Monday, January 11, 2016



Complete DHS Report for January 11, 2016

Daily Report                                            

Top Stories

• Officials reported January 6 that the San Luis Obispo County Regional Airport in California will be closed after dark for several nights due to lightning strikes that damaged the airport’s navigation aids. – KSBY 6 San Luis Obispo

7. January 6, KSBY 6 San Luis Obispo – (California) Lightning strikes damage navigation aids at SLO airport. Officials reported January 6 that the San Luis Obispo County Regional Airport in California will be closed after dark for several nights due to lightning strikes that damaged the airport’s navigation aids. Authorities also stated that until repairs are completed, aircrafts cannot take off or land after dark. Source: http://www.ksby.com/story/30902128/firefighters-respond-to-report-of-fire-at-slo-airport

• Campbell Soup Company announced January 7 that it will begin disclosing the presence of genetically modified organisms (GMOs) in its products within a 12 – 18 month time frame. – New York Times

9. January 7, New York Times – (National) Campbell labels will disclose G.M.O. ingredients. Campbell Soup Company announced January 7 that it will begin disclosing the presence of genetically modified organisms (GMOs) in its products within a 12 – 18 month time frame, joining the State of Vermont which will require the disclosure of GMOs beginning in July. Source: http://www.nytimes.com/2016/01/08/business/campbell-labels-will-disclose-gmo-ingredients.html

• A boiler room fire at Glenwood Middle School in Maryland prompted the cancellation of classes January 5 – January 8 and the temporary transfer of students to three other county schools during cleanup and repair efforts. – Baltimore Sun

14. January 7, Baltimore Sun – (Maryland) After fire and mold, Glenwood Middle students to be relocated. A boiler room fire ignited by an electrical transformer at Glenwood Middle School in Maryland prompted the cancellation of classes January 5 – January 8. Officials announced that students will be transferred to three other county schools beginning January 11 during cleanup and repair efforts. Source: http://www.baltimoresun.com/news/maryland/howard/lisbon-fulton/ph-ho-cf-glenwood-move-0114-20160107-story.html

• The U.S. Federal Communication Commission reached a $540,000 settlement with the former owner of Cumulus Media, Inc., January 7 to settle allegations that the company violated sponsor identification laws. – Associated Press See item 24 below in the Communications Sector

Financial Services Sector

2. January 7, Sacramento Bee – (California) Two Sacramento residents plead guilty to roles in credit card fraud scheme. Two Sacramento residents pleaded guilty January 7 to their roles in a credit card fraud scheme involving the theft of at least 500 credit and debit cards which affected at least 1,800 victims and led to a an estimated loss of $186,000. The defendants worked with five other co-conspirators to steal mail and create or receive fake credit and debit cards in order to make fraudulent purchases at various retailers in the area. Source: http://www.sacbee.com/news/local/crime/article53609775.html

3. January 7, Reuters – (International) U.S. imposes sanctions on Lebanese man, company for Hezbollah links. The U.S. Department of the Treasury imposed sanctions January 7 freezing the assets of a Lebanese financer and his telecommunications company, Spectrum Investment Group Holding SAL, after discovering that the company was receiving millions of dollars from the terrorist organization Hezbollah in order to invest in commercial projects that would support the organization. Source: http://www.reuters.com/article/us-usa-hezbollah-sanctions-idUSKBN0UL28420160107

Information Technology Sector

18. January 8, SecurityWeek – (International) Privilege escalation flaw found in VMware tools. VMware released patches for its performance enhancement tools including 201512102-SG patches for ESXi, version 11.1.2 for Workstation, and version 7.1.2 for Player and Fusion products after a researcher from Secunia Research Team discovered a memory corruption flaw in the Shared Folders (HGFS) feature running on Microsoft Window products, which allowed attackers to escalate their privileges in the guest operating system. Source: http://www.securityweek.com/privilege-escalation-flaw-found-vmware-tools

19. January 8, SecurityWeek – (International) Adobe to release patches for Acrobat, Reader. Adobe reported that it will release patches for Microsoft Windows and Apple Mac versions for its Acrobat and Reader products January 12 resolving critical vulnerabilities with a priority rate of 2 in several of its products. Source: http://www.securityweek.com/adobe-release-patches-acrobat-reader

20. January 8, Help Net Security – (International) EZCast TV streaming stick leaves home networks vulnerable to attack. Researchers from Check Point found a vulnerability in the EZCast TV streaming stick that can enable attackers to take full control of home networks ad view information stored on personal networks via brute-force attacks and through a malicious link sent by most messaging services, such as Facebook and Skype. EZCast TV runs on its own Wi Fi network and can be easily hacked as the network is secured by an 8-digit numeric password. Source: http://www.net-security.org/secworld.php?id=19301

21. January 8, SecurityWeek – (International) Rogue app store targets non-jailbroken iOS devices. Researchers from Proofpoint reported that a rogue app store called vShare is a DarkSideLoader app store, which allows users to download more than 1 million paid applications for free without having to jailbreak Apple iOS devices via sideloading applications through the use of a fraudulent or stolen enterprise application distribution certificate with application resigning. Once installed, the rogue application may use known or zero-day security vulnerabilities to jailbreak devices or to gain administrative privileges. Source: http://www.securityweek.com/rogue-app-store-targets-non-jailbroken-ios-devices

22. January 8, SecurityWeek – (International) Cisco Targets RIG exploit kit. Researchers from Cisco revealed that an analysis of 44 Internet Protocol (IP) addresses used to disseminate the RIG exploit kit (EK) were found to be linked to the same autonomous system number (ASN) associated with Webzilla and leased to a downstream provider, Russia-based Eurobyte. Webzilla identified and blocked malicious activities from customer hosts. Source: http://www.securityweek.com/cisco-targets-rig-exploit-kit

23. January 7, SecurityWeek – (International) “Spymel” trojan uses stolen certificates to evade detection. Researchers from Zscaler ThreatLabZ discovered the malware dubbed Spymel has been targeting Microsoft Windows XP and Windows 7 systems to steal information from compromised systems and spy on victims by using modules to perform various attacks including logging keystrokes and saving the data to a file and having the malware’s configuration data hardcoded inside the malware executable. Spymel is disseminated via spam emails embedded with an archived JavaScript file that downloads the malware from a remote server and installs it on infected systems.

Communications Sector

24. January 8, Associated Press – (National) FCC settles dispute over Northern Pass ads sponsorship. The U.S. Federal Communication Commission reached a $540,000 settlement with the former owner of Cumulus Media, Inc., January 7 to settle allegations that the broadcasting company violated sponsor identification laws after an investigation revealed that the company did not identify the sponsor for their support in the Northern Pass project. Cumulus Media will be required to implement a compliance plan over 195 stations.

No comments: