125-residents/900054/
Financial Services Sector
5. August 3,
Las Vegas Sun – (Nevada) Man convicted in Las Vegas mortgage fraud case. An
Arizona man was convicted August 3 for his role in a mortgage fraud scheme in
which he and 10 others conspired to cause Federally insured banks about $25
million in losses between 2005 – 2007 by using several investment businesses to
recruit straw buyers who obtained mortgage loans for 110 Las Vegas and Henderson
homes that they would purchase before going into foreclosure.
6. August 3,
U.S. Securities and Exchange Commission – (National) SEC charges
Houston-area businessman in Ponzi scheme. The U.S. Securities and Exchange
Commission charged a co-owner of F.A. Voight & Associates LP and DayStar
Funding LP August 3 with allegedly defrauding over 300 investors in a $114
million Ponzi scheme in which he solicited investments towards the development
of a “Driver Alertness Detection System” while promising high returns, but
instead used funds for Ponzi payments and personal gain funneled to a startup
company through 2 other partnership companies. Source: http://www.sec.gov/news/pressrelease/2015-158.html
7. August 3,
USA Today – (International) Former bank trader convicted in Libor
scandal. A former Citigroup and UBS trader was convicted August 3 of
conspiring with two dozen traders and employees to rig the London Interbank
Offered Rate (Libor) to benefit their trading positions and boost profits while
working for UBS and Citigroup. Source: http://www.usatoday.com/story/money/2015/08/03/former-bank-trader-convicted-libor-scandal/31052779/
Information Technology Sector
18. August 4,
Securityweek – (International) Chinese VPN used by APT actors relies on
hacked servers. Security researchers at RSA analyzed a Chinese virtual
private network (VPN) service dubbed “Terracotta” and found that the service
has at least 31 hacked Windows server nodes worldwide in hospitality,
government organizations, universities, technology services providers, and
private firms. Researchers have observed compromised servers running the Gh0st
Remote Administration Tool (RAT), the Mitozhan trojan, and the Liudoor
Backdoor, among others.
19. August 4,
Help Net Security – (International) Macs can be permanently compromised via
firmware worm. Security researchers discovered vulnerabilities in the
firmware of Apple computers, dubbed “Thunderstrike 2,” in which a worm
delivered via a phishing email or malicious Web site could spread across
connected devices and systems before rewriting itself in the firmware to ensure
persistence. Researchers stated that users need to re-flash the chip that
contains the malware in order to get rid of the worm. Source: http://www.net-security.org/malware_news.php?id=3086
20. August 4,
Softpedia – (International) RIG Exploit Kit 3.0 succeeded in infecting
1.25 million machines. Trustwave researchers reported that version 3.0 of
the RIG Exploit Kit (EK) infected an average of 27,000 machines a day, totaling
1.25 million infections, through various campaigns in which it predominantly
leveraged Adobe Flash zero-day exploits exposed by a Hacking Team leak in July.
Source: http://news.softpedia.com/news/rig-exploit-kit-3-0-succeeded-in-infecting-1-25-million-machines-488461.shtml
21. August 4,
Securityweek – (International) Malvertising hits Yahoo! ad network. Security
researchers at Malwarebytes discovered that the Yahoo! advertising network was
hit by a large malvertising attack starting July 28 that leveraged Microsoft
Azure Web sites to redirect users to pages hosting the Angler exploit kit (EK)
to infect systems with ransomware and possibly banking or ad-fraud malware. The
attack was shut down August 3. Source: http://www.securityweek.com/malvertising-attack-hits-yahoo-ad-network
22. August 4,
Securityweek – (International) Zero-day vulnerability in OS X exploited in
the wild. Security researchers from Malwarebytes observed attacks
leveraging an unpatched local privilege escalation vulnerability in Apple’s OS
X operating system (OS) in which an attacker could modify a hidden UNIX file to
execute adware and other suspicious software with root permissions. Source: http://www.securityweek.com/zero-day-vulnerability-os-x-exploited-wild
23. August 4,
Help Net Security – (International) 79% of companies release apps with known
vulnerabilities. Prevoty released findings from a survey and report on
security and application development revealing that many enterprises face
challenges in releasing secure software on development schedules, and that 43
percent of respondents admitted to releasing applications with vulnerabilities
at least 80 percent of the time, due to business pressures and other concerns. Source:
http://www.net-security.org/secworld.php?id=18702
24. August 4,
Softpedia – (International) WordPress 4.2.4 fixes three XSS
vulnerabilities and one potential SQL injection. WordPress released an
update for its content management system (CMS) addressing three cross-site
scripting (XSS) vulnerabilities, a structured query language (SQL) injection,
an issue that allowed attackers to lock posts indefinitely, and a timing
side-channel attack vector point in which an attacker could analyze
cryptographic algorithm routine execution times.Source: http://news.softpedia.com/news/wordpress-4-2-4-fixes-three-xss-vulnerabilities-and-one-potential-sql-injection-488470.shtml
Communications Sector
Nothing to report