The DHS Daily Report is again
active. I am surprised that a summary of
the past unreported days is not being offered.
What say you?
Complete DHS Daily Report for October 17, 2013
Daily Report
Top Stories
• A former Halliburton Energy Services manager
pleaded guilty to destroying evidence related to the 2010 Deepwater Horizon oil
spill in the Gulf of Mexico. – Associated Press
1.
October 16, Associated Press – (International) Ex-Halliburton
manager pleads guilty. A former Halliburton Energy Services manager pleaded
guilty October 15 to destroying evidence in a 2010 oil spill in the Gulf of
Mexico. The former employee of Halliburton, BP plc.’s contractor on the
Deepwater Horizon drilling rig, instructed employees to delete data during a
post-spill review of the cement job on BP’s blown-out Macondo well. Source: http://www.lasvegassun.com/news/2013/oct/16/us-gulf-oil-spill-halliburton/
• Researchers found that the Automatic
Identification System (AIS) tracking system on commercial and passenger ships
is vulnerable to cyberattacks that could misdirect ships and spoof various
signals. – Softpedia
10.
October 16, Softpedia – (International) Global vessel tracking
systems vulnerable to hacker attacks, experts warn. Researchers from Trend
Micro found that the Automatic Identification System (AIS), a tracking system
that relies on GPS installed on some commercial and all passenger ships, are
vulnerable to cyberattacks where hackers can hijack the communications of
ships, disable the AIS, create fake ship signals, and trigger fake SOS or
collision alerts. Source: http://news.softpedia.com/news/Global-Vessel-Tracking-Systems-Vulnerable-to-Hacker-Attacks-Experts-Warn-391628.shtml
• Sixty-four Cleveland police officers were
found guilty for various charges and will be disciplined in connection with
their role in a 2012 police chase that resulted in 137 shots being fired at two
unarmed occupants of a speeding car. – CNN
24. October 16, CNN –
(Ohio) Police chief: 64 Cleveland officers broke rules in shooting. Sixty-four
Cleveland police officers were found guilty for various charges and will be
disciplined in connection with their role in a 2012 police chase that resulted
in 137 shots being fired at two occupants of a speeding car. The two
individuals in the car were killed and an investigation determined they were
unarmed. Source: http://www.cnn.com/2013/10/16/justice/cleveland-police-shooting/index.html
• Oracle
released its October Critical Patch Update (CPU) which includes patches for 127
security vulnerabilities across a range of products. – The Register
See item 25 below in the Information
Technology Sector
Details
Banking and Finance Sector
6. October 15, SC
Magazine – (International) New malware enables attackers to take money
directly from ATMs. Researchers at Safensoft and Trustwave identified and
analyzed a piece of malware known as Ploutus that has been infecting ATMs in
Mexico and allowing criminals to instruct the machines to dispense cash. The
ATMs are infected after their CD-ROM drives are forced open, and instructions
are given to compromised machines either by keypad sequences or by the
interactive interface. Source: http://www.scmagazine.com/new-malware-enables-attackers-to-take-money-directly-from-atms/article/316409/
7. October 15, Ars
Technica – (International) “Dexter” malware infects South African
restaurants, costs banks millions. Banks in South Africa sustained millions
of dollars in losses after a new variant of the Dexter point-of-sale device
malware was found to have compromised the accounts of potentially hundreds of
thousands of customers. Source: http://arstechnica.com/security/2013/10/dexter-malware-infects-south-african-restaurants-costs-banks-millions/
8. October 15, KTVI 2
St. Louis – (Illinois) O’Fallon bank robbery suspect may be serial
robber. Police arrested a man in Swansea identified as a suspect in the
October 15 robbery of a Bank of O’Fallon branch in Lincoln, and investigators
believe he may be the same man responsible for at least six other bank
robberies. Source: http://fox2now.com/2013/10/15/police-searching-for-bank-robbers-near-belleville/
9. October 15, Greater
Alexandria Patch – (Virginia) Police arrest suspect in ‘Beacon Hill
Bandit’ bank robberies. Police arrested a man in Alexandria believed to be
the “Beacon Hill Bandit” responsible for robbing the same TD Bank branch six
times between 2010 and 2013. Source: http://greateralexandria.patch.com/groups/around-town/p/police-arrest-suspect-in-beacon-hill-bandit-bank-robberies
Information Technology Sector
25. October 16, The
Register – (International) Oracle drops shedload of CRITICAL
vuln-busting Java patches. Oracle released its October Critical Patch
Update (CPU) which includes patches for 127 security vulnerabilities across a range
of products. Fifty-one vulnerabilities were addressed in Java, including 12
that could allow attackers to take full control of targeted machines without
authentication. Source: http://www.theregister.co.uk/2013/10/16/oracle_quarterly_patch_batch/
26. October 16,
Softpedia – (International) 5 vulnerabilities fixed with release of
Chrome 30.0.1599.101. Google released the latest update for its Chrome
browser, closing five security issues. Source: http://news.softpedia.com/news/5-Vulnerabilities-Fixed-with-Release-of-Chrome-30-0-1599-101-391599.shtml
27. October 16,
Softpedia – (International) Researchers identify two sandbox escape
vulnerabilities in IBM SDK for Java 7.0. Researchers from Security
Explorations identified and reported two Java sandbox escape vulnerabilities
affecting Java SDK for Java Technology Edition, version 7.0 SR5. The
researchers sent a report and proof-of-concept to IBM October 16. Source: http://news.softpedia.com/news/Researchers-Identify-Two-Sandbox-Escape-Vulnerabilities-in-IBM-SDK-for-Java-7-0-391740.shtml
28. October 16, CNET –
(International) Microsoft-DS no longer hackers’ top target. Akamai
stated in their “State of the Internet” report that Microsoft-DS, also known as
Port 445, was no longer the primary path of attack for attackers, for the first
time since Akamai began gathering data on attack vectors in 2008.
Cybercriminals have instead changed to targeting users through HTTP Port 80 and
SSL Port 443. Source: http://news.cnet.com/8301-1009_3-57607722-83/microsoft-ds-no-longer-hackers-top-target/
29. October 16,
Softpedia – (International) Rapid7.com hijacking: Theft of employee
credentials, not faxed DNS change request. Rapid7 reported that a recent attack
by hacktivist group KDMS Team did not use a fax request to Register.com to
change Rapid7 and Metasploit’s DNS records, as previously reported. Instead,
Rapid7 found that the attackers used social engineering to obtain employee
credentials for use in the DNS record change. Source: http://news.softpedia.com/news/Rapid7-com-Hijacking-Theft-of-Employee-Credentials-Not-Faxed-DNS-Change-Request-391641.shtml
30. October 15, Softpedia – (International) Info stealer
trojan Nemim used against organizations from the U.S. and Japan. Symantec
researchers found that the Nemim trojan is being used in a campaign targeting
U.S. and Japanese organizations to collect information from infected computers,
and that the campaign and trojan appear similar to the Egobot trojan that has
been used to target South Korean organizations since 2009. Source: http://news.softpedia.com/news/Info-Stealer-Trojan-Nemim-Used-Against-Organizations-from-the-US-and-Japan-391292.shtml
Communications Sector
Nothing to
report