Complete DHS Report for May 4, 2016
Daily Report
Top Stories
• CRF Frozen Foods expanded a previous recall May 2 to include all
358 of its frozen organic and traditional fruits and vegetables products due to
potential Listeria monocytogenes contamination following 7 cases of
Listeria-related hospitalizations that were linked to the products. – U.S.
Food and Drug Administration
7. May 3,
U.S. Food and Drug Administration – (International) CRF Frozen
Foods expands voluntary recall to include all frozen vegetable and fruit
products due to possible health risk. CRF Frozen Foods expanded a previous
recall May 2 to include all 358 of its frozen organic and traditional fruits
and vegetables products due to potential Listeria monocytogenes contamination
after U.S. officials identified 7 cases of hospitalizations in 3 states due to
Listeria and determined some of these illnesses were linked to consuming
CRF-manufactured products. The company suspended operations at its Pasco,
Washington facility following the initial recall and stated that the products
may have been purchased nationwide and in Canada. Source: http://www.fda.gov/Safety/Recalls/ucm498841.htm
• The owner of Express Food Mart in Camden, New Jersey, pleaded
guilty May 2 to stealing over $1.2 million in Supplemental Nutrition Assistance
Program (SNAP) redemptions from November 2011 – October 2014. – Newark Star-Ledger
8. May 2,
Newark Star-Ledger – (New Jersey) Camden shop owner admits stealing $1.2M in SNAP
benefits. The owner of Express Food Mart in Camden, New Jersey, pleaded
guilty May 2 to stealing over $1.2 million in Supplemental Nutrition Assistance
Program (SNAP) redemptions from November 2011 – October 2014. Authorities
stated that the store owner paid SNAP benefit holders 50 cents on the dollar. Source:
http://www.nj.com/camden/index.ssf/2016/05/camden_shop_owner_admits_stealing_12m_in_snap_bene.html
• Teacher sick-outs prompted 94 schools in the Detroit Public
Schools district to close for a second consecutive day May 2 due to concerns
over teachers’ pay. – Associated Press
15. May 3,
Associated Press – (Michigan) Teacher sick-outs close most Detroit schools for a
2nd day. Teacher sick-outs prompted 94 schools in the Detroit Public
Schools district to close for a second consecutive day May 2 due to concerns
over teachers’ pay.
• A security researcher discovered a parameter tampering
vulnerability in a new PwnedList service could allow an attacker to add any
desired domain through a flaw in the service’s two-step authentication process.
– SecurityWeek See item 22 below in
the Information Technology Sector
Financial Services Sector
Nothing
to report
Information Technology Sector
20. May 3,
SecurityWeek – (International) Google patches 40 vulnerabilities in Android.
Google released security updates for its Android operating system (OS)
patching 40 vulnerabilities including a remote code execution flaw (RCE) in
Mediaserver that could allow an attacker to execute code within the software,
and a privilege escalation flaw in the Android debugger that could allow a
malicious application to execute arbitrary code in Android debugger or kernel,
among other patched flaws. Source: http://www.securityweek.com/google-patches-40-vulnerabilities-android
21. May 2,
SecurityWeek – (International) Accellion patches flaws found during Facebook
hack. The Computer Emergency Response Team (CERT) Coordination Center (CC)
released an advisory addressing seven vulnerabilities in the Accellion File
Transfer Appliance after a security consultant discovered one of the flaws
could be leveraged to upload a web shell, which is an SQL injection, due to
improper handling of data in the “client_id” parameter in
“/home/seos/courier/security_key2.api.” Other vulnerabilities include three
cross-site scripting (XSS) flaws and a number of local privilege escalation
issues related to incorrect default permissions.
22. May 2,
SecurityWeek – (International) Millions of credentials exposed by PwnedList
flaw. A security researcher discovered a parameter tampering vulnerability
in a new PwnedList service called Vendor Security Monitoring which could allow
an attacker to add any desired domain through a flaw in the service’s two-step
authentication process and submit arbitrary data by tampering with the request.
An attacker with an active PwnedList account can exploit the flaw to add the
domain of any major company to generate a list of all compromised email
accounts.
23. May 2,
SecurityWeek – (International) Compromised RDP Servers used in corporate
ransomware attacks. Researchers from Fox-IT discovered that attackers could
disseminate ransomware through a compromised remote desktop server by using
brute force attacks to infiltrate a remote desktop server connected to the
Internet and use privilege escalation methods to find domain administration
status. Once an attacker infiltrates a system and gains administrative
privileges, they can extract data, recruit into a botnet, deliver spam, and
demand monetary funds from a compromised company.
Communications Sector
Nothing to report