Complete DHS Report for September 1, 2016
Daily Report
Top Stories
• Magellan Midstream Partners L.P. issued a recall August 31 for
approximately 449,400 gallons of gasoline delivered to retailers in the
Oklahoma City metropolitan area after it was discovered the gasoline contained
as much as 30 percent ethanol. – KOKI 23 Tulsa
1. August 31,
KOKI 23 Tulsa – (Oklahoma) Company recalls thousands of barrels of
high-ethanol gasoline in Oklahoma. Magellan Midstream Partners L.P. issued
a recall August 31 for approximately 449,400 gallons of its gasoline delivered
to retailers across the Oklahoma City metropolitan area August 23 – August 29
after it was discovered the gasoline contained as much as 30 percent ethanol,
which can cause engines to run poorly or fail. Officials are working to notify
impacted retailers. Source: http://www.fox23.com/news/company-recalls-thousands-of-barrels-of-high-ethanol-gasoline-in-oklahoma/432947099
• General Motors issued a recall August 30 for 367,808 of its
model year 2013 Chevrolet Equinox and GMC Terrain vehicles due to a problem in
the windshield wiper modules that could result in poor visibility while
driving. – TheCarConnection.com
2. August 30,
TheCarConnection.com – (National) 2013 Chevrolet Equinox and GMC Terrain recalled
for windshield wiper woes. General Motors issued a recall August 30 for
367,808 of its model year 2013 Chevrolet Equinox and GMC Terrain vehicles sold
in the U.S. due to a problem in the windshield wiper modules where the ball
joints may be prone to corrosion and wear, which could cause the modules to
slip out of their sockets and the windshield wipers to stop working, thereby
reducing visibility and increasing the risk of a crash. Source: http://www.thecarconnection.com/news/1105862_2013-chevrolet-equinox-and-gmc-terrain-recalled-for-windshield-wiper-woes
• SCAN Health Plan announced August 30 it is notifying about
87,000 members of a data breach after remote attackers accessed the names,
addresses, and Social Security numbers of members between March 2016 and June
2016. – SC Magazine
17. August 30,
SC Magazine – (National) 87K affected in SCAN Health Plan breach. SCAN
Health Plan announced August 30 it is notifying approximately 87,000 members of
a data breach after remote attackers, using legitimate employee credentials
gained access to the contact sheets system and accessed the names, addresses,
and Social Security numbers, among other personal information, of previous and
current members between March 2016 and June 2016. Officials believe the stolen
information was used for client development for an outside insurance agency. Source:
• Dropbox, Inc. began prompting password resets for more than 68
million users potentially exposed in a July 2012 data breach where user email
addresses and passwords may have been improperly accessed. – SecurityWeek See item 22 below in
the Information Technology Sector
Financial Services Sector
3. August 31,
Orange County Register; Southern California City News Service –
(California) ‘Baggy Eyes Bandit,’ suspected in Anaheim Hills, Placentia bank
robberies, has been arrested. A man dubbed the “Baggy Eyes Bandit” was
charged August 30 in connection with 2 bank robberies after he allegedly robbed
6 banks in Los Angeles, Riverside, San Bernardino, and Orange counties and
attempted to rob a Citibank branch in Anaheim Hills, California, August 27. Source: http://www.ocregister.com/articles/fbi-727492-bank-stepanyan.html
4. August 30,
U.S. Attorney’s Office, Northern District of Georgia – (Georgia)
Investment advisor pleads guilty to stealing from clients. A former
investment adviser and operator of Gist, Kennedy & Associates pleaded
guilty August 30 to defrauding more than 30 clients out of $5 million by
falsely informing investors that he would make conservative investments for
investors in corporate bonds and other securities, while he used the funds for
personal expenses, to fund ENCAP Technologies operations, and to pay other
clients proceeds and dividends from the fraudulent investments. Officials
stated the adviser also prepared and mailed false account statements to the
investors that showed false investment returns in order to continue the fraud
scheme. Source: https://www.justice.gov/usao-ndga/pr/investment-advisor-pleads-guilty-stealing-clients
Information Technology Sector
22. August 31,
SecurityWeek – (International) 68 million exposed in old Dropbox hack. Dropbox,
Inc. began prompting password resets for more than 68 million users potentially
exposed in a July 2012 data breach where user email addresses and hashed and
salted passwords for Dropbox accounts may have been improperly accessed after a
Dropbox employee’s password was stolen and used to access an employee account
that contained a document containing the user information. Dropbox officials do
not believe any account was improperly accessed during the breach.
23. August 31,
SecurityWeek – (International) Vulnerabilities found in CryptWare BitLocker
enhancement tool. CryptWare released CryptoPro Secure Disk 5.2.1 for
BitLocker addressing two serious vulnerabilities, one of which can be exploited
to access a root shell at boot and execute arbitrary commands, as CryptoPro
Secure Disk improperly blocks terminal access, and a second serious flaw that
can be exploited to modify files on the system and bypass the verification
process, which can be leveraged to backdoor the system and steal sensitive
information such as domain credentials and BitLocker, among other information,
due to inadequate verification mechanisms.
24. August 31,
Softpedia – (International) Unsophisticated Revenge RAT released online
for free. Security researchers discovered a malware coder named Napoleon
released a new remote access trojan/tool (RAT), dubbed Revenge v0.2 online for
free via underground hacking forums. Researchers found the RAT is able to
access the user’s Webcam, open a remote shell, initiate remote desktop
sessions, interact with the victim’s file manager, and manage operating system
(OS) services, among other malicious actions. Source: http://news.softpedia.com/news/unsophisticated-revenge-rat-released-for-free-online-507776.shtml
25. August 30,
SecurityWeek – (International) Site of BitTorrent app “Transmission” again
used to deliver OS X malware. Security researchers from ESET reported that
the official Website for the BitTorrent client, Transmission was being
exploited to distribute an Apple Mac operating system (OS) X malware, dubbed
OSX/Keydnap that steals the content of the OS X keychain and maintains a
permanent backdoor on an infected system after finding that cybercriminals
compromised the Transmission site and replaced the legitimate app with a
malicious version, which was available for download as Transmission v2.92
between August 28 and August 29. Researchers stated users can determine if their
systems are infected by checking if files associated with the malware are
present on their system. Source: http://www.securityweek.com/site-bittorrent-app-transmission-again-used-deliver-os-x-malware
Communications Sector
26. August 30,
U.S. Attorney’s Office, Southern District of Florida –
(International) Miami Gardens resident pleads guilty to participating in
sophisticated international cellphone fraud scheme. A Miami Gardens,
Florida resident pleaded guilty August 29 for his role in an international
cellphone fraud scheme where he and co-conspirators stole access to and
fraudulently opened new cellphone accounts with the personal information of
various U.S. residents, trafficked in nearly 11,000 cellphone customers’
telecommunication identifying information, and reprogrammed the cellphones to transmit
thousands of international calls to countries with high calling rates, which
were billed to the victims’ compromised accounts. Officials reported that the
scheme caused at least $1 million dollars in losses. Source: https://www.justice.gov/usao-sdfl/pr/miami-gardens-resident-pleads-guilty-participating-sophisticated-international
No comments:
Post a Comment