Daily Report
Top Stories
· Ford Motor Co. agreed to a $17.4 million settlement with
the National Highway Traffic Safety Administration for delaying the recall on
421,000 Escape vehicles that had gas pedals which could become stuck. – CNN
5.
August 1, CNN – (National) Ford to pay $17.4 million
fine for delaying recall. Ford Motor Co. agreed to a $17.4 million
settlement with the National Highway Traffic Safety Administration for delaying
the recall on 421,000 Escape vehicles that had gas pedals which could become
stuck. Source: http://money.cnn.com/2013/08/01/autos/ford-nhtsa-recall-fine/
· According to the U.S.
Centers for Disease Control and Prevention at least 378 people in 16 States
were sickened in a noted uptick in cyclospora infections between early June and
early July. – Food Safety News
14.
August 1, Food Safety News – (National) Cyclospora: 378
sickened from salad mix, no source named. According to the U.S. Centers for
Disease Control and Prevention at least 378 people in 16 States were sickened
in a noted uptick in cyclospora infections between early June and early July.
Cyclospora has sickened at least 221 people in Iowa and Nebraska, where the
illnesses were found to be part of the same outbreak linked to
nationally-distributed bagged salad mix. Source: http://www.foodsafetynews.com/2013/08/cyclospora-378-sickened-from-salad-mix-no-source-named/
· The U.S. Food and Drug Administration warned diabetes
patients about the recall of 62 million strips used to test blood sugar levels
and made by Nova Diabetes Care after the strips were contaminated with a
chemical used in the manufacturing process, which interferes with readings. – Associated
Press
20. July 31,
Associated Press – (International) 62 million diabetes test strips recalled. The
U.S. Food and Drug Administration warned diabetes patients about the recall of
62 million strips used to test blood sugar levels and made by Nova Diabetes
Care, after the strips were contaminated with a chemical used in the manufacturing
process, which interferes
with readings. Source: http://news.msn.com/us/62-million-diabetes-test-strips-recalled
· Firefighters reached 25 percent containment
of Washington’s Colockum Tarps Fire July 31 after it burned through 70,000
acres. – Yakima Herald-Republic (See item 23)
23.
August 1, Yakima Herald-Republic –
(Washington) Colockum Tarps Fire at 70,000 acres, some evacuees return. Firefighters
reached 25 percent containment of Washington’s Colockum Tarps Fire July 31
after burning through 70,000 acres. Some Kittitas County residents were allowed
to return home after being evacuated, but several parks and canyons remained
closed. Source: http://www.yakimaherald.com/news/fires/allfires/1370837-8/some-residents-allowed-back-home-during-colockum-tarps
Details
Banking and Finance Sector
6. July 31, U.S. Attorney’s Office, Central District of
California – (California) Eight linked to fraudulent mortgage
brokerage in Ventura County that generated millions in sales arrested in
federal case. Federal and Ventura County authorities arrested eight
individuals July 31 for allegedly running a mortgage fraud scheme through New
Concepts Home Loans that cost lenders more than $11 million. Source: http://www.fbi.gov/losangeles/press-releases/2013/eight-linked-to-fraudulent-mortgage-brokerage-in-ventura-county-that-generated-millions-in-sales-arrested-in-federal-case
Information Technology Sector
31. August
1, The Register – (International) Gmail, Outlook.com, and e-voting ‘pwned’ on
stage in crypto-dodge attack. Researchers demonstrated a man-in-the-middle
attack at the Black Hat 2013 conference which can allow unauthorized access to
email by preventing logout requests. The attack could also be used against
certain electronic voting systems. Source: http://www.theregister.co.uk/2013/08/01/gmail_hotmail_hijacking/
32. August
1, V3.co.uk – (International) Google Code developer site targeted by
hackers. A researcher at Zscaler identified a scheme where hackers targeted
the Google Code developer site in order to host malware, part of a reported
trend in attacks. Source: http://www.v3.co.uk/v3-uk/news/2286303/google-code-developer-site-targeted-by-hackers
33. August
1, Help Net Security – (International) Malware attacks via malicious iPhone
chargers. Researchers at the Black Hat 2013 conference built an iPhone
charger that can infect devices connected to it and demonstrated how their
attack bypassed Apple security features. Source: https://www.net-security.org/malware_news.php?id=2548
34. August
1, V3.co.uk – (International) Crooks using Android master key to sneak
trojans onto smartphones and tablet devices. Researchers at Dr. Web
identified a trojan exploiting the Android ‘master key’ vulnerability to infect
devices. A similar campaign was identified in July. Source: http://www.v3.co.uk/v3-uk/news/2286263/crooks-using-android-master-key-to-sneak-trojans-onto-smartphones-and-tablets-devices
35. August
1, IDG News Service – (International) Researchers bypass home and office security
systems. Researchers at Bishop Fox demonstrated at the Black Hat 2013
conference several methods to defeat and bypass common building security devices
such as door and window sensors, keypad alarms, and thermal sensors. Source: https://www.computerworld.com/s/article/9241278/Researchers_bypass_home_and_office_security_systems
36. July 31,
The Register – (International) Malicious JavaScript flips ad network into
rentable botnet. A presentation by researchers from WhiteHat Security at
the Black Hat 2013 conference demonstrated a technique to use iframes in Web
advertisements to call a JavaScript file that increases requests to a Web site
to perform distributed denial of service (DDoS) attacks without being easily
traced. Source: http://www.theregister.co.uk/2013/07/31/whitehat_security_ad_networks_botnet/
37. July 31,
Sophos – (International) ZeroAccess malware revisited – new version
yet more devious. Researchers at SophosLabs found and analyzed an update to
the ZeroAccess malware that adds new techniques to ensure its persistence on
infected systems. Source: http://nakedsecurity.sophos.com/2013/07/31/zeroaccess-malware-revisited-new-version-yet-more-devious/
38. July 31,
IDG News Service – (International) Vulnerabilities in D-Link network video
recorders enable remote spying, researcher says. Researchers at Qualys
found remotely exploitable vulnerabilities in two models of D-Link network
video controllers that can enable access to surveillance camera feeds and other
data. It was unclear whether a firmware update issued in July closed the
vulnerability. Source: http://www.pcworld.com/article/2045643/vulnerabilities-in-dlink-network-video-recorders-enable-remote-spying-researcher-says.html
Communications Sector
39.
July 31, Quay County Sun– (New Mexico)Wireless
service restored in Quay County. Verizon Wireless reported a hardware issue
was the cause of a 12 hour telephone service outage July 25 in Quay County, New
Mexico. Source: http://www.qcsunonline.com/2013/07/31/wireless-service-outage-affects-quay-county-i-40/
40.
July 31, KOLD 13 Tucson– (Arizona) Service
restored to Comcast customers. A cut in a line in New Mexico is the cause
of a July 31 four hour service outage for Comcast customers. The exact location
and nature of the cut is being investigated. Source: http://www.tucsonnewsnow.com/story/22979965/service-restored-to-comcast-customers
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.