Wednesday, May 18, 2016



Complete DHS Report for May 18, 2016

Daily Report                                            

Top Stories

• Fiat Chrysler Automobiles issued a recall May 16 for 32,267 of its 2016 Jeep Cherokee vehicles sold in the U.S. due to an electrical flaw rooted in select wiring harnesses that may have been improperly crimped by the supplier. – CarConnection.com

7. May 16, CarConnection.com – (International) 2016 Jeep Grand Cherokee recalled for transmission problem, over 37,000 vehicles affected. Fiat Chrysler Automobiles issued a recall May 16 for 32,267 of its model year 2016 Jeep Cherokee vehicles sold in the U.S. due to an electrical flaw rooted in select wiring harnesses that may have been improperly crimped by the supplier, which can result in associated wire terminals losing their electrical connection, thereby causing the gear shifter to become locked in “park” or “neutral” when the vehicle is stopped. The recall also affects 2,095 vehicles in Canada, 538 in Mexico, and 2,472 elsewhere. Source: http://www.thecarconnection.com/news/1103972_2016-jeep-grand-cherokee-recalled-for-transmission-problem-over-37000-vehicles-affected

• A Ukrainian citizen was charged May 16 for his role in a $30 million illegal earnings scheme where he and 9 co-conspirators hacked into business newswires to acquire advance notice on over 150,000 company’s earnings statements. – Newark Star-Ledger See item 8 below in the Financial Services Sector

• The Ohio Environmental Protection Agency (EPA) established new rules which will go into effect June 1 stating that all public water systems that use surface water as a source will be required to monitor and report the occurrence of harmful instances of cyanobacteria and harmful algal blooms (HAB) to the Ohio EPA. – WKYC 3 Cleveland

18. May 17, WKYC 3 Cleveland – (Ohio) Ohio implements new rules for drinking water suppliers. The Ohio Environmental Protection Agency (EPA) established new rules which will go into effect June 1 stating that all public water systems that use surface water as a source will be required to monitor and report the occurrence of harmful instances of cyanobacteria and harmful algal blooms (HAB) to the Ohio EPA. The new rules also establish microcystin action levels in drinking water, require public notification in cases of monitoring violations and exceedances of actions levels in drinking water, and the establishment of requirements for laboratory certification, among other rules. Source: http://www.wkyc.com/news/health/ohio-implements-new-rules-for-drinking-water-suppliers/199011369

• Residents were urged to avoid the waters of La Volla Creek in Corpus Christi until further notice after heavy flooding near Saratoga and Greenwood Drive caused an estimated 400,000 gallons of sewage to overflow May 15. – KRIS 6 Corpus Christi

20. May 16, KRIS 6 Corpus Christi – (Texas) 400,000 gallons of sewage overflows into La Volla Creek. Residents were urged to avoid the waters of La Volla Creek in Corpus Christi until further notice after heavy flooding near Saratoga and Greenwood Drive caused an estimated 400,000 gallons of sewage to overflow from a wastewater line into La Volla Creek May 15. The city will conduct water testing. Source: http://www.kristv.com/story/31983399/400000-gallons-of-sewage-overflows-into-la-volla-creek
  
Financial Services Sector

8. May 16, Newark Star-Ledger – (International) Ukrainian hacker admits stealing business press releases for $30M gain. A Ukrainian citizen pleaded guilty May 16 to Federal charges for his role in a $30 million hacking scheme where the man and 9 co-conspirators hacked into PR Newswire, Business Wire, and Marketwired to get advance notice on over 150,000 company’s earnings statements, and sold the insider trading information for tens of thousands of dollars to traders who executed deals to buy or sell stocks based on the stolen information, which had not yet been released from 2010 – 2015. Officials stated that once the transactions were complete, the traders shared the illegal profits with the hackers through foreign shell companies. Source: http://www.nj.com/news/index.ssf/2016/05/ukrainian_hacker_admits_stealing_business_press_re.html

9. May 16, WWMT 3 Kalamazoo – (Michigan) Possible security breach at local bank has customers concerned. Southern Michigan Bank and Trust alerted its customers May 6 to a possible security breach targeting the bank chain after a company laptop containing sensitive information including customers’ names, addresses, and account numbers, among other data, was stolen from a vehicle owned by the company’s operations manager in April. Bank officials stated the laptop is password protected and there have been no indications of an active breach of sensitive information. Source: http://wwmt.com/news/local/possible-security-breach-at-local-bank-has-customers-concerned

Information Technology Sector

25. May 17, SecurityWeek– (International) Critical vulnerability in Symantec AV Engine exploited by just sending an email. Symantec updated its Antivirus Engine (AVE) addressing a critical memory corruption flaw after a security researcher from Google Project Zero discovered the flaw affected most Symantec and Norton-branded antivirus products and reported the issue related to how the antivirus products handle executables compressed in the ASPack file compressor. The vulnerability can be remotely exploited for code execution by sending a specially crafted file to the victim. Source: http://www.securityweek.com/critical-vulnerability-symantec-av-engine-can-be-exploited-sending-email

26. May 17, SecurityWeek – (International) Apple patches flaws in iOS, OS X, other products. Apple released version 9.3.2 for its mobile operating systems (iOS) including its OS X, iOS, iTunes, Safari, tvOS, and watchOS products which patched 39 flaws after security researchers from Google, Trend Micro, and Context Information Security, among other security companies, found a way to bypass the lockscreen on the iPhone 6s and access photos and contacts by using Siri to conduct an online search for email addresses via Twitter. Source: http://www.securityweek.com/apple-patches-flaws-ios-os-x-other-products

27. May 16, Softpedia – (International) Million-Machine botnet manipulates search results for popular search engines. Security researchers from Bitdefender reported that a click-fraud botnet, Million-Machine can modify Internet Explorer proxy settings and add a Proxy Auto Configuration (PAC) script to hijack all Web traffic through a local proxy server and view all Web traffic originating from the personal computer (PC) via infected downloadable versions of popular software programs including WinRAR, YouTube Downloader, and Connectify, among other products. The malware’s dissemination was assisted by the Redirector.Paco botnet that modifies a computer’s local registry keys with two entries disguised as Adobe products to make the Million-Machine malware begin its operations after each PC restart. Source: http://news.softpedia.com/news/million-machine-botnet-manipulates-search-results-for-popular-search-engines-504108.shtml

28. May 16, SecurityWeek – (International) Chrome to deprecate Flash in favor of HTML5. The technical program manager at Google (Chrome) reported that they will only allow Flash Player execution if a user has indicated that the domain should execute the program and will begin to implement an “HTML5 by Default” policy on its Chrome Web browser by Quarter 4 (Q4) 2016. Chrome will introduce the new feature with a temporary whitelist of the current top Flash Player Web sites, which will expire after one year. Source: http://www.securityweek.com/chrome-deprecate-flash-favor-html5

29. May 16, SecurityWeek – (International) Attackers deliver latest Flash exploit via malicious documents. Security researchers from FireEye reported that a type confusion flaw, previously patched by Adobe, was revealed to have disseminated the exploit via Uniform Resource Identifier (URL) or email attachment after attackers embedded the Flash Player exploit inside Microsoft Office documents, which attackers hosted onto their Web server, and used a Dynamic DNS (DDNS) domain to reference the document and payload. Source: http://www.securityweek.com/attackers-deliver-latest-flash-exploit-malicious-documents

Communications Sector

Nothing to report