Complete DHS Report for February 3, 2016
Daily Report
Top Stories
• A snow storm February 1 forced the cancellation of
hundreds of flights in the Denver area, closed part of Interstate 70 in Eastern
Colorado, and caused a pileup on Interstate 80 in Nevada due to whiteout
conditions. – Associated Press
7. February
2, Associated Press – (National) Colorado snowstorm sets stage for slick
conditions. A snow storm February 1 forced the cancellation of a third of
the flights traveling out of the Denver International Airport as well as the
closure of Interstate 70 in Eastern Colorado due to whiteout conditions. The
snowy weather also caused a pileup on Interstate 80 in Nevada and heavy winds
in Southern California knock down power poles and trees, killing one driver. Source: http://www.chicagotribune.com/news/weather/sns-bc-us--severe-weather-20160202-story.html
• The U.S. Centers for Disease Control and Prevention
announced February 1 that 2 separate E. coli outbreaks at Chipotle Mexican
Grill, Inc., were over following a Federal investigation. – CNBC; Associated
Press
14. February 1, CNBC;
Associated Press – (National) CDC declares Chipotle-linked E. coli
outbreak over. The U.S. Centers for Disease Control and Prevention
announced February 1 that 2 separate E. coli outbreaks at Chipotle Mexican
Grill, Inc., which sickened 60 people across 14 States, were over following a
Federal investigation. Officials were unable to identify the ingredient
responsible for the contamination. Source: http://www.cnbc.com/2016/02/01/cdc-declares-chipotle-linked-e-coli-outbreak-over.html
• Neiman Marcus Group reported that approximately 5,200
online customer accounts were compromised February 2 after hackers used stolen
credentials from other breached organizations to abuse the company’s database
and make unauthorized purchases. – SecurityWeek
26. February 2,
SecurityWeek – (International) Neiman Marcus says hackers breached
customer accounts. Neiman Marcus Group reported that approximately 5,200
online customer accounts which stored customers’ personal contact information,
last four digits of credit card numbers, and purchase history were compromised
February 2 after hackers used stolen credentials from other breached organizations
to abuse the company’s database and make unauthorized purchases on Neiman
Marcus Web sites. The luxury retail store is investigating the incident and
notified its customers the week of January 25 of the breach. Source: http://www.securityweek.com/neiman-marcus-says-hackers-breached-customer-accounts
• Landry’s Incorporated reported February 1 that its
payment processing system was compromised at several of its locations after the
company found a malicious program installed onto its payment processing
systems. – KPLC 7 Lake Charles
27. February 2, KPLC 7
Lake Charles – (Louisiana) Data breach at Golden Nugget may affect you. Landry’s
Incorporated reported February 1 that its payment processing system was
compromised at several of its locations including the Golden Nugget Casino in
Lake Charles, Louisiana after the company found a malicious program installed
onto its payment processing systems at its restaurants, food and beverage
outlets, spas, entertainment destinations, and managed properties. The company
has implemented enhanced security measures to mitigate future breaches and
advised customers to monitor their bank accounts for any suspicious activity. Source:
http://www.kplctv.com/story/31114015/data-breach-at-golden-nugget-may-affect-you
Financial Services Sector
5. February 1, U.S. Drug
Enforcement Administration – (International) DEA and European
authorities uncover massive Hizballah drug and money laundering scheme. The
U.S. Drug Enforcement Administration (DEA) announced February 1 significant
enforcement activity including the arrests of top leaders of the European cell
of the Lebanese Hizballah’s External Security Organization Business Affairs
Component (BAC) as part of Project Cassandra, an ongoing global investigation
that involves law enforcement agencies in seven countries, which found that the
network participates in international criminal activities such as drug
trafficking cocaine to European and U.S. drug markets, laundering drug proceeds
through the Black Market Peso Exchange, and using the proceeds to provide
revenue and a weapons stream for Hizballah’s activities in Syria and worldwide.
Source: http://www.dea.gov/divisions/hq/2016/hq020116.shtml
Information Technology Sector
22. February 2, Softpedia
– (International) Compromised WordPress sites hijacked over and over
again to show unwanted ads. Security researchers from Sucuri discovered a
new campaign that targets WordPress Web sites after finding that all of the
sites’ JavaScript files were infected with malicious codes to load an iframe,
show advertisements, and leave an unknown backdoor on each Web page with the
intention to reinfect Web sites once the pages were cleaned. Researchers
reported that if victims hosted several domains on the same hosting account,
all of the domains will be affected via cross-site contamination. Source: http://news.softpedia.com/news/compromised-wordpress-sites-hijacked-over-and-over-again-to-show-unwanted-ads-499775.shtml
23. February 2, Softpedia
– (International) Deja-Vu: Google fixes another RCE vulnerability in the
Mediaserver component. Google released patches for its Android mobile
operating system (OS) fixing 13 flaws including 3 elevation of privilege issues
in the Qualcomm Wi-Fi driver, and 2 remote code execution (RCE) vulnerabilities
in its Mediaserver component that allowed an attacker to craft a malicious
multimedia file and cause a memory corruption in the phone’s OS, among other
exploits.
24. February
1, Softpedia – (International) Joomla zero-day accounted for the
majority of web attacks in Q4 2015. The Solutionary Security Engineering
Research Team (SERT) released a report titled, “Sert Quarterly Threat Report Q4
2015” which stated that malware attacks had increased during the past quarter,
with virus and worm numbers increasing by 236 percent compared to Quarter 3
(Q3) and that ransomware attacks were growing within the U.S., accounting for
78 percent of all malware delivered during Quarter 4 (Q4). In addition, the
report stated most violations were Web applications that targeted flaws in
Web-based software and leveraged the Joomla zero-day vulnerability in Q4, among
other information. Source: http://news.softpedia.com/news/joomla-zero-day-accounted-for-the-majority-of-web-attacks-in-q4-2015-499742.shtml
25. February 1, The
Register – (International) WirelessHART industrial control kit is
riddled with security holes. Security researchers from Applied Risk
discovered several flaws in various WirelessHART products that could enable
attackers to manipulate instruments and compromise process data integrity due
to its low security protocol within its implementation layer, allowing hackers
to extract the encryption key. Source: http://www.theregister.co.uk/2016/02/01/wirelesshart_ics_vuln/
Communications Sector
Nothing to report
No comments:
Post a Comment