Complete DHS Report for April 29, 2016
Daily Report
Top Stories
• A mechanical failure due to heavy rainfall at the South Kansas
River pump station in Topeka released approximately 2.4 million gallons of
untreated wastewater into the Kansas River April 26. – Topeka
Capital-Journal
13. April 27,
Topeka Capital-Journal – (Kansas) 2.4 million gallons of untreated
wastewater released into Kansas River in Topeka after storm, mechanical
failure. A mechanical failure due to heavy rainfall at the South Kansas
River pump station in Topeka released approximately 2.4 million gallons of
untreated wastewater into the Kansas River April 26. Source: http://cjonline.com/news/2016-04-27/24-million-gallons-untreated-wastewater-released-kansas-river-after-storm-mechanical#
• Cisco reported that Tuto4PC’s OneSoftPerDay application was
discovered to install potentially unwanted programs, harvest users’ personal
information, and considered to be a backdoor for 12 million personal computers.
– SecurityWeek See item 23 below in
the Information Technology Sector
• Lifeboat Networks reported April 27 that its network was
compromised, exposing its users’ information from the Minecraft Pocket Edition
mobile game after a security researcher found over 7 million user credentials
were available online. – SC Magazine See item 24 below in
the Information Technology Sector
• Six researchers discovered they could create fake traffic jams
and track the movements of any Waze user by reverse engineering the Waze app
communications protocol and creating Sybil attacks to insert thousands of
malicious users inside the Waze networks. – Softpedia See item 25 below in
the Information Technology Sector
Financial Services Sector
2. April 27,
New York Daily News – (New York) Bloods-linked gang members charged with running
$414G identity-theft ring. Officials from the New York County District
Attorney’s Office announced April 26 that 39 gang members were charged for
their roles in a $414,000 identity theft scheme where the group used stolen
bank information from the Dark Web to create phony credit cards used to make
fraudulent purchases at Barneys and Sacks Fifth Avenue stores and sold the
goods to fund personal expenses. Officials stated a subsequent search of the
suspects’ apartments in Queens and Brooklyn, New York revealed computers and
credit card making equipment, among other illicit materials. Source: http://www.nydailynews.com/new-york/nyc-crime/bloods-linked-gang-members-charged-414g-id-theft-ring-article-1.2615754
Information Technology Sector
21. April 28,
SecurityWeek – (International) Critical, high severity flaws patched in
Firefox. Mozilla released its web browser, Firefox 46 that patched a total
of 14 vulnerabilities including 4 critical vulnerabilities affecting the
browser engine, which could cause crashes and potential arbitrary code
execution, as well as a high severity vulnerability that could be exploited via
specially crafted Web content and cause an exploitable crash, among other
flaws.
22. April 28,
The Register – (International) Time for a patch: Six vulns fixed in NTP
daemon. Security researchers from Cisco’s Talos Security Intelligence and
Researcher Group discovered five vulnerabilities in Network Time Protocol
daemon (ntpd) after its ongoing ntpd evaluation revealed attackers could craft
User Datagram Protocol (UDP) packets to cause a denial-of-service (DoS)
condition or prevent the correct time from being set, among other actions. The
vulnerabilities were patched in Network Time Protocol (NTP) version 4.2.8p7. Source:
http://www.theregister.co.uk/2016/04/28/time_for_a_patch_six_vulns_fixed_in_ntp_daemon/
23. April 28,
SecurityWeek – (International) Cisco finds backdoor installed on 12 million PCs.
Cisco’s Talos Security Intelligence and Research Group reported that a
Tuto4PC’s OneSoftPerDay application was discovered to install potentially
unwanted programs (PUPs), harvest users’ personal information, and was
considered to be a backdoor for 12 million personal computers (PCs) after an
analysis revealed that an increase in generic trojans were found when about
7,00 unique samples displayed names including “Wizz” in some of the domains.
24. April 27,
SC Magazine – (International) Over 7M Minecraft mobile credentials exposed
after Lifeboat data breach. Lifeboat Networks reported April 27 that its
network was compromised in January, exposing its users’ login names, passwords,
and email addresses in the Minecraft Pocket Edition mobile game after a
security researcher found over 7 million user credentials were available
online. Lifeboat forced its customers to reset their passwords discretely and
stated they started using stronger algorithms to guard user data. Source: http://www.scmagazine.com/over-7m-minecraft-mobile-credentials-exposed-after-lifeboat-data-breach/article/492634/
25. April 27,
Softpedia – (International) Waze drivers can be tracked, network flooded
with fake traffic. Six researchers from the University of California,
University of Santa Barbara, and the Tsinghua University discovered that they
could create fake traffic jams and track the movements of any Waze user by
reverse engineering the Waze app communications protocol and creating Sybil
attacks to insert thousands of malicious users inside the Waze networks. The
attacks could manipulate the app’s behavior and allow attackers to pose as Waze
users when communicating with the app’s Google server. Source: http://news.softpedia.com/news/waze-drivers-can-be-tracked-network-flooded-with-fake-traffic-503473.shtml
26. April 27,
SecurityWeek – (International) Attackers increasingly abuse open source
security tools. Security researchers from Kaspersky Lab reported that the
open source security tool, Browser Exploitation Framework (BeEF) was being
leveraged by an advanced persistent threat (APT) group named NewsBeef to track
and steal users’ browsing history from compromised Web sites through flaws in
content management systems. In addition, researchers reported that other APT
actors were using open source tools in their operations to execute malware
across the globe. Source: http://www.securityweek.com/attackers-increasingly-abuse-open-source-security-tools
27. April 27,
SecurityWeek – (International) Verizon 2016 DBIR: What you need to know. Verizon
released its 2016 Data Breach Investigations Report (DBIR) which revealed
current information technology (IT) trends and the overall cyberattack
landscape after conducting an analysis on over 100,000 security incidents,
which confirmed 2,260 data breaches occurred across 82 different countries in
2015, with the majority of breaches occurring due to human nature via phishing
campaigns. Source: http://www.securityweek.com/verizon-2016-dbir-what-you-need-know
Communications Sector
See items 24 and 25 above in the Information Technology
Sector