Thursday, February 25, 2016



Complete DHS Report for February 25, 2016

Daily Report                                            

Top Stories

• At least 3 people were killed and over 30 others were injured when several tornadoes moved through southern Louisiana and Mississippi February 23, destroying dozens of homes and businesses, and knocking down a water tower. – Reuters

14. February 24, Reuters – (National) Tornado kills three, injures dozens in Louisiana, Mississippi. At least 3 people were killed and over 30 others were injured when several tornadoes moved through southern Louisiana and Mississippi February 23, destroying dozens of homes and businesses, and knocking down a water tower. Schools and government offices were cancelled or closed early due to the weather. Source: http://www.reuters.com/article/us-usa-weather-idUSKCN0VW1R5

• Heavy snowfall in Missouri and Illinois closed over 500 schools and businesses, cancelled several flights out of Lambert-St. Louis International Airport, and knocked out power to thousands of customers February 24. – KTVI 2 St. Louis

15. February 24, KTVI 2 St. Louis – (Missouri) Storm causes school closures, power outages, traffic delays. Over 500 schools and businesses in Missouri and Illinois were closed February 24 following heavy snowfall that also cancelled several flights out of Lambert-St. Louis International Airport and knocked out power to thousands of customers. Source: http://fox2now.com/2016/02/24/storm-causing-school-closures-power-outages-traffic-delays/

• Proofpoint released a report titled, Human Factor 2016 which stated that cybercriminals were using social engineering as an attack technique to trick victims into infecting their own computer systems rather than using automated exploit technology. – SecurityWeek See item 17 below in the Information Technology Sector

• The Sugar Hill RV Park in Convent, Louisiana sustained extensive damage February 23 after severe weather conditions overturned several RVs, injuring more than 37 residents and killing 2 others. – WVUE 8 New Orleans

19. February 23, WVUE 8 New Orleans – (Louisiana) 2 confirmed dead at convent RV park; rescues ongoing. The Sugar Hill RV Park in Convent, Louisiana sustained extensive damage February 23 after severe weather conditions overturned several RVs, injuring more than 37 residents and killing 2 others. Emergency crews were working to clean the debris and were assisting displaced residents. Source: http://www.fox8live.com/story/31296638/convent-rv-park-reduced-to-rubble-rescues-ongoing

Financial Services Sector

4. February 23, Associated Press – (International) Mexican man facing 30 years in prison for running a $15 million investment on both sides of border. A Mexican businessman was found guilty February 19 on Federal charges for running a $15 million investment scheme within Texas and Mexico by forming several unlicensed advising companies in Texas and promoting himself as an expert of stocks, bonds, oil and gas, precious metals, and currency. The scheme swindled money from over 100 investors from August 2010 – 2012. Source: http://www.cbs7.com/content/news/Mexican-Man-Facing-30-Years-In-Prison-for-Running-a-15-Million-Investment-On-Both-Sides-of-Border--369805821.html

Information Technology Sector

16. February 24, SecurityWeek – (International) Exploit for recently patched Silverlight flaw added to Angler. A security researcher discovered that a previously patched Microsoft Silverlight exploit was used by Angler developers to add code in its Angler exploit kit (EK) and deliver a variant of the TeslaCrypt ransomware to infect victims. Researchers stated the attack was not effective if targets installed the patched Silverlight version onto their systems.

17. February 23, SecurityWeek – (International) Cybercriminals view people as the best exploit: report. Proofpoint released a report titled, Proofpoint Human Factor 2016 which stated that cybercriminals were using social engineering as an attack technique to trick victims into infecting their own computer systems rather than using automated exploit technology, and that 98 percent of Universal Resource Languages (URLs) in malicious email campaigns required human interaction to infect a system. In addition, the report stated that people willingly downloaded more than two billion mobile applications designed to steal user data, create backdoors on compromised devices, and perform other malicious functions. Source: http://www.securityweek.com/cybercriminals-view-people-best-exploit-report

For another story, see item 18 below in the Communications Sector

Communications Sector

18. February 23, U.S. Federal Trade Commission – (International) ASUS settles FTC charges that insecure home routers and “cloud” services put consumers’ privacy at risk. The U.S. Federal Trade Commission announced February 23 that Taiwan-based ASUSTeK Computer, Inc., agreed to settle charges that its routers, plagued with critical security flaws, put the home networks of hundreds of thousands of consumers at risk and compromise thousands of consumers’ connected storage devices via the router’s AiCloud and AiDisk services, which exposed customers’ personal information on the Internet. The proposed consent order will require the company to establish and maintain a comprehensive security program subject to independent audits for 20 years and will require the company to notify consumers about software updates or other necessary actions to protect against security flaws. Source: https://www.ftc.gov/news-events/press-releases/2016/02/asus-settles-ftc-charges-insecure-home-routers-cloud-services-put