Complete DHS Report for January 11, 2016
Daily Report
Top Stories
• Officials reported January 6 that the San Luis Obispo
County Regional Airport in California will be closed after dark for several
nights due to lightning strikes that damaged the airport’s navigation aids. – KSBY
6 San Luis Obispo
7. January 6,
KSBY 6 San Luis Obispo – (California) Lightning strikes damage
navigation aids at SLO airport. Officials reported January 6 that the San
Luis Obispo County Regional Airport in California will be closed after dark for
several nights due to lightning strikes that damaged the airport’s navigation
aids. Authorities also stated that until repairs are completed, aircrafts
cannot take off or land after dark. Source: http://www.ksby.com/story/30902128/firefighters-respond-to-report-of-fire-at-slo-airport
• Campbell Soup Company announced January 7 that it will
begin disclosing the presence of genetically modified organisms (GMOs) in its
products within a 12 – 18 month time frame. – New York Times
9. January 7,
New York Times – (National) Campbell labels will disclose G.M.O. ingredients. Campbell
Soup Company announced January 7 that it will begin disclosing the presence of
genetically modified organisms (GMOs) in its products within a 12 – 18 month
time frame, joining the State of Vermont which will require the disclosure of
GMOs beginning in July. Source:
http://www.nytimes.com/2016/01/08/business/campbell-labels-will-disclose-gmo-ingredients.html
• A boiler room fire at Glenwood Middle School in Maryland
prompted the cancellation of classes January 5 – January 8 and the temporary
transfer of students to three other county schools during cleanup and repair
efforts. – Baltimore Sun
14. January 7,
Baltimore Sun – (Maryland) After fire and mold, Glenwood Middle students to
be relocated. A boiler room fire ignited by an electrical transformer at
Glenwood Middle School in Maryland prompted the cancellation of classes January
5 – January 8. Officials announced that students will be transferred to three
other county schools beginning January 11 during cleanup and repair efforts. Source: http://www.baltimoresun.com/news/maryland/howard/lisbon-fulton/ph-ho-cf-glenwood-move-0114-20160107-story.html
• The U.S. Federal Communication Commission reached a
$540,000 settlement with the former owner of Cumulus Media, Inc., January 7 to
settle allegations that the company violated sponsor identification laws. – Associated
Press See item 24 below in the Communications Sector
Financial Services Sector
2. January 7,
Sacramento Bee – (California) Two Sacramento residents plead guilty to roles
in credit card fraud scheme. Two Sacramento residents pleaded guilty
January 7 to their roles in a credit card fraud scheme involving the theft of
at least 500 credit and debit cards which affected at least 1,800 victims and
led to a an estimated loss of $186,000. The defendants worked with five other
co-conspirators to steal mail and create or receive fake credit and debit cards
in order to make fraudulent purchases at various retailers in the area. Source:
http://www.sacbee.com/news/local/crime/article53609775.html
3. January 7,
Reuters – (International) U.S. imposes sanctions on Lebanese man,
company for Hezbollah links. The U.S. Department of the Treasury imposed
sanctions January 7 freezing the assets of a Lebanese financer and his
telecommunications company, Spectrum Investment Group Holding SAL, after
discovering that the company was receiving millions of dollars from the
terrorist organization Hezbollah in order to invest in commercial projects that
would support the organization. Source: http://www.reuters.com/article/us-usa-hezbollah-sanctions-idUSKBN0UL28420160107
Information Technology Sector
18. January 8,
SecurityWeek – (International) Privilege escalation flaw found in VMware
tools. VMware released patches for its performance enhancement tools
including 201512102-SG patches for ESXi, version 11.1.2 for Workstation, and
version 7.1.2 for Player and Fusion products after a researcher from Secunia
Research Team discovered a memory corruption flaw in the Shared Folders (HGFS)
feature running on Microsoft Window products, which allowed attackers to
escalate their privileges in the guest operating system. Source: http://www.securityweek.com/privilege-escalation-flaw-found-vmware-tools
19. January 8,
SecurityWeek – (International) Adobe to release patches for Acrobat, Reader.
Adobe reported that it will release patches for Microsoft Windows and Apple
Mac versions for its Acrobat and Reader products January 12 resolving critical
vulnerabilities with a priority rate of 2 in several of its products. Source: http://www.securityweek.com/adobe-release-patches-acrobat-reader
20. January 8,
Help Net Security – (International) EZCast TV streaming stick leaves home
networks vulnerable to attack. Researchers from Check Point found a
vulnerability in the EZCast TV streaming stick that can enable attackers to
take full control of home networks ad view information stored on personal
networks via brute-force attacks and through a malicious link sent by most
messaging services, such as Facebook and Skype. EZCast TV runs on its own Wi Fi
network and can be easily hacked as the network is secured by an 8-digit
numeric password. Source: http://www.net-security.org/secworld.php?id=19301
21. January 8,
SecurityWeek – (International) Rogue app store targets non-jailbroken iOS
devices. Researchers from Proofpoint reported that a rogue app store called
vShare is a DarkSideLoader app store, which allows users to download more than
1 million paid applications for free without having to jailbreak Apple iOS
devices via sideloading applications through the use of a fraudulent or stolen
enterprise application distribution certificate with application resigning.
Once installed, the rogue application may use known or zero-day security
vulnerabilities to jailbreak devices or to gain administrative privileges. Source:
http://www.securityweek.com/rogue-app-store-targets-non-jailbroken-ios-devices
22. January 8,
SecurityWeek – (International) Cisco Targets RIG exploit kit. Researchers
from Cisco revealed that an analysis of 44 Internet Protocol (IP) addresses
used to disseminate the RIG exploit kit (EK) were found to be linked to the
same autonomous system number (ASN) associated with Webzilla and leased to a
downstream provider, Russia-based Eurobyte. Webzilla identified and blocked
malicious activities from customer hosts. Source: http://www.securityweek.com/cisco-targets-rig-exploit-kit
23. January 7,
SecurityWeek – (International) “Spymel” trojan uses stolen certificates to
evade detection. Researchers from Zscaler ThreatLabZ discovered the malware
dubbed Spymel has been targeting Microsoft Windows XP and Windows 7 systems to
steal information from compromised systems and spy on victims by using modules
to perform various attacks including logging keystrokes and saving the data to
a file and having the malware’s configuration data hardcoded inside the malware
executable. Spymel is disseminated via spam emails embedded with an archived
JavaScript file that downloads the malware from a remote server and installs it
on infected systems.
Communications Sector
24. January 8,
Associated Press – (National) FCC settles dispute over Northern Pass ads
sponsorship. The U.S. Federal Communication Commission reached a $540,000
settlement with the former owner of Cumulus Media, Inc., January 7 to settle
allegations that the broadcasting company violated sponsor identification laws
after an investigation revealed that the company did not identify the sponsor
for their support in the Northern Pass project. Cumulus Media will be required
to implement a compliance plan over 195 stations.
No comments:
Post a Comment