Thursday, October 17, 2013



  
The DHS Daily Report is again active.  I am surprised that a summary of the past unreported days is not being offered.  What say you?

Complete DHS Daily Report for October 17, 2013

Daily Report

Top Stories

 • A former Halliburton Energy Services manager pleaded guilty to destroying evidence related to the 2010 Deepwater Horizon oil spill in the Gulf of Mexico. – Associated Press 

1.            October 16, Associated Press – (International) Ex-Halliburton manager pleads guilty. A former Halliburton Energy Services manager pleaded guilty October 15 to destroying evidence in a 2010 oil spill in the Gulf of Mexico. The former employee of Halliburton, BP plc.’s contractor on the Deepwater Horizon drilling rig, instructed employees to delete data during a post-spill review of the cement job on BP’s blown-out Macondo well. Source: http://www.lasvegassun.com/news/2013/oct/16/us-gulf-oil-spill-halliburton/

 • Researchers found that the Automatic Identification System (AIS) tracking system on commercial and passenger ships is vulnerable to cyberattacks that could misdirect ships and spoof various signals. – Softpedia 

10. October 16, Softpedia – (International) Global vessel tracking systems vulnerable to hacker attacks, experts warn. Researchers from Trend Micro found that the Automatic Identification System (AIS), a tracking system that relies on GPS installed on some commercial and all passenger ships, are vulnerable to cyberattacks where hackers can hijack the communications of ships, disable the AIS, create fake ship signals, and trigger fake SOS or collision alerts. Source: http://news.softpedia.com/news/Global-Vessel-Tracking-Systems-Vulnerable-to-Hacker-Attacks-Experts-Warn-391628.shtml

 • Sixty-four Cleveland police officers were found guilty for various charges and will be disciplined in connection with their role in a 2012 police chase that resulted in 137 shots being fired at two unarmed occupants of a speeding car. – CNN
24. October 16, CNN – (Ohio) Police chief: 64 Cleveland officers broke rules in shooting. Sixty-four Cleveland police officers were found guilty for various charges and will be disciplined in connection with their role in a 2012 police chase that resulted in 137 shots being fired at two occupants of a speeding car. The two individuals in the car were killed and an investigation determined they were unarmed. Source: http://www.cnn.com/2013/10/16/justice/cleveland-police-shooting/index.html

 Oracle released its October Critical Patch Update (CPU) which includes patches for 127 security vulnerabilities across a range of products. – The Register See item 25 below in the Information Technology Sector

Details

Banking and Finance Sector

6. October 15, SC Magazine – (International) New malware enables attackers to take money directly from ATMs. Researchers at Safensoft and Trustwave identified and analyzed a piece of malware known as Ploutus that has been infecting ATMs in Mexico and allowing criminals to instruct the machines to dispense cash. The ATMs are infected after their CD-ROM drives are forced open, and instructions are given to compromised machines either by keypad sequences or by the interactive interface. Source: http://www.scmagazine.com/new-malware-enables-attackers-to-take-money-directly-from-atms/article/316409/

7. October 15, Ars Technica – (International) “Dexter” malware infects South African restaurants, costs banks millions. Banks in South Africa sustained millions of dollars in losses after a new variant of the Dexter point-of-sale device malware was found to have compromised the accounts of potentially hundreds of thousands of customers. Source: http://arstechnica.com/security/2013/10/dexter-malware-infects-south-african-restaurants-costs-banks-millions/

8. October 15, KTVI 2 St. Louis – (Illinois) O’Fallon bank robbery suspect may be serial robber. Police arrested a man in Swansea identified as a suspect in the October 15 robbery of a Bank of O’Fallon branch in Lincoln, and investigators believe he may be the same man responsible for at least six other bank robberies. Source: http://fox2now.com/2013/10/15/police-searching-for-bank-robbers-near-belleville/

9. October 15, Greater Alexandria Patch – (Virginia) Police arrest suspect in ‘Beacon Hill Bandit’ bank robberies. Police arrested a man in Alexandria believed to be the “Beacon Hill Bandit” responsible for robbing the same TD Bank branch six times between 2010 and 2013. Source: http://greateralexandria.patch.com/groups/around-town/p/police-arrest-suspect-in-beacon-hill-bandit-bank-robberies

Information Technology Sector

25. October 16, The Register – (International) Oracle drops shedload of CRITICAL vuln-busting Java patches. Oracle released its October Critical Patch Update (CPU) which includes patches for 127 security vulnerabilities across a range of products. Fifty-one vulnerabilities were addressed in Java, including 12 that could allow attackers to take full control of targeted machines without authentication. Source: http://www.theregister.co.uk/2013/10/16/oracle_quarterly_patch_batch/

26. October 16, Softpedia – (International) 5 vulnerabilities fixed with release of Chrome 30.0.1599.101. Google released the latest update for its Chrome browser, closing five security issues. Source: http://news.softpedia.com/news/5-Vulnerabilities-Fixed-with-Release-of-Chrome-30-0-1599-101-391599.shtml

27. October 16, Softpedia – (International) Researchers identify two sandbox escape vulnerabilities in IBM SDK for Java 7.0. Researchers from Security Explorations identified and reported two Java sandbox escape vulnerabilities affecting Java SDK for Java Technology Edition, version 7.0 SR5. The researchers sent a report and proof-of-concept to IBM October 16. Source: http://news.softpedia.com/news/Researchers-Identify-Two-Sandbox-Escape-Vulnerabilities-in-IBM-SDK-for-Java-7-0-391740.shtml

28. October 16, CNET – (International) Microsoft-DS no longer hackers’ top target. Akamai stated in their “State of the Internet” report that Microsoft-DS, also known as Port 445, was no longer the primary path of attack for attackers, for the first time since Akamai began gathering data on attack vectors in 2008. Cybercriminals have instead changed to targeting users through HTTP Port 80 and SSL Port 443. Source: http://news.cnet.com/8301-1009_3-57607722-83/microsoft-ds-no-longer-hackers-top-target/

29. October 16, Softpedia – (International) Rapid7.com hijacking: Theft of employee credentials, not faxed DNS change request. Rapid7 reported that a recent attack by hacktivist group KDMS Team did not use a fax request to Register.com to change Rapid7 and Metasploit’s DNS records, as previously reported. Instead, Rapid7 found that the attackers used social engineering to obtain employee credentials for use in the DNS record change. Source: http://news.softpedia.com/news/Rapid7-com-Hijacking-Theft-of-Employee-Credentials-Not-Faxed-DNS-Change-Request-391641.shtml

30. October 15, Softpedia – (International) Info stealer trojan Nemim used against organizations from the U.S. and Japan. Symantec researchers found that the Nemim trojan is being used in a campaign targeting U.S. and Japanese organizations to collect information from infected computers, and that the campaign and trojan appear similar to the Egobot trojan that has been used to target South Korean organizations since 2009. Source: http://news.softpedia.com/news/Info-Stealer-Trojan-Nemim-Used-Against-Organizations-from-the-US-and-Japan-391292.shtml

Communications Sector

Nothing to report