Friday, October 30, 2015



Complete DHS Report for October 30, 2015

Daily Report                                            

Top Stories

 • The Santa Clara County Public Health Department reported October 28 that the number of cases in a Shigella outbreak rose to 190 after being linked to consumption from the Mariscos San Juan restaurant. – San Jose Mercury News

12. October 29, San Jose Mercury News – (California) Shigella outbreak reaches 190 reported cases. The Santa Clara County Public Health Department reported October 28 that the number of cases in a Shigella outbreak rose to 190. The cause of the outbreak remains under investigation but officials believe that nearly all cases stem from food served at the Mariscos San Juan restaurant between October 16 and October 17.

 • Sanofi issued a recall October 28 for approximately 490,000 packs of Auvi-Q epinephrine injectors used to treat severe allergic reactions following 26 reports of malfunctions with the injectors. – Associated Press

20. October 28, Associated Press – (International) Sanofi recalls all injectors used for allergic reactions. Sanofi issued a recall October 28 for approximately 490,000 packs of Auvi-Q epinephrine injectors used to treat severe allergic reactions following 26 reports of malfunctions with the injectors that may not deliver the correct amount of the drug. Source: http://abcnews.go.com/Business/wireStory/sanofi-recalls-pen-injectors-allergic-reactions-34805509

 • A security expert reported October 28 that 13 million personal user records from the free web hosting service, 000webhost.com were compromised after its main server was exploited via a flaw in its old version of PHP. – Securityweek See item 24 below in the Information Technology Sector

 • Mapunapuna officials reported October 28 that a building supply company housing 17 businesses sustained extensive damage October 27 after a 3-alarm fire caused approximately $5.5 million in damages. – Honolulu Star-Advertiser

30. October 28, Honolulu Star-Advertiser – (Hawaii) Fire causes $5.5 million damage to Mapunapuna businesses. Mapunapuna officials reported October 28 that a building supply company housing 17 businesses sustained extensive damage October 27 after a 3-alarm fire caused approximately $5.5 million in damages. Fire crews remained on site for nearly 21 hours extinguishing the blaze and the cause of the incident is under investigation. Source: http://www.staradvertiser.com/news/breaking/20151027_Firefighters_respond_to_threealarm_fire_in_Mapunapuna.html?id=337815871

Financial Services Sector

6. October 28, Buffalo News – (New York) Falls businessman who shot brother-in-law pleads guilty to bank fraud. A suspect serving a prior prison sentence for attempted murder pleaded guilty October 28 in a Buffalo district court to defrauding M&T Bank of $177,500 by cashing 42 checks from an overdrawn company account from the now-defunct Electro-Dyne Choke Corp., between November 2012 and March 2013. The suspect had the company’s payroll firm issue payroll checks to himself and another individual from bank accounts that did contain enough money.

7. October 28, Bloomberg News – (New York) Goldman agrees to pay $50 million to settle N.Y. Fed leak case. Goldman Sachs Group Inc., reached a $50 million settlement and accepted a 3-year suspension on some advisory capacities within New York October 28 following allegations of unauthorized access to classified documents from the Federal Reserve Bank of New York. The case involves a Federal Reserve employee who provided a client’s confidential information to a Goldman Sachs employee, who then circulated the information to senior personnel. Source: http://www.bloomberg.com/news/articles/2015-10-28/goldman-agrees-to-pay-50-million-to-settle-n-y-fed-leak-case

8. October 28, Chicago Tribune – (Illinois) Politician goes from speaker to felon, but his dark past still a mystery. A U.S. politician plead guilty October 28 in a Federal courtroom in Chicago to charges related to allegations of illegally structuring more than $3.5 million in bank account withdrawals to avoid financial reporting requirements as part of a payout to cover up alleged wrongdoing. Source: http://www.chicagotribune.com/news/local/breaking/ct-dennis-hastert-guilty-plea-hearing-met-20151027-story.html

Information Technology Sector

24. October 29, Securityweek – (International) 13 million passwords leaked from free hosting service. A security expert reported October 28 that 13 million personal user records including names, emails, and plaintext passwords from the free web hosting service, 000webhost.com were compromised after its main server was exploited via a flaw in its old version of PHP. To mitigate future breaches, 000webhost updated its systems, increased its encryption, and changed all passwords. Source: http://www.securityweek.com/13-million-passwords-leaked-free-hosting-service

25. October 29, Securityweek – (International) Several flaws patched in Xen Hypervisor. Researchers from Xen Project released a total of nine advisories addressing recently patched Xen hypervisor vulnerabilities including hypercall issues leveraged to cause a denial-of-service (DoS) condition via repeated logging to the hypervisor console, privilege escalation vulnerability, and a multicall issue exploited via a malicious guest to crash a host, amongst other patched security holes after experts from Citrix, Alibaba, and SUSE discovered each vulnerability. Source: http://www.securityweek.com/several-flaws-patched-xen-hypervisor?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

26. October 28, Securityweek – (International) “Chikdos” Malware abuses MySQL Servers for DDoS attacks. Researchers from Symantec reported that the Chikdos trojan malware designed to hijack both Linux and Windows, recently targeted MySQL servers via a malicious user-defined function (UDF) working as a downloader trojan (Downloader.Chikdos) that allows actors to conduct distributed denial-of-service (DDoS) attacks via SQL injection attacks. Symantec data confirms the most infected MySQL servers were located in India, China, Brazil, Holland, and the U.S. Source: http://www.securityweek.com/chikdos-malware-abuses-mysql-servers-ddos-attacks

27. October28, Securityweek – (International) Infinite Automation patches flaws in SCADA/HMI product. Infinite Automation Systems released an updated version of its Mango Automation product patching a series of vulnerabilities after researchers from ICS-CERT discovered unrestricted fire upload, information exposure, SQL injection, and cross-site scripting vulnerabilities. The version fixed all the flaws except an OS command injection and a cross-site request forgery (CSRF) flaw.

Communications Sector

Nothing to report