Complete DHS Report for December 9, 2016
Daily Report
Top Stories
• A December 7 fire at a Rocky Mountain Power substation in Rigby,
Idaho, caused roughly 27,000 customers in eastern Idaho to lose power for
several hours December 7 – 8. – KIFI 8 Idaho Falls
1. December 8, KIFI 8
Idaho Falls – (Idaho) Power restored in Rexburg, Rigby and Ririe. A
December 7 fire at a Rocky Mountain Power substation in Rigby, Idaho, caused
roughly 27,000 customers in eastern Idaho to lose power for several hours
December 7 – 8. Officials determined the fire was caused by the failure of a
voltage monitoring device.
• Hyundai Motor Company issued a recall December 8 for 41,264 of
its model years 2007 – 2008 Hyundai Entourage vehicles sold in the U.S. due to
a hood latch issue. – TheCarConnection.com
3. December 8,
TheCarConnection.com – (National) 2007-2008 Hyundai Entourage recalled
to fix hood latch glitch. Hyundai Motor Company issued a recall December 8
for 41,264 of its model years 2007 – 2008 Hyundai Entourage vehicles sold in
the U.S. due to an issue with the secondary hood latches where the latches can
become corroded and get stuck in the open position, which may prevent the
secondary latch from holding the hood in place if the primary latch fails,
thereby causing significant visibility problems for a driver and increasing the
risk of an accident. Source: http://www.thecarconnection.com/news/1107683_2007-2008-hyundai-entourage-recalled-to-fix-hood-latch-glitch
• Researchers reported that two zero-day flaws affecting hundreds
of thousands of Internet Protocol (IP) cameras worldwide could cause the devices
to be ensnared into Internet of Things (IoT) botnets. – SecurityWeek
4. December 7,
SecurityWeek – (International) Hundreds of thousands of IP cameras
exposed to IoT botnets. Cybereason security researchers reported that two
zero-day flaws, including a combined authentication bypass and information
disclosure bug affect hundreds of thousands of Internet Protocol (IP) cameras
worldwide, making them susceptible to malware compromise, which could
subsequently cause the devices to be ensnared into Internet of Things (IoT)
botnets. An attacker can leverage the vulnerabilities to move the camera and
see the images it is sending, as well as execute malicious code, and find other
cameras plagued by the same vulnerabilities.
• Officials reported that a pump failed at a lift station in
Callaway, Florida, causing the release of approximately 25,000 gallons of
untreated wastewater December 7. – WJHG 7 Panama City/WECP 18 Panama City
18. December 7, WJHG 7
Panama City/WECP 18 Panama City – (Florida) Untreated wastewater
discharged into Callaway creek. Bay County, Florida officials reported that
a pump failed during routine testing of a power generator at the Advanced
Wastewater Treatment Plant lift station in Callaway, causing the release of
approximately 25,000 gallons of untreated wastewater into a neighboring creek
December 7. County utility crews cleaned up the site and were conducting water
quality testing at the creek. Source:
http://www.wjhg.com/content/news/Untreated-wastewater-discharged-into-Callaway-creek-405299585.html
Financial Services Sector
5. December 7, U.S.
Department of Justice – (Louisiana) Louisiana criminal defense attorney
pleads guilty to tax evasion. A criminal defense attorney from Baton Rouge,
Louisiana, pleaded guilty December 7 to evading payment of roughly $1 million
in Federal income tax, penalties, and interest, as well as employment tax,
penalties, and interest between 2003 and 2013 while operating a criminal
defense law practice in Hammond. In an effort to hide the ownership of his
property and avoid the payment of his tax liabilities, the attorney used
nominees and the trusts he beneficially owned to buy his primary residence for
$435,000 in January 2007, and deposited $416,283 into the nominee bank account
with funds from the trusts and other accounts not under his ownership between
January 2007 and January 2014. Source: https://www.justice.gov/opa/pr/louisiana-criminal-defense-attorney-pleads-guilty-tax-evasion
Information Technology Sector
27. December 8,
SecurityWeek – (International) August stealer uses PowerShell for
fileless infection. Proofpoint security researchers warned that a new
information stealing malware, dubbed August leverages Microsoft Word documents
containing malicious macros, which once enabled, launch a PowerShell command to
download and install the August stealer on a machine for a fileless infection.
The malicious payload is downloaded from a remote site as a PowerShell byte
array, and targets customer service and managerial staff at retail stores to
steal credentials and sensitive documents from the affected devices.
28. December 8, Help Net
Security – (International) 323,000 pieces of malware detected daily. Kaspersky
Lab reported that the number of new malware files detected by its products
increased to 323,000 per day in 2016, an increase of 13,000 from the amount of
files detected in 2015. Source: https://www.helpnetsecurity.com/2016/12/08/malware-detected-daily/
29. December 7, Help Net
Security – (International) Over 400,000 phishing sites have been
observed each month during 2016. Webroot security researchers reported that
phishing Websites have become more sophisticated and carefully crafted, as 84
percent of phishing sites observed in 2016 existed for less than 24 hours,
making any organization or person susceptible to having sensitive information
stolen. Webroot also found that during 2016, an average of more than 400,000
phishing Websites were observed each month and nearly all of the phishing URLs
are hidden with benign domains, among other findings.
30. December 7,
SecurityWeek – (International) Hackers can exploit Roundcube flaw by
sending an email. RIPS Technologies discovered that Roundcube, an open
source Webmail software was plagued with a critical vulnerability related to
the Hypertext Preprocessor (PHP) function “mail()” that an attacker with access
to the targeted system can exploit to execute arbitrary commands on the system
by sending an email. The security firm found that the user input is not
properly sanitized in the fifth parameter of the “mail()” function, which
allows an attacker to pass arbitrary arguments and create a malicious PHP file
in the system’s Web root directory, enabling the malicious actor to execute
commands and conduct malicious activities. Source:
http://www.securityweek.com/hackers-can-exploit-roundcube-flaw-sending-email
For another story, see item 4
above in Top Stories
Communications Sector
Nothing to report