Complete DHS Report for
October 15, 2015
Daily Report
Top Stories
• The former Chicago
Public Schools chief executive officer pleaded guilty October 13 in connection
to a scheme to steer more than $23 million in no-bid contracts to a former
employer for $2.3 million bribes and kickbacks. – WBBM 2 Chicago
12. October
13, WBBM 2 Chicago – (Illinois) Ex-CPS chief pleads guilty to kickback scheme. The
former Chicago Public Schools chief executive officer (CEO) pleaded guilty
October 13 to charges in connection to a bribery scheme where the former CEO
accepted $2.3 million in bribes and kickbacks in exchange for SUPES Academy and
its owners to receive over $23 million in no-bid contract dating back to 2013. Source: http://chicago.cbslocal.com/2015/10/13/ex-cps-chief-barbara-byrd-bennett-pleads-guilty-to-kickback-scheme/
• Officials released
a report which found that the Internal Revenue Service was unable to locate
1,300 workstations during its attempt to update its Microsoft software from
Windows XP to Windows 7. – Nextgov
13. October
13, Nextgov – (National) IRS can’t update woefully out-of-date Windows
server because it can’t find some of them. The Treasury Inspector General
for Tax Administration at the U.S. Department of the Treasury released a report
which found that the Internal Revenue Service was unable to locate 1,300
workstations during its attempt to update its Microsoft software from Windows
XP to Windows 7. The report also determined that the bureau had several
thousand servers still running Windows Server 2003 and lacked proper oversight,
among other security risks.Source: http://www.nextgov.com/cio-briefing/2015/10/irs-cant-update-woefully-out-date-windows-servers-because-it-cant-find-some-them/122770/
• U.S. and European
authorities worked with private cybersecurity organizations to disrupt the
activities of the Dridex information-stealing botnet. – Securityweek See item 17 below
in the Information Technology Sector
• Approximately 100
children and staff were evacuated from the Boys and Girls club in Nevada
October 13 after a construction crew hit a 1-inch gas line while digging out a
post, causing a gas leak. – Reno Gazette-Journal
24. October
13, Reno Gazette-Journal – (Nevada) Boys & Girls club evacuated
after gas leak. Approximately 100 children and staff were evacuated from
the Boys and Girls club in Reno, Nevada, October 13 after a construction crew
hit a 1-inch gas line while digging out a post, causing a gas leak. NV Energy
crews shut off gas valves for about 4 to 5 buildings while crews took readings
around and inside buildings. Source: http://www.rgj.com/story/news/2015/10/13/boys-girls-club-evacuated-after-gas-leak/73869036/
Financial Services Sector
3. October
14, Springfield Republican – (Massachusetts) ATM ‘skimmer’ admits
ripping off $121,000 from TD Bank customers in 5 Western Massachusetts
communities. A Washington resident pleaded guilty October 9 to charges that
he and a co-conspirator used ATM skimming devices to steal over $121,000 from
dozens of TD Bank customers in Chicopee, Ludlow, Springfield, Agawam, and East
Longmeadow, Massachusetts, in August and September 2014.
4. October
13, Reuters – (International) UBS settles U.S. SEC case over structured
notes for $19.5 mln. A U.S. Securities and Exchange Commission official
announced October 13 that UBS AG will pay $19.5 million to resolve civil
allegations that the bank
misled U.S. retail investors in offering documents for structured notes tied to
a proprietary foreign currency index by not revealing index reductions of about
5 percent through bank hedging trades. The bank neither admitted nor denied the
charges. Source: http://www.reuters.com/article/2015/10/13/sec-ubs-group-idUSL1N12D1BR20151013
For another story, see item 17 below in the Information Technology Sector
Information Technology Sector
17. October
14, Securityweek – (International) Authorities seize servers to disrupt Dridex
botnet. U.S. and European authorities worked with private cybersecurity
organizations to disrupt the activities of the Dridex information-stealing
botnet by poisoning the peer-to-peer (P2P) network of each sub-botnet,
redirecting infected systems’ communications from the botnet to a sinkhole. The
botnet resulted in estimated losses of $10 million in the U.S., and authorities
are seeking to extradite one of its administrators who was arrested in Cyprus
in August. Source: http://www.securityweek.com/authorities-seize-servers-disrupt-dridex-botnet
18. October
14, Securityweek – (International) Chrome 46 patches vulnerabilities, simplifies
page security icon. Google announced the release of version 46 of its
Chrome Web browser, which addresses 24 security vulnerabilities including a
cross-origin bypass in the Blink rendering engine, a user-after-free in PDFium
and ServiceWorker, and a bad cast issue in PDFium, among others. The update
also changed the icon used for Hypertext Transfer Protocol Secure (HTTPS)
connections. Source:
http://www.securityweek.com/chrome-46-patches-vulnerabilities-simplifies-page-security-icon
19. October
14, Securityweek – (International) Microsoft patches critical flaws in Windows,
Internet Explorer. Microsoft released 6 security bulletins addressing over
30 vulnerabilities, including 14 memory corruption, privilege escalation,
information disclosure, VBScript and JavaScript address space layout
randomization (ASLR) bypass, and remote code execution flaws in Internet
Explorer, as well as other ASLR bypass and remote code execution
vulnerabilities in Windows, among other fixes for Edge, Office, and the Windows
kernel. Source: http://www.securityweek.com/microsoft-patches-critical-flaws-windows-internet-explorer
20. October
14, Softpedia – (International) Adobe Flash Player zero-days used by hackers
linked to Russian government. Security researchers from Trend Micro warned
that attackers in the Operation Pawn Storm cyber-espionage campaign are
exploiting unpatched zero-day vulnerabilities in Adobe Flash Player in an
effort to trick members of overseas government departments and ministries to
access Web sites hosting malicious code. The group previously targeted
high-profile government targets worldwide, as well as the North Atlantic Treaty
Organization (NATO) and the U.S. White House. Source: http://news.softpedia.com/news/adobe-flash-player-zero-days-used-by-hackers-linked-to-russian-government-494509.shtml
21. October
13, Securityweek – (International) Adobe patches many flaws in Flash Player,
Acrobat, Reader. Adobe released updates addressing 56 vulnerabilities in
Adobe Acrobat Reader, many of which involve bypass restrictions on JavaScript
Application Program Interface (API) execution and bypass vulnerabilities that
could lead to information disclosure, memory leak issues, and memory corruption
bugs, resulting in remote code execution, as well as 13 use-after-free, buffer
overflow, memory corruption, and same-origin-policy (SOP) flaws in Flash
Player, among others. Source: http://www.securityweek.com/adobe-patches-many-flaws-flash-player-acrobat-reader
22. October
13, Threatpost – (International) Netgear publishes patched firmware for
routers under attack. Netgear published firmware updates addressing a
remotely exploitable authentication bypass vulnerability that hackers had
exploited to take over up to 10,000 routers, most of which were in the U.S. The
flaw allowed an attacker to access the device’s administration interface
without knowing the router password. Source: https://threatpost.com/netgear-publishes-patched-firmware-for-routers-under-attack/115006/
For another story, see item 13 above in Top Stories
Communications Sector
Nothing to report