Complete DHS Report for June 8, 2016
Daily Report
Top Stories
• Officials issued a recall
the weekend of June 4 for nearly 563,000 model years 2004 – 2011 vehicles in 5
makes sold in the U.S. due to potentially faulty Takata Corp., passenger-side
air bag inflators. – TheCarConnection.com
3. June 6,
TheCarConnection.com – (National) Even more Takata recalls: 563,000 Audi, BMW,
Jaguar, Land Rover, Mercedes-Benz vehicles affected. The National Highway
Traffic Safety Administration issued a recall the weekend of June 4 for nearly
563,000 model years 2004 – 2011 vehicles in 5 makes sold in the U.S. due to
potentially faulty Takata Corp., passenger-side air bag inflators equipped with
ammonium nitrate, a chemical that may destabilize over time when exposed to
hot, humid weather and cause the airbags to deploy with excessive force,
spraying hot shrapnel into vehicle passenger compartments. The recalls are
being conducted by region, with vehicles registered or sold in the Gulf Coast
region taking priority. Source: http://www.thecarconnection.com/news/1104320_even-more-takata-recalls-563000-audi-bmw-jaguar-land-rover-mercedes-benz-vehicles-affected
• A former University of Missouri-Columbia administrative officer
pleaded guilty June 6 to embezzling over $716,000 from the school over the
course of 9 years. – St. Louis Post-Dispatch
12. June 6,
St. Louis Post-Dispatch – (Missouri) Former University of Missouri
employee admits embezzling more than $700,000. A former University of
Missouri-Columbia administrative officer pleaded guilty June 6 in connection
with a theft of over $716,000 from the school over the course of 9 years. The
former employee created and registered three shell companies with the Missouri
Secretary of State’s Office, which were used to fraudulently bill the
university for services that were never provided from January 2005 – June 2014.
Source: http://www.stltoday.com/news/local/education/former-university-of-missouri-employee-admits-embezzling-more-than/article_798dad22-befd-5582-9f54-b82ff63908a2.html
• Akamai released a report titled State of the Internet which
revealed that during the first quarter of 2016, there were 19 distributed
denial-of-service (DDoS) attacks that exceeded 100 Gigabits per second, making
DDoS attacks four times more prevalent than the previous quarter. – IDG News
Service See item 14 below in
the Information Technology Sector
• Security researchers from FireEye reported that the Angler
exploit kit (EK) installations were capable of bypassing Microsoft’s Enhanced
Mitigation Experience Toolkit (EMET) on Windows 7 to deliver a malicious
payload. – Softpedia See item 15 below in
the Information Technology Sector
Financial Services Sector
Nothing
to report
Information Technology Sector
13. June 7,
SecurityWeek – (International) Facebook patches vulnerability in Messenger
app. Security researchers from Check Point discovered that the Facebook
Messenger app was plagued with a vulnerability that could allow attackers to
change the content of a conversation or replace legitimate links and files with
malicious content. Attackers could exploit the flaw by obtaining identification
(ID) assigned to each message via a request to “facebook.com/ajax/mercury/thread_info.php”
and send another message with a duplicate ID to the victim. Source: http://www.securityweek.com/facebook-patches-vulnerability-messenger-app
14. June 7,
IDG News Service – (International) Massive DDoS attacks reach record levels as
botnets make them cheaper to launch. Akamai released a report titled State
of the Internet which revealed that during the first quarter of 2016, there
were 19 distributed denial-of-service (DDoS) attacks that exceeded 100 Gigabits
per second, making DDoS attacks four times more prevalent than the previous
quarter. The report indicated that criminals could now afford to launch
crippling attacks towards major companies. Source: http://www.networkworld.com/article/3079987/massive-ddos-attacks-reach-record-levels-as-botnets-make-them-cheaper-to-launch.html#tk.rss_all
15. June 6,
Softpedia – (International) Angler exploit kit finds a method to escape
Microsoft’s EMET security toolkit. Security researchers from FireEye
reported that the Angler exploit kit (EK) installations were capable of
bypassing Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) on Windows
7 to infect a system by deploying two exploits, one for Flash and one for
Silverlight. The two exploits run their code via protected memory slots that
allow them to deliver a malicious payload regardless of EMET’s Data Execution
Mitigation (DEP), Export Address Table Access Filtering (EAF), and EAF+
mitigations. Source: http://news.softpedia.com/news/angler-exploit-kit-finds-a-method-to-escape-microsoft-s-emet-security-toolkit-504929.shtml
16. June 6,
Softpedia – (International) Black Shades ransomware asks victims only for
a measly $30. Several security researchers from various companies
discovered a ransomware dubbed Black Shades Crypter was locking user files and
demanding ransom money after finding that the ransomware adds an extra
extension, “.silent” to encrypted files, informs victims to pay a small ransom
to unlock their files, and encodes strings in its source code to make it
difficult for malware analysts to decode. Source: http://news.softpedia.com/news/black-shades-ransomware-asks-victims-only-for-a-measly-30-504935.shtml
17. June 6,
Softpedia – (International) Windows BITS Service used to reinfect
computers with malware. Security researchers from SecureWorks stated that
attackers were using Window’s Background Intelligent Transfer Service (BITS) to
set up recurring malware download tasks, and then leveraging its autorun
capabilities to install the malware after an investigation revealed that the
original malware, called Zlob.Q, added malicious entries to the BITS service,
which would download malicious code on the system, run the malware, and erase
itself when the infection is completed. Source: http://news.softpedia.com/news/windows-bits-service-used-to-reinfect-computers-with-malware-504930.shtml
Communications Sector
Nothing to report