Thursday, January 28, 2016



Complete DHS Report for January 28, 2016

Daily Report                                            

Top Stories

• The Federal Aviation Administration announced January 26 that it will transfer controllers to address understaffing following an inspector general report which found that 13 airport control facilities have few fully trained controllers. – Associated Press

4. January 27, Associated Press – (National) Watchdog: Nation’s busiest airports lack qualified air traffic controllers. The Federal Aviation Administration announced that it is expediting the transfer of controllers from well-staffed traffic control centers to address understaffing at other centers following the January 26 release of a U.S. Department of Transportation’s inspector general report which found that 13 airport control facilities and en route centers in Anchorage, Atlanta, Chicago, Denver, Dallas, Houston, New York, Las Vegas, Miami, and Albuquerque have few fully trained controllers. The report also questions the validity of minimum staffing levels required by the administration after managers at 23 key facilities examined cited a higher number of controllers needed to fill all work shifts. Source: http://www.foxnews.com/us/2016/01/27/watchdog-nations-busiest-airports-lack-qualified-air-traffic-controllers.html

• Texas officials estimated that approximately 800,000 gallons of treated sludge wastewater spilled out of the Aransas Pass city treatment plant and into Redfish Bay January 26. – Corpus Christi Caller-Times

10. January 26, Corpus Christi Caller-Times – (Texas) 800,000 gallons of wastewater spilled in Redfish Bay. Officials estimated that approximately 800,000 gallons of treated sludge wastewater spilled out of the Aransas Pass city treatment plant and into Redfish Bay after the main pump to the clarifier failed January 26. All private water well residents within a half-mile of the affected area were placed under a boil water advisory. Source: http://www.caller.com/news/local/800000-gallons-of-wastewater-spilled-in-redfish-bay-2a485a28-b024-1385-e053-0100007f262d-366644131.html

• PayPal patched a critical remote code execution flaw in its Manager portal which could potentially allow attackers to execute arbitrary shell commands to gain access to production databases. – The Register See item 19 below in the Information Technology Sector

• A six-alarm fire in a downtown New Orleans building halted all streetcar lines and closed the historic Canal Street after the blaze began in a four-story building and spread to an adjacent building January 27. – Associated Press

23. January 27, Associated Press – (Louisiana) No injuries as fire closes New Orleans’ historic Canal St. A six-alarm fire in a downtown New Orleans building halted all streetcar lines and closed the historic Canal Street, which contains several restaurants and businesses, after the blaze began in a four-story building and spread to an adjacent building January 27. No injuries were reported and the cause of the incident is under investigation. Source: http://wkrn.com/2016/01/27/new-orleans-firefighters-battling-fire-on-canal-street/

Financial Services Sector

3. January 26, Lincoln Journal Star – (Iowa; Nebraska) 3 Cubans indicted in Nebraska for credit card scam. Nebraska officials announced January 26 that 3 Cuban-born Texas men were indicted for allegedly participating in a scheme in which they allegedly stole credit and debit account numbers and re-encoded the information onto 251 fake credit cards to buy or redeem gift cards across Iowa and Nebraska. The scheme cost cardholders nearly $30,000 in losses. Source: http://journalstar.com/news/local/911/cubans-indicted-in-nebraska-for-credit-card-scam/article_6e5773ca-2754-5fcc-ba51-79ef1a2c5609.html

Information Technology Sector

18. January 27, SecurityWeek – (International) Hackers can abuse HP enterprise printers for storage. A researcher from MacKeeper reported that misconfigured enterprise devices can be susceptible to hosting malicious code and evading detection by security products, in addition to allowing attackers to use free, open-source tools to upload files to HP printers and interact with the devices over port 9100 through access via a web browser at “http:/// hp/device /.” HP advised users to protect their printers by implementing a logging system on each device and turning off unused ports and protocols. Source: http://www.securityweek.com/hackers-can-abuse-hp-enterprise-printers-storage

19. January 27, The Register – (International) PayPal patches deadly server remote code execution flaw. PayPal patched a critical remote code execution flaw after an independent security researcher discovered the flaw in PayPal’s Manager portal, hosted at manager.paypal.com which could potentially allow attackers to execute arbitrary shell commands on PayPal’s servers through a Java object deserialization bug to gain access to production databases. Source: http://www.theregister.co.uk/2016/01/27/paypal_patches_deadly_server_remote_code_execution_flaw_pays_5k/

20. January 27, SecurityWeek – (International) Check Point unveils new threat prevention appliances. Check Point network security firm released new hardware appliances, including its 15000 and 23000 Series for enterprise networks targeted with zero-day threats that allow each new hardware to run all security protections simultaneously including full Secure Sockets Layer (SSL) traffic inspection, advanced monitoring, and threat prevention protocols without creating a performance bottleneck or compromising security effectiveness. Source: http://www.securityweek.com/check-point-unveils-new-threat-prevention-appliances

21. January 26, SecurityWeek – (International) Blended DDoS attacks grow in size, complexity, frequency: Report. Arbor Networks released its 11th Annual Worldwide Infrastructure Security Report (WISR) which revealed that distributed denial-of-service (DDoS) attacks targeted enterprise networks’ infrastructure, applications, and services simultaneously, increased through cloud-based services by 29 percent from 2015, and focused on Doman Name System (DNS) servers rather than Hypertext Transfer Protocol (HTTP) services. In addition, the report stated that 50 percent of enterprises firewalls failed due to successful DDoS attacks. Source: http://www.securityweek.com/blended-ddos-attacks-grow-size-complexity-frequency-report

22. January 26, Softpedia – (International) NanoLocker ransomware can be cracked, but only under certain conditions. A Canadian security researcher discovered a flaw in the NanoLocker ransomware’s operations that can halt the ransomware’s encryption by restarting a victim’s personal computer (PC) or entering the PC into sleep mode, which stops the encryption process and leaves the configuration file in an uncompleted encryption stage. While in the uncompleted encryption state, the Canadian security researcher created a decrypter to restore encrypted files from the ransomware, which can be downloaded from GitHub or from Google Drive. Source: http://news.softpedia.com/news/nanolocker-ransomware-can-be-cracked-but-only-under-certain-conditions-499455.shtml

Communications Sector

Nothing to report