Daily Report
Top Stories
· Thirteen
suspects were indicted in federal court August 7 for allegedly operating a
major counterfeit currency ring that distributed over $77 million in fake bills
in several States since at least 1999. – Bloomberg News See item 6 below in the Financial Services Sector
· A hunter was
charged August 7 with starting the August 2013 Rim Fire which burned over
250,000 acres in California, injured 10 people, and damaged over 100
structures. – Los Angeles Times
20.
August 7, Los Angeles Times –
(California) Hunter charged with sparking massive Rim fire, state’s
third-largest. A hunter was charged by a federal grand jury August 7 with
starting a campfire in the Stainislaus National Forest in August 2013 that
spread to become the Rim Fire burning over 250,000 acres in and around Yosemite
National Park. The fire left 10 people injured and burned more than 100
structures in addition to causing significant environmental damage. Source: http://www.latimes.com/local/lanow/la-me-ln-rim-fire-charges-20140807-story.html
· Kaspersky Lab
identified the infection methods used in the Epic Turla cyber-espionage
campaign that targeted military organizations, government agencies, education
institutions, and pharmaceutical companies in over 45 countries. – Securityweek
See item 27
below in the Information Technology
Sector
· Accuvant
announced that up to 2 billion smartphone handsets are at risk for over the air
hijacking which can be exploited through the Open Mobile Alliance Device
Management protocol, used by approximately 100 mobile phone manufacturers. – The
Register See item 30 below in the Communications
Sector
Financial Services Sector
6. August 7, Bloomberg News – (International) U.S. charges 13 with spreading $77
million in fake bills. Thirteen suspects arrested by U.S. Secret Service
agents in May and June were indicted in federal court August 7 for allegedly
operating a major counterfeit currency ring that distributed over $77 million
in fake bills in several States along the East Coast since at least 1999. The
fake bills were believed to have been manufactured in Israel, and the group
allegedly established a counterfeit bill printing press in New Jersey in
January 2014. Source: http://www.businessweek.com/news/2014-08-07/u-dot-s-dot-charges-13-with-spreading-77-million-in-fake-bills
7. August 7, Miami Herald – (Florida) TotalBank responds to computer security
breach. Miami-based TotalBank notified 72,500 customers after an
investigation revealed that unauthorized individuals may have accessed the
bank’s systems and obtained customer names, account numbers, addresses, account
balances, and other personal information. The bank stated that it took action
to secure its systems and is continuing to investigate. Source: http://www.miamiherald.com/2014/08/07/4277318/totalbank-responds-to-computer.html
8. August 7, IDG News Service – (International) Some mobile POS devices still affected
by critical flaws months after patch. A researcher with MWR InfoSecurity
and a colleague presenting at the Black Hat 2014 conference detailed how flaws
in mobile point of sale (mPOS) devices from several manufacturers may be
vulnerable to being taken over by attackers using customized smart cards in
order to steal the payment card information read by the devices. The
researchers reported the flaws previously and a patch for the EMV library was
released in April, but some vendors have yet to push out the update to their
devices, leaving the devices vulnerable. Source: http://www.networkworld.com/article/2463081/security/some-mobile-pos-devices-still-affected-by-critical-flaws-months-after-patch.html
Information Technology Sector
23. August 8, Softpedia – (International) Network access storage devices are
highly exploitable. A researcher from Independent Security Evaluators presenting
at the Black Hat 2014 conference reported finding a wide variety of
vulnerabilities in network access storage (NAS) devices from several
manufacturers, including directory traversal, command injection, memory
corruption, authentication bypass, or back door vulnerabilities. Source: http://news.softpedia.com/news/Network-Access-Storage-Devices-Are-Highly-Exploitable-454103.shtml
24. August 8, Help Net Security – (International) Critical bug in WordPress plugin
allows site hijacking. Sucuri researchers identified and reported a
vulnerability in the Custom Contact Forms plugin for WordPress that could allow
attackers to take control of sites using the plugin. The developers of Custom
Contact Forms published an update for the plugin after the issue was published
by the WordPress Security team. Source: http://www.net-security.org/secworld.php?id=17227
25. August 8, Help Net Security – (International) Two Gameover Zeus variants targeting
Europe and beyond. Researchers at Bitdefender identified two Gameover Zeus
variants in the wild, one botnet primarily targeting the U.S. while the second
targets Belarus and Ukraine. The first botnet is generating around 1,000
domains per day while the second generates 10,000 per day but appears to
currently be inactive. Source: http://www.net-security.org/malware_news.php?id=2833
26. August 8, Securityweek – (International) Cybercriminals steal cryptocurrency
via BGP hijacking. Researchers with Dell SecureWorks reported finding
cybercriminals using fake Border Gateway Protocol (BGP) broadcasts to redirect
traffic from cryptocurrency mining pools to servers they control, diverting
tens of thousands of dollars in cryptocurrency. The attackers compromised 51
mining pools hosted on 19 hosting companies. Source: http://www.securityweek.com/cybercriminals-steal-cryptocurrency-bgp-hijacking
27. August 7, Securityweek – (International) Attackers used multiple zero-days to
hit spy agencies in cyber-espionage campaign. Kaspersky Lab researchers
identified the infection methods used in the Epic Turla cyber-espionage
campaign (also known as Snake or Uroburos) that targeted intelligence agencies,
military organizations, government agencies, education institutions,
pharmaceutical companies, and research groups in over 45 countries. The attackers
behind the campaign used several malware platforms and zero-day exploits in
Windows XP and Server 2003 and Adobe Reader to infect systems and then could
upgrade the malware with additional capabilities once in place. Source: http://www.securityweek.com/attackers-used-multiple-zero-days-hit-spy-agencies-cyber-espionage-campaign
28. August 7, Dark Reading – (International) Attack harbors malware in images. A
researcher with Dell SecureWorks reported finding the Lurk malware being
distributed within a fake digital image as part of a click fraud campaign that
infected around 350,000 systems. The malware in the campaign was spread through
iFrames on Web sites containing an Adobe Flash exploit, and required victims to
have a vulnerable version of Adobe Flash that is used to download the fake
image file, which contains an encrypted URL that downloads a second malicious
payload. Source: http://www.darkreading.com/endpoint/attack-harbors-malware-in-images/d/d-id/1297867
29. August 7, Securityweek – (International) Flaws in email and Web filtering
solutions expose organizations to attacks: Researcher. A researcher at NCC
Group presenting at the Black Hat 2014 conference published two whitepapers
outlining how email and Web filtering solutions can be used by attackers in the
reconnaissance phase of attacks to obtain information on a potential target
network if the attackers can determine which products or services are being
used on the target network. Source: http://www.securityweek.com/flaws-email-and-web-filtering-solutions-expose-organizations-attacks-researcher
For another story, see item 30 below in the Communications Sector
Communications Sector
30. August 8, The Register – (International) ‘Up to two BEEELLION’ mobes easily
hacked by evil base station. Researchers from the security firm Accuvant announced
at the Black Hat 2014 conference August 7 that up to 2 billion smartphone
handsets are at risk for over the air hijacking and abuse which can be
exploited through the Open Mobile Alliance Device Management (OMA-DM) protocol,
used by approximately 100 mobile phone manufacturers. To access the handsets
remotely the hacker only needs to know the handset’s unique International
Mobile Station Equipment Identity (IMEI) number and a secret token. Source: http://www.theregister.co.uk/2014/08/08/two_billeeon_mobile_phones_easily_hackable_with_dummy_base_station/
No comments:
Post a Comment