Complete DHS Report for
December 21, 2015
Daily Report
Top Stories
• Fiat Chrysler Automobiles issued a recall December 18 for
nearly 56,000 of its Jeep Cherokee sport utility vehicles due to electrical
shorting or fire hazards caused by water leaking into the tail light control
module. – Associated Press
3. December
18, Associated Press – (International) Fiat Chrysler recalls Jeeps to fix water
leak. Fiat Chrysler Automobiles issued a worldwide recall December 18 for
nearly 56,000 of its 2015 – 2016 model year Jeep Cherokee sport utility
vehicles (SUV) after the company received 2 customer complaints of water
leaking into the tail light control module, that could cause an electrical
shorting and potentially pose a fire hazard. Source: http://www.cbsnews.com/news/fiat-chrysler-recalls-jeeps-to-fix-water-leak/
• Security researchers from FireEye reported a new banking
trojan, dubbed SlemBunk, was discovered targeting 33 international financial
institutes, 31 banks, and 2 online payment systems. – Softpedia See item 6 below in the Financial Services Sector
• Officials reported December 17 that two phone-in bomb
threats closed and evacuated the Dunkin’ Donuts, Starbucks, and the Marine
Corps Exchange and Commissary on Camp Lejeune, North Carolina for three hours.
– Marine Corps Times
14. December
17, Marine Corps Times – (North Carolina) Camp Lejeune bomb threat
close Starbucks, Dunkin Donuts. A Marine Corps Installation East spokesman
reported December 17 that two phone-in bomb threats closed the Dunkin’ Donuts
and Starbucks and prompted an evacuation of the Marine Corps Exchange and Commissary
on Camp Lejeune, North Carolina for three hours while military personnel and
explosive detection dogs searched the area for any explosive material.
Authorities found no explosive devices and deemed the area safe. Source: http://www.marinecorpstimes.com/story/military/2015/12/17/camp-lejeune-bomb-threats-close-starbucks-dunkin-donuts/77493440/
• A Pennsylvania man was arrested and charged December 17
for allegedly providing material support to a Middle East terrorist group by
using 57 Twitter accounts and posting the personal information of 100 members
of the U.S. military online. – USA Today
19. December
17, USA Today – (Pennsylvania) Feds: Pa. teen charged with providing support
to Islamic State. A Pennsylvania man was arrested and charged December 17
for conspiracy and for allegedly providing material support to the Middle East
terrorist group by advocating violence against the U.S. by using 57 Twitter
accounts and posting hyperlink contacts on the Internet of potential targets’
names and personal information of 100 members of the U.S. military. The man was
also allegedly found providing the maps and telephone numbers to the terrorist
organization.
Financial Services Sector
5. December
18, Chicago Sun-Times – (Illinois) Financial firm CEO arraigned on
fraud charges. The former chief executive officer (CEO) of Florida-based
First Farmers Financial LLC was charged with 5 counts of wire fraud December 17
after he allegedly sold 26 fraudulent loans worth $179 million to a Milwaukee
investment company by forging signatures and documents to mislead the company
into believing that the loans belonged to borrowers in Florida and Georgia. Source: http://chicago.suntimes.com/news/7/71/1190617/financial-firm-ceo-arraigned-fraud-charges
6. December
18, Softpedia– (International) SlemBunk Android banking trojan targets 31
banks across the world. Security researchers from FireEye reported a new
banking trojan, dubbed SlemBunk, was discovered targeting 33 international
financial institutes, 31 banks, and 2 online payment systems by installing a
fake Android Flash Player application, encoded with the trojan, that can
perform attacks such as gaining administrative privileges, communicating with command
and control (C&C) servers, watching over processes, and injecting a fake
login page onto legitimate banking applications. Source: http://news.softpedia.com/news/slembunk-android-banking-trojan-targets-31-banks-across-the-world-497808.shtml
Information Technology Sector
17. December
18, Help Net Security – (International) Critical ScreenOS bugs
allow undetectable decryption of VPN connections, device hijacking. Juniper
Networks released patches for a critical flaw, CVE-2015-7755, found in its
NetScreen devices that affects various ScreenOS software using unauthorized
code to allow illicit remote administrative access to the infected device over
secure shell (SSH) or telnet, enabling an attacker to decrypt encrypted virtual
private network (VPN) traffic. Researchers stated the company has not received
reports that the vulnerability has been exploited.
18. December
18, Help Net Security – (International) Microsoft will stop
trusting certificates from 20 certificate authorities. Microsoft reported
that its Trusted Root Certificate Program will no longer include twenty trusted
Certificate Authorities (CA) and will remove CA root certificates from the
Trusted Root CA store after the company could not comply with CA new program
prerequisites that added more stringent technical and auditing requirements.
Microsoft advised users to choose another trusted CA program. Source: http://www.net-security.org/secworld.php?id=19252
19. December
17, USA Today – (Pennsylvania) Feds: Pa. teen charged with providing support
to Islamic State. A Pennsylvania man was arrested and charged December 17
for conspiracy and for allegedly providing material support to the Middle East
terrorist group by advocating violence against the U.S. by using 57 Twitter
accounts and posting hyperlink contacts on the Internet of potential targets’
names and personal information of 100 members of the U.S. military. The man was
also allegedly found providing the maps and telephone numbers to the terrorist
organization. Source: http://www.msn.com/en-us/news/us/feds-pa-teen-charged-with-providing-support-to-islamic-state/ar-BBnG9rQ
For another story, see item 6 above in the Financial Services Sector
Communications Sector
Nothing to report