Daily Report
Top Stories
· Researchers
at the Black Hat 2014 conference presented findings that showed how attackers
could remotely compromise the systems of certain vehicles that integrate
Bluetooth, radio, or other communications methods into their sensors and
controls. – Threatpost
5.
August 6, Threatpost – (International)
Car hacking enters remote exploitation phase. Researchers at the Black
Hat 2014 conference presented findings that showed how attackers could remotely
compromise the systems of certain vehicles that integrate Bluetooth, radio, or
other communications methods into their sensors and controls. Among the most
vulnerable types of systems the researchers found were systems that can control
vehicles automatically, such as active lane control, self-parking, and
pre-collision systems. Source: http://threatpost.com/car-hacking-enters-remote-exploitation-phase
· A Qualys
researcher discovered two devices, the Morpho Detection Itemiser 3 and the
Kronos 4500, used at U.S. airports and other security checkpoints have
backdoors in which hackers can access usernames and passwords to the devices. –
Dark Reading
11.
August 6, Dark Reading –
(International) TSA checkpoint systems found exposed on the net. A
Qualys researcher discovered two devices, the Morpho Detection Itemiser 3 and
the Kronos 4500, used at U.S. airports and other security checkpoints have
backdoors in which hackers can access usernames and passwords to the devices.
The researchers also found about 6,000 Kronos time clock systems that are
online and open to the public, two of which are located at U.S. airports.
Source: http://www.darkreading.com/vulnerabilities---threats/advanced-threats/tsa-checkpoint-systems-found-exposed-on-the-net/d/d-id/1297843
· DHS and the
U.S. Office of Personnel Management (OPM) suspended work with US Investigations
Services (USIS) August 6 after the contractor reported a cyber-attack likely
involving the theft of personal information of DHS employees. – Reuters
19.
August 7, Reuters – (National) U.S.
Homeland Security contractor reports computer breach. DHS and the U.S.
Office of Personnel Management (OPM) suspended work with Virginia-based US
Investigations Services (USIS) after the contractor reported a cyberattack
likely involving the theft of personal information of DHS employees. DHS
notified its entire workforce and is working with OPM, FBI, and USIS to
determine the scope of the intrusion. Source: http://www.reuters.com/article/2014/08/07/us-usa-security-contractor-idUSKBN0G62N420140807
· At least 600
guests and residents from three hotels in Vail, Colorado, were evacuated for
approximately 8 hours August 6 after a construction crew inadvertently struck a
large steel natural gas pipe and caused a leak. – KUSA 9 Denver
30.
August 7, KUSA 9 Denver – (Colorado) Vail
gas leak repaired, evacuees allowed to return. At least 600 guests and
residents from three hotels in Vail, Colorado, were evacuated August 6 after a
construction crew inadvertently struck a large steel natural gas pipe and
caused a leak. The leak was repaired and guests were allowed to return to their
hotels after about 8 hours. Source: http://www.9news.com/story/news/local/2014/08/06/600-people-evacuated-after-gas-leak/13697433/
Financial Services Sector
7. August 6, Minneapolis/St. Paul
Business Journal – (Minnesota; Arizona; Indiana) Charges:
Eden Prairie investment adviser spent funds from $13M Ponzi scheme at casinos,
strip clubs. The Minnesota U.S. Attorney’s Office filed charges against an
Eden Prairie, Minnesota financial planner for allegedly using his company,
Meadows Financial Group, to run a Ponzi scheme that collected at least $13
million from over 50 clients in Minnesota, Arizona, and Indiana. The charges
allege that the man used most of the investment funds to pay existing investors
and for personal use. Source: http://www.bizjournals.com/twincities/blog/law/2014/08/charges-eden-prairie-investment-adviser-spent-13m.html
8. August 6, Los Angeles Times – (California) ‘Hills Bandit’ of O.C. robs bank in
Carlsbad, FBI says. The FBI stated that a suspect known as the “Hills
Bandit” robbed a U.S. Bank branch in Carlsbad, California, August 5. The man is
also suspected of previously robbing three other banks in Orange County.
Source: http://www.latimes.com/local/lanow/la-me-ln-bank-robber-carlsbad-20140806-story.html
9. August 6, Salt Lake Tribune – (Utah) Jury finds fraudster guilty in commodities
trading scam. The former head of Utah-based U.S. Ventures was found guilty
August 6 on 5 counts of fraud and of filing a false tax return for running his
company as a Ponzi scheme that lost $10.5 million in investments and paid out
funds to previous investors and for the man’s personal use. Source: http://www.sltrib.com/sltrib/news/58269048-78/holloway-jury-money-murphy.html.csp
Information Technology Sector
24. August 7, Help Net Security – (International) Symantec issues update fixing Endpoint
Protection zero-day. Symantec issued a patch for its Symantec Endpoint
Protection (SEP) security solution to address a zero-day vulnerability
identified by Offensive Security researchers that could allow an attacker with
access to the target computer to escalate admin privileges or cause a denial of
service (DoS) situation. The vulnerability can not be exploited remotely but
the exploit code is publicly available. Source: http://www.net-security.org/secworld.php?id=17218
25. August 7, Softpedia – (International) OpenSSL receives nine security fixes. A
new version of the OpenSSL library was released, closing nine security
vulnerabilities identified by researchers from various organizations. The
vulnerabilities could lead to information leaking, downgrading to lower
versions of the security protocol, or denial of service (DoS) attacks. Source: http://news.softpedia.com/news/OpenSSL-Receives-Nine-Critical-Fixes-453932.shtml
26. August 7, Softpedia – (International) US Plextor website hacked by CoMoDo
Islamic hackers. Attackers identifying themselves as the CoMoDo group
defaced the Web site of computer hardware manufacturer Plextor Americas. The
company stated that they are investigating the incident. Source: http://news.softpedia.com/news/US-Plextor-Website-Hacked-by-CoMoDo-Islamic-Hackers-453960.shtml
27. August 7, Softpedia – (International) WordPress and Drupal fix common PHP
XML parser vulnerability. WordPress and Drupal released new versions of
their respective products in a joint effort to close an XML processing
vulnerability that existed in both services and could be used by attackers to
perform denial of service (DoS) attacks. The vulnerability was reported by a
researcher at Salesforce.com and affected over 250 million Web sites according
to Incapsula researchers. Source: http://news.softpedia.com/news/WordPress-and-Drupal-Fix-Common-PHP-XML-Parser-Vulnerability-453888.shtml
28. August 6, Securityweek – (International) APT group hijacks popular domains to
mask C&C communications: FireEye. Researchers with FireEye reported
identifying an advanced persistent threat campaign dubbed “Poisoned Hurricane”
that used a variant of the PlugX (Kaba) malware configured to resolve DNS
lookups through the nameservers of Hurricane Electric, which then spoofed
legitimate domains and IP addresses to disguise the malware’s communication
with command and control (C&C) servers. Source: http://www.securityweek.com/apt-group-hijacks-popular-domains-mask-cc-communications-fireeye
29. August 6, Softpedia – (International) Twitter URL shortening service abused
by spammers. Cloudmark researchers reported that the t.co URL shortening
service used by Twitter was used in 54 percent of shortened links blacklisted
by the company for use in spam campaigns, and that one entity appeared to be
behind two observed campaigns abusing the service, among other findings.
Source: http://news.softpedia.com/news/Twitter-URL-Shortening-Service-Abused-by-Spammers-453832.shtml
For other
stories see items 11 and 19 in Top
Stories
Communications Sector
Nothing
to report