Complete DHS Report for January 22, 2016
Daily Report
Top Stories
• Researchers from Symantec discovered attackers were
targeting finance departments of small and medium-sized businesses in India,
the United Kingdom, and the U.S. to download financial software as well as
other sensitive files. – SecurityWeek See item 3 below in the Financial Services Sector
• Freezing rain
and sleet caused at least 70 crashes over a 10-hour period in Chattanooga
January 20, forcing the temporary shutdown of Roberts Mill Road, the W Road,
Highway 111, and Shoal Creek Road. – Chattanooga Times Free Press
9. January
20, Chattanooga Times Free Press – (Tennessee) Icy roads lead to
70 crashes in Chattanooga region, temps expected to warm today. Freezing
rain and sleet caused at least 70 crashes over a 10-hour period in Chattanooga
January 20, forcing the temporary shutdown of Roberts Mill Road, the W Road,
Highway 111, and Shoal Creek Road. North and southbound lanes of Interstate 75
were also shut down for approximately
2 hours after steel from a semi-truck fell onto the roadway. Source: http://www.timesfreepress.com/news/local/story/2016/jan/20/i75-shut-down-near-ooltewah-traffic-woes-across-area/345650/
• The Arkansas State agency’s board of commissioners
approved a $61 million loan for Little Rock Wastewater January 20 to conduct
sewer system improvements at 2 wastewater treatment plants. – Arkansas
Democrat Gazette
13. January
21, Arkansas Democrat-Gazette – (Arkansas) Little Rock utility
cleared for $61M for work at 2 sewer plants. The Arkansas State agency’s
board of commissioners approved a $61 million loan for Little Rock Wastewater
January 20 to conduct sewer system improvements at Adams Field and Fourche
Creek wastewater treatment plants to help prevent overflows during heavy rains.
The loan is part of an estimated $220 million request from the utility for
improvement projects around the State. Source: http://www.arkansasonline.com/news/2016/jan/21/lr-utility-cleared-for-61m-for-work-at-/?f=news-arkansas
• The U.S. Department of Defense (DoD) announced January 20
that driver’s licenses from Minnesota, New Mexico, and several other states
will no longer be accepted as proof of identity at DoD installations
nationwide. – U.S. Department of Defense
18. January
20, U.S. Department of Defense – (National) Licenses from 5
states banned at DoD bases. The U.S. Department of Defense (DoD) announced
January 20 that driver’s licenses from Minnesota, New Mexico, Illinois,
Missouri, and Washington will no longer be accepted as proof of identity at DoD
installations nationwide as a result of the REAL ID Act of 2005. Source: http://www.defense.gov/News-Article-View/Article/643615/licenses-from-5-states-banned-at-dod-bases
Financial Services Sector
3. January
20, SecurityWeek – (International) Cybercriminals target bank accounts of firms
in UK, US, India. Researchers from Symantec discovered attackers were
targeting finance departments of small and medium-sized businesses in India,
the United Kingdom, and the U.S. to download financial software and steal
files, passwords, and money by using stolen accounts to distribute malicious
emails embedded with one of two remote access Trojans (RATs), that if deployed
gives attackers complete control over the infected device and enables attackers
to log keystrokes, among other actions. Researchers believe the attackers are
based in Europe or the U.S.
4. January
20, Phoenix Business Journal – (Arizona) Former Kingman finance
director arrested
for $1.1M fraud. The
former Kingman Budget Analyst and Interim Finance Director was arrested and
charged January 20 for 23 felony counts including theft, forgery, and misuse of
public monies after she allegedly stole more than $1 million from the city by
using a city credit card for personal expenses, falsifying invoices to account
for the charges, misappropriating funds from a bank account used to fund the
city’s Employees Benefits Trust, and altering account settings that granted her
sole authority to initiate and approve transactions. Source: http://www.bizjournals.com/phoenix/news/2016/01/20/former-kingman-finance-director-arrested-for-1-1m.html
Information Technology Sector
21. January
21, Softpedia – (International) Threat group uses dating sites to build a
botnet of vulnerable home routers. Damballa security researchers reported
that a Linux ELF binary, a variant of TheMoon worm, was targeting Home Network
Administration Protocol (HNAP) by using adult dating Web sites to infect home
routers and prevents consumers from using their routers’ inbound ports via a
malicious iframe embedded on the malicious web pages. Researchers reported the
worm is spread by opening outbound ports on the router to infect other routers. Source: http://news.softpedia.com/news/threat-group-uses-dating-sites-to-build-a-botnet-of-vulnerable-home-routers-499209.shtml
22. January
21, SecurityWeek – (International) Google Chrome 48 patches 37 security flaws. Google
released its newest web browser version, Chrome 48 for Microsoft Windows, Apple
Mac, and Linux users that patches 37 security vulnerabilities including a bad
cast flaw in V8, a use-after-free bug in PDFium, and six other vulnerabilities
found by external researchers, among other patched flaws. In addition, company
officials reported the updated version included a series of improvements to the
browser. Source: http://www.securityweek.com/google-chrome-48-patches-37-security-flaws
23. January
21, Help Net Security – (International) Fake Facebook emails
deliver malware masquerading as audio message. Researchers from Comodo
reported that a similar malware, previously targeting WhatsApp users, has been
targeting Facebook users to steal information about a victim’s computer and
send the stolen information to a command-and-control (C&C) server where
attackers can send additional malware via malicious emails embedded with a
variant of the Nivdort information-stealing Trojan. Once the malicious email is
open, the malware will replicate itself into “C:/” directory and add a Windows
Registry entry, allowing the malware to run automatically after each restart or
shutdown of the device. Source:
http://www.net-security.org/malware_news.php?id=3191
24. January
20, Softpedia – (International) Malvertising returns on Microsoft’s MSN
portal. Security researchers from Malwarebytes reported that Microsoft’s
MSN portal was susceptible to malvertising campaigns via the Nuetrino and RIG
exploit kits (EK) by creating new domains used a few days prior to each attack
or hiding behind the CloudFlare service. Researchers advised users to use a
security product to block incoming malware. Source: http://news.softpedia.com/news/malvertising-returns-on-microsoft-s-msn-portal-499179.shtml
Communications Sector
Nothing to report
No comments:
Post a Comment