Complete DHS Report for
September 17, 2015
Daily Report
Top Stories
• A September 15
rain storm in California prompted 100 residents to evacuate, left 10,000
customers without power overnight, and caused all lanes of 710 Freeway to shut
down. – KTLA 5 Los Angeles
7. September
16, KTLA 5 Los Angeles – (California) Record rainfall wreaks havoc
on SoCal roads, prompting evacuations and leaving thousands without power. A
September 15 rain storm in Southern California prompted 100 residents to
evacuate from an assisted living facility, left 10,000 Department of Water and
Power customers without power overnight, and caused all lanes of 710 Freeway in
Bell, California, to shut down after up to two-inches of rain flooded Los
Angeles County. Several SigAlerts were issued after multiple collisions occurred.Source: http://ktla.com/2015/09/15/rain-moves-into-southern-california-overnight-flood-advisory-issued-in-parts-of-l-a-county/
• Residents in Utah
and Arizona were issued boil water advisory September 14 due to a flash flood
that damaged and killed 16 people and injured several others. – CNN
18. September
16, CNN – (Utah) Floods in Utah kill 16, leave four missing. Residents
in Hildale, Utah, and Colorado City, Arizona, were issued boil water advisory
September 14 after a flash flood damaged surrounding areas and carried vehicles
and debris throughout the city, killing 16 people and injuring several others. Source: http://www.cnn.com/2015/09/15/us/utah-arizona-flooding/index.html
• A Los
Angeles-based surgeon was charged in an indictment unsealed September 15 for
working with 14 associates to bilk insurance companies out of $150 million
through unnecessary operations performed by untrained staff. – Associated
Press
20. September
16, Associated Press – (California) California surgeon charged in $150M insurance
scam. A Los Angeles-based orthopedic surgeon was charged in an indictment
unsealed September 15 for working with 14 associates to bilk insurance
companies out of $150 million through unnecessary operations performed by
untrained staff. The orthopedic surgeon allegedly conspired to pay attorneys
and marketers up to $10,000 a month to illegally refer patients, 21 of which
sustained lasting scars and required additional surgeries. Source: http://www.foxnews.com/us/2015/09/16/california-surgeon-charged-in-150-million-insurance-scam/
• A Russian national
pleaded guilty September 15 to leading a hacking and data breach scheme that
compromised the Nasdaq stock market and payment systems at several companies,
resulting in losses of over $300 million between 2005 and 2012. – Agence
France-Presse – See item 35 below in the Information Technology Sector
Financial Services Sector
5. September
15, U.S. Attorney’s Office Southern District of New York –
(National) Two defendants plead guilty in Manhattan federal court for their
roles in orchestrating $18.5 million mortgage modification fraud scheme. Two
men pleaded guilty September 15 for their roles in a mortgage modification
scheme which defrauded over 8,000 homeowners out of more than $18.5 million by
charging homeowners exorbitant fees for promised mortgage modifications that
were never provided.
6. September
15, Reuters – (International) RBS in $129.6 mln mortgage securities deal
with U.S. regulator. The Royal Bank of Scotland Group PLC (RBS) agreed
September 15 to pay $129.6 million to the National Credit Union Administration
to resolve allegations that RBS ignored underwriting guidelines and sold toxic
mortgage-backed securities to now-failed credit unions.Source: http://www.reuters.com/article/2015/09/15/rbs-settlement-mbs-idUSL1N11L2R020150915
For additional stories, see
item 20 above in Top Stories
and item 35 below in the Information Technology Sector
Information Technology Sector
29. September
16, Securityweek – (International) Major malvertising operation went undetected
for three weeks. Security researchers from Malwarebytes discovered a
malvertising campaign affecting Web sites of several major companies including
eBay, Drudge Report, and Answers.com, in which attackers were able to redirect
victims to malware-serving Web sites containing the Angler exploit kit (EK) by
loading ads through a rogue ad server. The campaign went undetected for nearly
three weeks, and 46 percent of the affected users were in the U.S. Source: http://www.securityweek.com/major-malvertising-operation-went-undetected-three-weeks
30. September
16, Help Net Security – (International) Persistent XSS flaw in
SharePoint 2013 revealed, patched. Microsoft patched a persistent
cross-site scripting (XSS) vulnerability in SharePoint 2013 in which an
attacker could obtain information about a user’s operating system (OS),
browser, plugins, and other information in order to steal sensitive
information, gain control of the system, and download and execute malicious
code remotely. Source: http://www.net-security.org/secworld.php?id=18860
31. September
16, Securityweek – (International) WordPress patches XSS, privilege escalation
vulnerabilities. The developers of WordPress released version 4.3.1 content
management system (CMS) addressing 3 vulnerabilities and 26 bugs, including a
cross-site scripting (XSS) flaw related to the processing of shortcode tags in
which an attacker could inject malicious JavaScript code into objects rendered
on WordPress pages, a flaw that allows users to publish private “sticky” posts
that can be combined with the XSS vulnerability, and a separate XSS
vulnerability. Source: http://www.securityweek.com/wordpress-patches-xss-privilege-escalation-vulnerabilities
32. September
16, Help Net Security – (International) Android 5 bug allows
attackers to easily unlock password-protected devices. The University of
Texas at Austin Information Security Office discovered a lockscreen bypass
vulnerability affecting Android version 5.1.1 in which an attacker could use a
large string password with the camera app open to crash the password lockscreen
and gain full access to the device. Google addressed the issue in Android 5.1.1
build LMY48M.Source: http://www.net-security.org/secworld.php?id=18858
33. September
16, Threatpost – (International) Bug in iOS allows writing of arbitrary files
via AirDrop. Researchers from Azimuth Security discovered a vulnerability
in a library of Apple’s iOS and OS X operating systems which an attacker could
leverage via AirDrop with or without the user’s approval to execute a director
traversal attack, and arbitrarily write files to any location in an affected
device’s file system. Source:
https://threatpost.com/bug-in-ios-and-osx-allows-writing-of-arbitrary-files-via-airdrop/114681/
34. September
15, The Register – (International) Thought Heartbleed was dead? Nope – hundreds
of thousands of things still vulnerable to attack. The founder of the
Shodan search engine reported that over 200,000 devices on the Internet are
still vulnerable to the Heartbleed OpenSSL vulnerability discovered in 2014,
including 57,272 devices in the U.S. The vulnerability allows an attacker to
extract passwords and other sensitive information due to a missing bounds check
that allowed repeated data checks from server memory. Source: http://www.theregister.co.uk/2015/09/15/still_200k_iot_heartbleed_vulns/
35. September
15, Agence France-Presse – (International) Russian pleads guilty in
major hacking case. A Russian national arrested in 2012 and extradited to
the U.S. in February 2015 pleaded guilty September 15 to leading a hacking and
data breach scheme that compromised the Nasdaq stock market and payment systems
at 7-Eleven, Carrefour, JC Penny, and other companies, resulting in losses of
over $300 million between 2005 and 2012. Source: http://www.securityweek.com/russian-pleads-guilty-major-hacking-case
For another story, see item 24 below from the Government Facilities Sector
24. September
16, Reuters – (National) Homeland Security websites vulnerable to cyber
attack: Audit. The Office of the Inspector General for DHS released a
report September 15 citing several deficiencies within DHS’ information systems
including lapses in internal systems used by several agencies that may allow
unauthorized individuals to gain access to sensitive data, and the need to
establish a cyber-training program for analysts and investigators, among other
findings.
Communications Sector
36. September
14, WJXX 25 Jacksonville; WTLV 12 Jacksonville – (Florida)
Retirement community upset over phone and internet outages. All 450
AT&T customers residing in The Cascades in St. Augustine, were without
phone or Internet service for 5 days following severe weather that damaged
landline service. Crews repaired the damage landline September 14. Source: http://www.firstcoastnews.com/story/news/2015/09/14/--not--inconvenience---dangerous/72279836/
For additional stories, see item 7 above in Top
Stories and items 32 and 33 above in the Information Technology Sector