Friday, March 4, 2016



Complete DHS Report for March 4, 2016

Daily Report                                            

Top Stories

• Toyota Motor Corp., expanded a previous recall March 2 to include an additional 198,000 vehicles due to potentially defective Takata Corp front passenger air bag inflators. – Reuters

3. March 2, Reuters – (International) Toyota adds 331,200 vehicles to Takata air bag recalls. Toyota Motor Corp., expanded a previous recall March 2 to include an additional 198,000 vehicles including model year 2008 Corolla and Corolla Matrix and model years 2008 – 2010 Lexus SC 430 vehicles sold in the U.S. due to potentially defective Takata Corp front passenger air bag inflators that can activate with too much force and release metal shrapnel into the passenger compartment, severely injuring or killing passengers. The expanded recall affects an additional 331,200 vehicles worldwide. Source: http://www.reuters.com/article/us-autos-takata-toyota-idUSKCN0W42AW

• The U.S. Secretary of Defense announced March 2 that the Pentagon is launching a program dubbed “Hack the Pentagon” for white-hat hackers to attempt to breach the U.S. Department of Defense’s networks. – Associated Press

14. March 3, Associated Press – (National) Pentagon seeks hackers to test defense department’s cybersecurity. The U.S. Secretary of Defense announced March 2 that the Pentagon is launching a program dubbed “Hack the Pentagon” for white-hat hackers to attempt to breach the U.S. Department of Defense’s networks. Officials stated that the intent of the program is to invite responsible hackers to test the department’s cybersecurity in order to strengthen digital defenses and enhance national security. Source: http://www.foxnews.com/politics/2016/03/03/pentagon-seeks-hackers-to-test-defense-departments-cybersecurity.html

• Cisco Systems, Inc., released patches addressing critical vulnerabilities in several of its products including the NX-OS network operating system (OS) running on Nexus 3000 series and Nexus 3500 platform switches. – SecurityWeek See item 21 below in the Information Technology Sector

• The former owner of several sports memorabilia businesses in Maryland and Pennsylvania pleaded guilty to Federal charges February 29 after he obtained approximately $2.5 million through the sale of counterfeit sports jerseys and forged athletes’ signatures. – Salisbury Daily Times See item 28 below in the Communications Sector

Financial Services Sector

5. March 3, Chicago Tribune – (Illinois) FBI: ‘Pinball Bandit’ robs another Hyde Park bank. The FBI is searching for a suspect dubbed the “Pinball Bandit” after he allegedly robbed the Fifth Third Bank in Hyde Park, Illinois, March 2 and is suspected of committing five other bank robberies across Chicago since January. Source: http://www.chicagotribune.com/news/local/breaking/ct-fbi-pinball-bandit-robs-another-hyde-park-bank-20160303-story.html

Information Technology Sector

20. March 3, SecurityWeek – (International) Apple reissues security update after blocking Ethernet on Mac OS X. Apple Inc., reissued a security updates for its OS X El Capitan systems, which patched a blacklisting issue after an initial security update blocked Ethernet drivers and blocked Internet access to affected Mac systems when using an Ethernet connection. Apple reported that Wi-Fi connections were not affected. Source: http://www.securityweek.com/apple-reissues-security-update-after-blocking-ethernet-mac-os-x

21. March 3, SecurityWeek – (International) Cisco patches critical, high severity flaws in NX-OS. Cisco Systems, Inc., released software updates for several of its products including the NX-OS network operating system (OS) running on Nexus 3000 series, Nexus 3500 platform switches, which patched a critical vulnerability that could allow a remote, unauthenticated attacker to log into a compromised device with root privileges via an account with default credentials, among other vulnerabilities. Cisco also released patches for several other versions of its Nexus series products, including a high severity denial-of-service (DoS) vulnerability in the Simple Network Management Protocol (SNMP) input packet processor. Source: http://www.securityweek.com/cisco-patches-critical-high-severity-flaws-nx-os

22. March 3, SecurityWeek – (International) Hardcoded password exposes RSA Conference badge scanning app. Researchers from Bluebox Security reported that the badge scanning application provided by organizers of the 2016 RSA Conference to vendors was susceptible to a security bypass flaw after researchers analyzed the app’s code and discovered that the security mechanism could be bypassed due to an embedded plain text default password in the application’s code. Source: http://www.securityweek.com/hardcoded-password-exposes-rsa-conference-badge-scanning-app

23. March 3, Softpedia – (International) Ad Code for many advertising networks vulnerable to basic XSS attacks. An independent security researcher discovered that many advertising networks were unknowingly allowing attackers to launch cross-site scripting (XSS) attacks by not applying the same input sanitization procedures to data following a hash (#) in the code of the Uniform Resource Locator (URL). Attackers could spread links to legitimate, authentic pages that have malicious XSS payloads attached to the end of a URL. Source: http://news.softpedia.com/news/ad-code-for-many-advertising-networks-vulnerable-to-basic-xss-attacks-501284.shtml

24. March 3, Help Net Security – (International) Dell SecureWorks speeds up endpoint intrusion detection, response. Dell SecureWorks Inc., reported that it is launching its Advanced Endpoint Threat Detection (AETD) Red Cloak solution which is designed to cut down the time required to detect and respond to cyber-attacks, especially for non-malware attacks. The Software as a Service (SaaS) solution will be powered by experts from the Counter Threat Unit (CTU), who will provide updated threat intelligence information. Source: https://www.helpnetsecurity.com/2016/03/03/dell-secureworks-speeds-up-endpoint-intrusion-detection-response/

25. March 2, Softpedia – (International) Windows built-in PDF reader exposes Edge browser to hacking. A security researcher from IBM’s X-Force Advanced Research team discovered that Microsoft Window’s built-in Windows Runtime (WinRT) PDF for its Edge Web browser can be leveraged by attackers to execute drive-by attacks in a similar method that the Angler or Neutrino exploit kits (EK) deliver Flash, Java, or Silverlight payloads. Attackers can create a WinRT PDF exploit within their PDF file, which can be secretly opened while using an iframe positioned off screen with Cascading Style Sheets (CSS), and can use the malicious code to execute and exploit the WinRT PDF vulnerability. Source: http://news.softpedia.com/news/windows-built-in-pdf-reader-exposes-edge-browser-to-hacking-501265.shtml

For another story, see item 14 above in Top Stories

Communications Sector

Nothing to report

No comments: