Wednesday, August 3, 2016



Complete DHS Report for August 3, 2016

Daily Report                                            

Top Stories

• The FBI announced August 1 that a man dubbed the “Flip-Flop Bandit” was arrested July 29 after robbing a bank in Pooler, Georgia, and multiple others in North Carolina, Tennessee, Oklahoma, and Arkansas. – WFMY 2 Greensboro

4. August 1, WFMY 2 Greensboro – (National) ‘Flip-Flop’ bandit wanted in NC bank robberies captured in GA. The FBI announced August 1 that a man dubbed the “Flip-Flop Bandit” was arrested July 29 after robbing a bank in Pooler, Georgia, and multiple others in North Carolina, Tennessee, Oklahoma, and Arkansas. Source: http://www.wfmynews2.com/news/crime/multi-state-serial-robber-who-hit-ark-banks-caught-in-georgia/285842777

• Northbound lanes of Interstate 75 in Bradenton, Florida, were closed for approximately 12 hours August 1 after a crash involving 2 semi-trucks and 3 other vehicles caused dozens of gallons of diesel to spill onto the highway. – WTSP 10 St. Petersburg

8. August 2, WTSP 10 St. Petersburg – (Florida) NB I-75 lanes in Bradenton reopen after multi-vehicle crash. Northbound lanes of Interstate 75 in Bradenton, Florida, were closed for approximately 12 hours August 1 while crews worked to repair the roadway after a multi-vehicle crash involving 2 semi-trucks and 3 other vehicles caused dozens of gallons of diesel to spill onto the highway. Source: http://www.wtsp.com/news/traffic/nb-i-75-lanes-closed-due-to-multi-vehicle-crash-in-bradenton/285528903

• New York officials announced August 1 that a bypass was installed around a leaking sewage pipeline in Amsterdam the weekend of July 30 while crews work to replace the faulty pipes after approximately 500,000 gallons of sewage spilled into the North Chuctanunda Creek since July 25. – Albany Times Union

18. August 1, Albany Times Union – (New York) DEC: 500,000 gallons of sewage entered Mohawk tributary. The New York State Department of Environmental Conservation (DEC) announced August 1 that a bypass was installed around a leaking sewage pipeline in Amsterdam, New York, the weekend of July 30 in order to redirect the city’s sewage while crews work to replace the faulty pipes after approximately 500,000 gallons of sewage spilled into the North Chuctanunda Creek, which feeds into the Mohawk River, since July 25. The DEC urged all municipalities that draw from the Mohawk River to sufficiently treat their drinking water. Source: http://www.timesunion.com/local/article/Major-sewage-leak-mostly-fixed-in-Amsterdam-8989038.php

• Dr. Web researchers discovered an Android trojan, dubbed Anrdoid.Spy.305 was plaguing 155 Android apps on the official Google Play Store and affecting over 2.8 million users in order to deliver ads to a user’s device. – Softpedia See item 25 below in the Information Technology Sector

Financial Services Sector

4. August 1, WFMY 2 Greensboro – (National) ‘Flip-Flop’ bandit wanted in NC bank robberies captured in GA. The FBI announced August 1 that a man dubbed the “Flip-Flop Bandit” was arrested July 29 after robbing a bank in Pooler, Georgia, and multiple others in North Carolina, Tennessee, Oklahoma, and Arkansas. Source: http://www.wfmynews2.com/news/crime/multi-state-serial-robber-who-hit-ark-banks-caught-in-georgia/285842777

5. August 1, Chicago Sun-Times – (Illinois) Feds: Tips led to capture of ‘North Center Bandit.’ A man dubbed the “North Center Bandit” was arrested July 29 after he allegedly robbed a Chase Bank branch in Chicago June 8 and four other North Side banks since October 2015.

Information Technology Sector

23. August 2, Softpedia – (International) Windows flaw reveals Microsoft account passwords, VPN credentials. Researchers discovered an exploit affecting the way Microsoft Windows handles old authentication procedures for shared network resources where an attacker could embed a disguised link to a server message block (SMB) resource inside a Webpage or an email viewed via Outlook that sends the victim’s login credentials to authenticate on the malicious actor’s domain once the user accesses the link via Internet Explorer, Edge, or Outlook. The exploit gives the hacker access to the user’s Microsoft username, virtual private network (VPN) credentials, or password, which is leaked as a NT LAN Manager (NTLM) hash. Source: http://news.softpedia.com/news/windows-flaw-reveals-microsoft-account-password-vpn-credentials-506868.shtml

24. August 1, Softpedia – (International) Data of 200 million Yahoo users pops up for sale on the Dark Web. Yahoo is investigating a potential data breach after cyber-criminal Peace_of_Mind (Peace) published a listing on TheRealDeal Dark Web marketplace that reportedly offers data on over 200 million Yahoo users for 3 bitcoin, or approximately $1,800, including usernames, MD5-hashed passwords, dates of birth for all users, and in some cases, backup email addresses, country of origin, and ZIP codes for U.S. users. Source: http://news.softpedia.com/news/data-of-200-million-yahoo-users-pops-up-for-sale-on-the-dark-web-506864.shtml

25. August 1, Softpedia – (International) Trojan in 155 Google Play Android apps affects 2.8 million users. Security researchers from Dr. Web discovered a new variant of the Android.Spy family trojan, dubbed Anrdoid.Spy.305 was plaguing 155 Android apps on the official Google Play Store and affecting over 2.8 million users by collecting data about the user’s device, including the email address connected to their Google user account, the name of the app the trojan leverages for distribution, and the developer ID and software developer’s kit (SDK) version, among other details in order to deliver ads. Google released a list of all the apps potentially impacted by the trojan. Source: http://news.softpedia.com/news/trojan-in-155-google-play-android-apps-affects-2-8-million-users-506849.shtml

26. August 1, SecurityWeek – (International) SSL flaw in Intel Crosswalk exposes apps to MitM attacks. Intel released updates for its Crosswalk framework after security researchers from Nightwatch Cybersecurity discovered a serious vulnerability in the Crosswalk Project library that allows malicious actors to launch man-in-the-middle (MitM) attacks and capture sensitive information transmitted by the app after finding that when a user makes a network request and accepts the initial error message displayed by the app if an invalid Secure Socket Layer (SSL) certificate is found, the app accepts all future SSL certificates without validation even when connections are made via different WiFi hotspots and different certificates.

Communications Sector

Nothing to report