Complete DHS Report for
September 28, 2015
Daily Report
Top Stories
• Hyundai
Motor Co., issued a recall for 470,000 model years 2011 – 2012 Sonata 2-liter
and 2.4-liter sedans due to an issue with metal debris in the car’s crankshaft
which could lead to an engine stall. – Associated Press (See item 4)
4. September
25, Associated Press – (National) Hyundai recalls 470,000 Sonatas to fix critical
engine problem. Hyundai Motor Co., issued a recall for 470,000 model years
2011 – 2012 Sonata 2-liter and 2.4-liter sedans due to the possible presence of
metal debris in the car’s crankshaft, which could restrict oil flow and lead to
an engine stall. Owners will be notified November 2. Source: http://www.cnbc.com/2015/09/25/hyundai-recalls-470000-sonatas-to-fix-critical-engine-problem.html
• Four international students from North Seattle College
were killed and 51 others were injured September 24 after a charter bus filled
with 45 students collided with a “duck tour” vehicle on Seattle’s Aurora
Bridge. – NBC News
10. September
25, NBC News – (Washington) Four college students killed when duck boat and
charter bus crash in Seattle. The National Transportation Safety Board is
investigating a September 24 incident where 4 international students from North
Seattle College were killed and 51 people were injured after a charter bus
filled with 45 students collided with a “duck tour” vehicle on the Aurora
Bridge in Seattle. Source:
http://www.nbcnews.com/news/us-news/seattle-bus-collides-duck-tour-killing-2-officials-say-n433156
• Authorities
reported September 24 that a combination of 12 inmates, prison employees,
parolees, and civilians were allegedly found to be a part of a drug and
identity theft ring taking place in Georgia prisons. – WXIA 11 Atlanta
20. September
24, WXIA 11 Atlanta – (Georgia) 12 indicted in prison cell phone bust. Authorities
announced September 24 that a combination of 12 inmates, prison employees,
parolees, and civilians were allegedly part of a drug and identity theft ring
that took place in Georgia prisons. The scheme reportedly involved smuggling
prescription pain medication, illegal drugs, alcohol, tobacco, and cell phones
into the prisons where the inmates would use the phones to steal identities
from victims in Cobb and Gwinnett counties. Source: http://www.11alive.com/story/news/crime/2015/09/24/12-indicted-prison-cell-phone-bust/72768876/
• U.S. regulators reported September 24 that
Hamilton Relay, InnoCaption, and Sprint Corp., reached a $1.4 million
settlement resolving allegations over the companies’ 9-1-1 handling for
hard-of-hearing callers. – U.S. Federal Communications Commission See
item 27 below in the Communications Sector
Financial Services Sector
5. September
24, U.S. Securities and Exchange Commission – (International) SEC
charges six in stock fraud scheme. The U.S. Securities and Exchange
Commission charged 6 suspects for an investment scheme in which the suspects
allegedly conspired to secretly issue $72 million Gerova shares to a family
friend in Kosovo through a friend’s brokerage accounts, while bribing an
investment adviser to stabilize Gerova shares in 2010. The suspects reportedly
received at least $16 million in illicit profits through the scheme, and face
criminal charges under a separate parallel action. Source: http://www.sec.gov/litigation/litreleases/2015/lr23360.htm
6. September
24, Reuters – (New Jersey) New Jersey’s Hudson City Bank to pay some $33
mln in redlining case. Hudson City Bancorp agreed September 24 pay $33
million in loan subsidies, community programs and outreach, and penalties to
settle U.S. Department of Justice and Consumer Financial Protection Bureau
allegations that the company discriminated against prospective black and Hispanic
home buyers by attempting to avoid locating branches and marketing mortgages in
neighborhoods with a majority of black and Hispanic residents. Source: http://www.reuters.com/article/2015/09/24/hudson-city-bcp-discrimination-idUSL1N11U1T320150924
7. September
24, Newark Patch – (New Jersey) N.J. bank fraud: Founder of defunct charter
flight company pleads guilty. The former chief financial officer and
co-founder of Southern Sky Air & Tours pleaded guilty September 23 to
conspiracy to commit wire and bank fraud through a scheme in which he used fake
documents and inflated revenue figures to defraud a New Jersey bank and other
financial institutions out of millions of dollars. Source: http://patch.com/new-jersey/newarknj/nj-bank-fraud-founder-defunct-charter-flight-company-pleads-guilty
8. September
24, InsideNoVa.com – (National) ‘Black Hat Bandit’ pleads guilty to 9 bank
robberies. The suspect dubbed the “Black Hat Bandit” pleaded guilty
September 24 in connection to 9 bank robberies throughout Virginia, Maryland,
and Washington, D.C. earlier this year from January – March and resulted in
more than $180,000 in losses to BB&T and Wells Fargo bank branches that he
struck. Source: http://www.insidenova.com/headlines/black-hat-bandit-pleads-guilty-to-bank-robberies/article_a417d4f4-62e0-11e5-b049-df27a854c2b7.html
9. September
24, IDG News Service – (International) New malware infects ATMs, dispenses cash on
command. Security researchers from Proofpoint detected a new malware ATM
malware program dubbed GreenDispenser that allows attackers to withdraw cash on
demand by hooking into the eXtensions for Financial Services (XFS) middleware
on Microsoft Windows-based ATMs. The malware was first spotted in Mexico, and
researchers warned it will likely spread quickly to the U.S. Source: http://www.computerworld.com/article/2985860/malware-vulnerabilities/new-malware-infects-atms-dispenses-cash-on-command.html#tk.rss_security
Information Technology Sector
22. September
25, Securityweek – (International) Vulnerabilities found in several SCADA
products. The Industrial Control Systems Cyber Emergency Response Team
(ICS-CERT) published advisories identifying vulnerabilities in supervisory
control and data acquisition (SCADA) products, including a privilege escalation
bug in Resource Data Management’s Data Manager that could allow an attacker to
change the passwords of users, a cross-site request forgery (CSRF) that an
attacker could use to perform actions on behalf of authenticated users, and
other vulnerabilities in IBC Solar and EasyIO products. Source: http://www.securityweek.com/vulnerabilities-found-several-scada-products
23. September
25, Help Net Security – (International) Cisco releases tool for
detecting malicious router implants. Cisco Systems released a Python script
called the SYNful Knock Scanner which scans networks for routers compromised by
malicious SYNful Knock implants and provides next steps to users with affected
routers. Source: http://www.net-security.org/malware_news.php?id=3114
24. September 25,
The Register – (International) XcodeGhost-infected apps open gates to
malware hijacking. Security researchers from Palo Alto Networks reported
that the DES ECB mode-encrypted communication streams between
XcodeGhost-infected applications and the attacker’s command-and-control
(C&C) servers lack proper encryption, leaving them vulnerable to
man-in-the-middle (MitM) attacks that could expose affected users to additional
malware. Source: http://www.theregister.co.uk/2015/09/25/xcodeghost_mitm_palo_alto/
25. September
25, Softpedia – (International) Kovter malware now lives solely in the
Windows registry. Security researchers from Symantec discovered a new
version of the Kovter trojan that reportedly mimics the Poweliks malware’s
survival methods, including the ability to hide its code in the Microsoft
Windows registry, ensuring persistence and serving as an entry point for other
malware. The Kovter trojan focuses primarily on click-fraud, and 56 percent of
all infections have targeted U.S. users. Source: http://news.softpedia.com/news/kovter-malware-now-lives-solely-in-your-computer-s-registry-492722.shtml
26. September
24, Threatpost – (International) Cisco patches denial-of-service, bypass
vulnerabilities in IOS. Cisco released updates for its IOS router and
switch software addressing three denial-of-service (DoS) vulnerabilities and
one authentication bypass flaw affecting RSA-based user authentication in which
an attacker knowing a legitimate username and the user’s public key could log
in with their privileges. Source: https://threatpost.com/cisco-patches-denial-of-service-bypass-vulnerabilities-in-ios/114792/
For another story, see item 9 above in the Financial Services Sector
Communications Sector
27. September
24, U.S. Federal Communications Commission – (National) Companies
fined $1.4 million for failing to accept 911. The U.S. Federal Communications
Commission’s (FCC) Enforcement Bureau reported September 24 that Hamilton
Relay, InnoCaption, and Sprint Corp., reached a settlement totaling $1.4
million to resolve allegations of the companies’ inability to handle 9-1-1
calls through applications used by callers who are hard of hearing over periods
varying from 5 weeks to approximately 10 months. Source: https://www.fcc.gov/document/cos-fined-14m-failing-accept-911-calls-hearing-impaired-0