Complete DHS Report for April 6, 2016
Daily Report
Top Stories
• A U.S. district judge in New Orleans gave final approval April 4
to an estimated $20 billion settlement over the 2010 BP oil spill in the Gulf
of Mexico that killed 11 workers and caused a 134-million-gallon spill. – Associated
Press
2. April 5,
Associated Press – (International) US judge OKs $20B settlement from 2010 BP oil
spill. A U.S. district judge in New Orleans gave final approval April 4 to
an estimated $20 billion settlement over the 2010 BP oil spill in the Gulf of
Mexico that killed 11 workers and caused a 134-million-gallon spill. The
settlement resolves Clean Water Act penalties and will cover the cost of
environmental damage and other claims by five Gulf of Mexico States and local
governments. Source: http://abcnews.go.com/US/wireStory/us-judge-oks-20b-settlement-2010-bp-oil-38142701
• TransCanada Corporation shut down the Keystone pipeline until
further notice after a potential leak was reported April 2 in Hutchinson
County, South Dakota. – Associated Press
3. April 5,
Associated Press – (South Dakota) Keystone pipeline shut down as possible leak
investigated. TransCanada Corporation shut down the Keystone pipeline until
further notice after a potential leak was reported April 2 in Hutchinson
County, South Dakota. Crews reported to the site to remove the oil and
investigate the source of the leak.
• Officials from the Trump Hotel Collection reported April 4 that
they were investigating a potential breach in its credit card systems after
sources in the financial sector detected fraudulent transactions on customers’
credit cards. – Krebs On Security
27. April 4,
Krebs On Security – (International) Sources: Trump Hotels breached again. Officials
from the Trump Hotel Collection reported April 4 that they were investigating a
potential breach in its credit card systems which affects more than a dozen
global properties after three sources in the financial sector discovered a
pattern of fraudulent transactions on customers’ credit cards. Source: http://krebsonsecurity.com/2016/04/sources-trump-hotels-breached-again/
• A 3-alarm fire at a metal recycling center in Montclair,
California, April 4 closed westbound lanes of Mission Boulevard for several
hours and prompted 8 homes, 1 mobile home park, 1 motel, and 40 other
apartments to evacuate. – KABC 7 Los Angeles
29. April 4,
KABC 7 Los Angeles – (California) Large fire erupts at metal recycling center in Montclair.
Police reported April 4 that a 3-alarm fire at a metal recycling center in
Montclair, California, closed westbound lanes of Mission Boulevard for several
hours and prompted 8 homes, 1 mobile home park, 1 motel, and 40 other
apartments to evacuate while 5 fire departments worked to contain the blaze.
One person was injured and officials stated it would take several hours before
crews could enter the recycling center due to burned hazardous material. Source: http://abc7.com/news/large-fire-erupts-at-metal-recycling-center-in-montclair/1275927/
Financial Services Sector
5. April 5,
U.S. Department of Justice – (International) Two former senior
executives of global financial services company charged in scheme to defraud
clients through secret trading commissions on billions of dollars in securities
trades. Two former executives of a Boston-based financial services company
were charged in an indictment unsealed April 5 for their roles in a scheme
where the duo and co-conspirators allegedly added secret commissions to
billions of dollars of fixed income and equity trades performed for at least
six clients of the bank’s transition management business, thereby overcharging
the clients by millions of dollars. The indictment also alleges that from
February 2010 to September 2011 the pair took action to hide the commission
from the clients and other bank employees. Source: https://www.justice.gov/opa/pr/two-former-senior-executives-global-financial-services-company-charged-scheme-defraud-clients
Information Technology Sector
20. April 5,
SecurityWeek – (International) Researchers bypass patch for old IBM Java
flaw. The founder and chief executive officer (CEO) of Security
Explorations reported that a sandbox escape vulnerability in IBM Java, which
was previously patched in 2013, could still be exploited by attackers after
discovering the flaw could be abused by making minor modifications to the
proof-of-concept (PoC) code published by the company in July 2013. A patch has
yet to be released, but IBM was working to release a fix.
21. April 4,
The Register – (International) Top Firefox extensions can hide silent
malware using easy pre-fab tool. Two U.S. security researchers at the Black
Hat Asia 2016 security conference reported that Mozilla’s Firefox extensions
were open to attacks that can compromise machines and pass automated and human
security tests by reusing attack exploit weaknesses in the structure of Firefox
extensions to disguise malicious activity as legitimate functionality. Source: http://www.theregister.co.uk/2016/04/04/top_firefox_extensions_can_hide_silent_malware_using_easy_prefab_tool/
22. April 4,
SecurityWeek – (International) Path traversal flaw found in ICONICS WebHMI. A
German researcher discovered that ICONICS’ WebHMI product was plagued with a
directory traversal flaw that could allow a remote attacker to access
configuration files that stored password hashes and other information by
sending a request to a vulnerable WebHMI product via the Internet. ICONICs have
not released a patch and advised users to avoid exposing the product to the
Internet.
23. April 4,
IDG News Service – (International) HTTP compression continues to put encrypted
communications at risk. Security researchers from the National Technical
University of Athens reported at the Black Hat Asia 2016 security conference
that they made improvements to the Browser Reconnaissance and Exfiltration via
Adaptive Compression of Hypertext (BREACH) attack to make it practical for
hacking Transport Layer Security (TLS) block ciphers such as Advanced
Encryption Standard (AES) by intercepting a victim’s Web traffic through a
router connected to a wireless network. Source: http://www.computerworld.com/article/3051677/security/http-compression-continues-to-put-encrypted-communications-at-risk.html#tk.rss_security
24. April 4,
Softpedia – (International) Chrome extension caught hijacking users’
browsers. Google reported that it banned the Better History Chrome
extension from its Web Store after users reported that the extensions
redirected them to click on a Hypertext Transfer Protocol (HTTP) link that lead
to an extra Web page showing several types of advertisements. The extra Web
page collected analytics on users which could be later used to sell online to
advertisers. Source: http://news.softpedia.com/news/chrome-extension-caught-hijacking-users-browsers-502557.shtml
25. April 4,
Softpedia – (International) Google fixes another 40 security bugs in
Android’s April update. Google released an Android Security Advisory
patching 40 security flaws including 15 critical bugs in Android devices
running versions 4.4.4 and higher, that could have allowed an attacker to root
and permanently compromise the device. In addition, multiple remote code
execution (RCE) flaws were patched in Dynamic Host Configuration Protocol
Client Daemon (DHCPCD) service, Media Codec, Mediaserver component, and the
libstagefright library, among other patched vulnerabilities. Source: http://news.softpedia.com/news/google-fixes-another-40-security-bugs-in-android-s-april-update-502564.shtml
26. April 4,
SecurityWeek – (International) iOS app patching tool “rollout” prone to
abuse. Security researchers from FireEye reported that another
quick-patching solution, Rollout.io, used for Apple’s iOS applications and runs
on 35 million devices could be abused by malicious hackers to integrate a
malicious third-party ad software development kit (SDK) into a legitimate app
and potentially turn harmless iOS apps into malware. Source: http://www.securityweek.com/ios-app-patching-tool-rollout-prone-abuse
Communications Sector
Nothing to report