Tuesday, May 24, 2016



Complete DHS Report for May 24, 2016

Daily Report                                            

Top Stories

Fiat Chrysler Automobiles issued a recall May 20 for 80,000 of its model years 2012 –2016 Fiat 500 manual transmissions vehicles after discovering that excessive clutch travel can damage the vehicle’s transmission. – TheCarConnection.com

2. May 20, TheCarConnection.com – (International) 2012-2016 Fiat 500 recalled for transmission problems: 80,000 cars affected. Fiat Chrysler Automobiles issued a recall May 20 for 39,217 of its model years 2012 – 2016 Fiat 500 vehicles equipped with manual transmissions sold in the U.S. after it was discovered that excessive clutch travel can damage the vehicle’s transmission, thereby limiting a driver’s ability to change gears. The recall affects 7,834 vehicles in Canada, 7,155 in Mexico, and 26,268 elsewhere. Source: http://www.thecarconnection.com/news/1104078_2012-2016-fiat-500-recalled-for-transmission-problems-80000-cars-affected

A former Scott Credit Union employee in Illinois plead guilty May 19 after defrauding the bank out of $12 million by embezzling funds, creating fraudulent loans, and increasing credit limits on unapproved loans, among other fraudulent actions from November 2005 –December 2014. – Monroe County Republic-Times See item 3 below in the Financial Service Sector

State Route 330 in Highland, California, was shut down for several hours May 22 after ashuttle bus overturned on the highway, leaving 14 people with minor injuries and 6 otherswith serious injuries. – Associated Press

4. May 23, Associated Press – (California) California bus crash leaves 20 injured, 6 seriously. A 16-mile stretch of State Route 330 in Highland, California, was shut down for several hours May 22 after a shuttle bus overturned on the highway when it made contact with another vehicle, leaving 14 people with minor injuries and 6 others with serious injuries. Source: http://www.foxnews.com/us/2016/05/23/california-bus-crash-leaves-20-injured-6-seriously.html

Federal regulators approved a new “Nutrition-Facts” label May 20, which lists the numberof grams of sugar manufactures add to packaged food and drink products to pressurecompanies into making healthier products. – Wall Street Journal

9. May 20, Wall Street Journal – (National) FDA approves new nutrition panel that highlights sugar levels. The U.S. Food and Drug Administration approved a new “Nutrition-Facts” label May 20 that will list the number of grams of sugar that were added to packaged food and beverage products by manufacturers, and what percentage of the recommended daily maximum the numbers represent as part of an effort to pressure companies to make less-fattening products and to help consumers avoid health problems. The new labels must also declare the amounts of potassium and vitamin D, and include larger and easier to read serving size and caloric intake data. Source: http://www.wsj.com/articles/fda-approves-controversial-changes-to-nutrition-facts-panel-1463750195
  
Financial Services Sector

3. May 19, Monroe County Republic-Times – (Illinois) Columbia man guilty of federal bank, loan fraud. A former employee at Scott Credit Union in Illinois pleaded guilty May 19 to Federal charges after he defrauded the bank out of $12 million by embezzling credit union funds, creating fraudulent loans, paying loans through the misapplications of funds from other loans, and increasing credit limits on loans that did not have board approval, among other fraudulent actions from November 2005 – December 2014. Officials stated the man also knowingly submitted a fraudulent report to the bank for the third quarter of 2014 that misstated loan balances, omitted loan amounts, and severely underreported loans. Source: http://www.republictimes.net/columbia-man-guilty-of-federal-bank-loan-fraud/

Information Technology Sector

17. May 23, SecurityWeek – (International) Exploit for recently patched flash flaw added to Magnitude EK. A French security researcher discovered that attackers were integrating the Magnitude exploit flaw against previously patched Flash Player 21.0.0.213 installations to potentially deliver various pieces of malware, including Locky and Cerber ransomware. The exploit was not fully implemented in Magnitude and researchers advised users to be cautious of the exploit.

18. May 21, Softpedia – (International) Ransomware adds DDoS capabilities to annoy other people, not just you. Security researchers from Invincea reported that the Cerber ransomware was discovered to have a new payload capability to launch network packets to a network subnet, which is a specific capability to distributed denial-of-service (DDoS) botnets. The ransomware was detected by 37 out of the 57 antivirus engines and spreads via weaponized rich text format (RTF) files.

19. May 21, Softpedia – (International) Crooks used SQL injections to hack Drupal sites and install fake ransomware. Chief executive officer (CEO) and co-founder of Forkbombus Labs reported that attackers were leveraging a structured query language (SQL) injection vulnerability in Drupal 7.x installations prior to version 7.32 content management system (CMS) platform to compromise Web sites and install Web-based ransomware by scanning the Drupal site version and leveraging the flaw to break into the affected Web sites and change the admin user’s password.

Communications Sector

Nothing to report

Monday, May 23, 2016



Complete DHS Report for May 23, 2016

Daily Report                                            

Top Stories

• Fiat Chrysler Automobiles issued a recall May 19 for 392,464 of its Jeep Wrangler vehicles due to faulty clocksprings that can prevent driver-side airbags from deploying in a crash. – TheCarConnection.com

6. May 19, TheCarConnection.com – (International) 2007-2016 Jeep Wrangler recalled for airbag problem: 506,000 vehicles affected. Fiat Chrysler Automobiles issued a recall May 19 for 392,464 of its model years 2007 – 2016 Jeep Wrangler vehicles and 7,435 of its model years 2011-2016 special-duty, right-hand-drive Jeep Wrangler vehicles sold in the U.S. due to faulty clocksprings that can be compromised following excessive exposure to dust and dirt, thereby preventing driver-side airbags from deploying in a crash. The recall affects an additional 35,412 vehicles in Canada, 8,529 in Mexico, and 62,580 elsewhere. Source: http://www.thecarconnection.com/news/1104048_2007-2016-jeep-wrangler-recalled-for-airbag-problem-506000-vehicles-affected

• Federal regulators issued stricter guidelines May 19 for human exposure to the chemicals perfluorooctanoic acid (PFOA) and perfluorooctane sulfonate (PFOS), and advised water systems with high concentrations of the chemicals to notify residents and consult with their State drinking water agencies. – Associated Press

16. May 19, Associated Press – (National) EPA suggests tighter limits for industrial chemical in water. The U.S. Environmental Protection Agency (EPA) issued stricter guidelines May 19 for human exposure to the chemicals perfluorooctanoic acid (PFOA) and perfluorooctane sulfonate (PFOS), and advised water systems where concentrations of PFOA or PFOS are found above 70 parts per trillion to promptly notify residents and consult with their State drinking water agencies. Source: https://www.washingtonpost.com/politics/federal_government/epa-suggests-tighter-limits-for-industrial-chemical-in-water/2016/05/19/fc135574-1e16-11e6-82c2-a7dcb313287d_story.html

• Authorities announced May 18 that 14 vendors were taken into custody out of the 21 who were charged in connection to selling New York tourists tickets for ferries that circled New York Harbor without stopping. – New York Times

20. May 18, New York Times – (New York) 21 vendors face charges of selling fake tickets to the Statue of Liberty. Authorities announced May 18 that 14 vendors were taken into custody out of the 21 who were charged in connection to selling New York tourists tickets for ferries that circled New York Harbor without stopping, under the guise of tickets to boats that stopped at the Statue of Liberty and Ellis Island. The vendors reportedly used aggressive tactics. Source: http://www.nytimes.com/2016/05/19/nyregion/21-vendors-face-charges-of-selling-fake-tickets-to-the-statue-of-liberty.html

• The Barry-Eaton District Health Department reported May 19 that a norovirus outbreak has ceased after more than 100 people were sickened from May 7 – May 8 at the Carrabba’s Italian Grill restaurant in Lansing, Michigan. – Food Poisoning Bulletin

27. May 19, Food Poisoning Bulletin – (Michigan) Norovirus outbreak at Carrabba’s in Lansing, MI ends 100+ sick. The Barry-Eaton District Health Department reported May 19 that a norovirus outbreak has ceased after more than 100 people were sickened from May 7 – May 8 at the Carrabba’s Italian Grill restaurant in Lansing, Michigan. The restaurant closed voluntarily to conduct sanitation procedures, and the exact cause of the outbreak was not yet determined. Source: https://foodpoisoningbulletin.com/2016/norovirus-outbreak-at-carrabbas-in-lansing-mi-ends-100-sick/

Financial Services Sector

8. May 19, U.S. Securities and Exchange Commission – (National) SEC announces insider trading charges in case involving sports gambler and board member. The U.S. Securities and Exchange Commission announced insider trading charges May 19 against a professional sports gambler and a former board member at Dean Foods Company after the board member allegedly provided the gambler with advance information about Dean Foods including market-moving events, and company earnings statements from 2008 – 2012, among other information regarding Darden Restaurants stocks, which the gambler used to make $40 million in illegal profits. Officials stated the duo used prepaid cell phones and other methods to conceal the illicit activity, and convinced a professional athlete to trade the food company’s securities to pay off a gambling debt.

Information Technology Sector

22. May 20, The Register – (International) 60 percent of Androids exposed by new attack on mediaserver. A security researcher from Duo reported that about 60 percent of enterprise Android phones running Lollipop version 5 operating system (OS), KitKat version 4.4, and Marshmallow version 6 OS were susceptible to a Qualcomm Secure Execution Environment (QSEE) vulnerability after researchers discovered the flaw in the mediaserver component that could allow an attacker to gain complete control over the device by tricking users into installing a malicious app. Source: http://www.theregister.co.uk/2016/05/20/pick_your_favourite_new_attack_pwns_60_percent_of_new_old_androids/

23. May 20, Softpedia – (International) Researcher wins $5,000 for finding two ways to brute-force Instagram accounts. Facebook fixed two security flaws on its social network, Instagram that could have allowed an attacker to execute brute-force attacks and gain control over users’ accounts due to Instagram’s weak password policy, its usage of incremental user identifications, and lack of proper rate limiting protection. Source: http://news.softpedia.com/news/researcher-wins-5-000-for-finding-two-ways-to-brute-force-instagram-accounts-504290.shtml

24. May 20, SecurityWeek – (International) Vulnerabilities found in Siemens SIPROTEC protection relays. Security researchers from Siemens and the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) discovered SIPROTEC 4 and SIPROTEC Compact devices were plagued with several information disclosure vulnerabilities that can allow attackers to obtain sensitive device information if hackers gain access to the network hosting the devices. Siemen released updates for its firmware version 4.27, but has yet to release updates for other relays. Source: http://www.securityweek.com/vulnerabilities-found-siemens-siprotec-protection-relays

Communications Sector

25. May 19, SecurityWeek – (National) Serious vulnerabilities found in Moxa industrial secure routers. Moxa released a firmware update for its EDR-G903 series industrial routers versions 3.4.11 and older, patching several high severity vulnerabilities that can be exploited for denial-of-service (DoS) attacks, privilege escalation, and arbitrary code execution, including configuration and log files that can be accessed on the Web server by accessing a specific Uniform Resource Locator (URL), allowing an unauthenticated attacker to download the configuration and log files. Source: http://www.securityweek.com/serious-vulnerabilities-found-moxa-industrial-secure-routers