Monday, August 31, 2015



Complete DHS Report for August 31, 2015

Daily Report                                            

Top Stories

  • Officials released August 27 that California residents cut their water usage by 31 percent in July, surpassing government-mandated targets for the second month in a row. – Sacramento Bee

15. August 27, Sacramento Bee – (California) California residents cut water use 31 percent in July. The California State Water Resources Control Board released August 27 that California residents cut their water usage by 31 percent in July, surpassing government-mandated targets for the second month in a row. Source: http://www.msn.com/en-us/news/us/california-residents-cut-water-use-31-percent-in-july/ar-BBmaXAm

• Thousands of firefighters and U.S. military personnel worked August 27 to contain over 60 wildfires that have burned nearly 1.7 million acres across western States. – Reuters

21. August 27, Reuters – (National) Senate hearing on wildfires urged to help bolster firefighting capabilities. Thousands of firefighters and U.S. military personnel worked August 27 to contain over 60 wildfires that have burned nearly 1.7 million acres across western States. Source: http://www.reuters.com/article/2015/08/28/us-usa-wildfires-idUSKCN0QV29Y20150828

• A California woman pleaded guilty August 27 for her role in an immigration fraud scheme that provided student visas to foreign nationals netting as much as $6 million from citizens of South Korea, China, and other nations. – Beverly Hills Patch

22. August 27, Beverly Hills Patch – (California) Beverly Hills man charged in $6 million ‘pay to stay’ immigration fraud. A Los Angeles woman pleaded guilty August 27 for her role in an immigration fraud scheme that provided student visas to foreign nationals, who never went to class, netting as much as $6 million from citizens of South Korea, China, and other nations. The woman worked with a Beverly Hills man who owns Koreatown schools Prodee University, Walter Jay M.D. Institute, and the American College of Forensic Studies, among others. Source: http://patch.com/california/beverlyhills/beverly-hills-man-charged-6-million-pay-stay-immigration-fraud

• An August 27 fire destroyed a Linn County Sheriff’s Office substation in Oregon, causing an estimated $900,000 in damage. – Portland Oregonian

27. August 27, Portland Oregonian – (Oregon) Fire destroys Linn County Sheriff’s Office substation in Mill City. An August 27 fire destroyed a Linn County Sheriff’s Office substation in Mill City, causing an estimated $900,000 in damage after the fire reportedly started when a city public works employee parked small equipment in the building. Employees evacuated the building after failing to extinguish the fire.

Financial Services Sector

4. August 27, U.S. Department of the Treasury – (International) Settlement agreement between the U.S. Department of the Treasury’s Office of Foreign Assets Control and UBS AG. The Office of Foreign Assets Control announced a $1.7 million settlement with UBS AG August 27 to resolve allegations that the bank violated Global Terrorism Sanctions regulations through 222 transactions related to securities held in custody in the U.S. for a client believed to have committed, threatened to commit, or supported terrorism. Source: http://www.treasury.gov/resource-center/sanctions/OFAC-Enforcement/Pages/20150827_33.aspx

5. August 27, U.S. Department of Justice – (National) Business email compromise. The FBI’s Internet Crime Complaint Center (IC3) released an advisory warning corporations of Business Email Compromise (BEC) scams carried out through social engineering or various computer intrusion techniques to conduct unauthorized wire transfers, and cited a 270 percent increase in victims and exposed losses since January. BEC scams accounted for over $747 million in losses to 7,066 victims in all 50 States from October 2013 – August 2015. Source: http://www.ic3.gov/media/2015/150827-1.aspx#fn2

6. August 27, WCBS 2 New York City; Associated Press – (New York) $1.8 million burglary of armored car company on Long Island foiled by alert officer. Nassau County authorities were searching for 4 accomplices in an attempted August 16 robbery of $1.8 million from the Loomis Armored Inc., warehouse in Hicksville, after an officer arrested another suspect and found cash in his vehicle’s trunk on the night of the incident. The perpetrators reportedly used a sledgehammer and hydraulic jack to access a vault containing $20 million. Source: http://newyork.cbslocal.com/2015/08/27/long-island-armored-car-company-robbery/

For another story, see item 34 below in the Information Technology Sector

Information Technology Sector

29. August 28, Securityweek – (International) Moxa patches flaws in industrial ethernet switches. Security researchers from Applied Risk discovered serious privilege escalation, denial-of-service (DoS), and cross-site scripting (XSS) vulnerabilities affecting Moxa industrial ethernet switches that could allow an unauthenticated remote attacker to compromise the device and connected industrial assets. Moxa recently released an update addressing nine heap-based buffer overflow and classic buffer overflow vulnerabilities in its SoftCMS closed-circuit television (CCTV) central management software. Source: http://www.securityweek.com/moxa-patches-flaws-industrial-ethernet-switches

30. August 28, Securityweek – (International) Mozilla updates Firefox 40 to patch two serious flaws. Mozilla released Firefox version 40.0.3 addressing a use-after free vulnerability in which an attacker could crash Firefox or execute arbitrary code with user privileges, and an add-on notification bypass through data Uniform Resource Locator (URL) that an attacker could use to trick users into installing a malicious add-on. Source: http://www.securityweek.com/mozilla-updates-firefox-40-patch-two-serious-flaws

31. August 28, Securityweek – (International) Adobe releases hotfix to patch ColdFusion vulnerability. Adobe released a hotfix addressing a vulnerability in ColdFusion in which a security hole could be exploited to compromise data security, affecting LiveCycle Data Services and BlazeDS. Source: http://www.securityweek.com/adobe-releases-hotfix-patch-coldfusion-vulnerability

32. August 28, Softpedia – (International) Phishing costs an average company up to $3.7 million per year. A Wombat Security Technologies report carried out on 377 U.S. organizations revealed that an average-sized organization can lose up to $3.77 million per year in extrapolated costs due to phishing attacks, that 48% of the costs come from productivity losses in mitigating the attacks, and that uncontained malware attacks can cause industry losses up to $105 million, among other findings.

33. August 27, Threatpost – (International) BitTorrent patch throttles reflective DDoS attacks. BitTorrent released a patch addressing a libuTP protocol vulnerability that could allow attackers to carry out User Datagram Protocol (UDP) distributed reflection denial-of-service (DRDoS) attacks. Source: https://threatpost.com/bittorrent-patch-throttles-reflective-ddos-attacks/114446

34. August 27, SC Magazine – (International) DD4BC are DDoS attack driving force, new report claims. VeriSign released findings from its “Distributed Denial of Service (DDoS) Trends Report – 2nd Quarter 2015” revealing a period of increased activity from the DDoS for Bitcoin (DD4BC) threat group, and that 22 percent of the attacks analyzed targeted the financial and payment sector. Attacks by the group typically start with threats and demands for ransom, followed by increased demands and ramped up DDoS attacks. Source: http://www.scmagazineuk.com/dd4bc-are-ddos-attack-driving-force-new-report-claims/article/435234/

Communications Sector

Nothing to report

Friday, August 28, 2015



Complete DHS Report for August 28, 2015

Daily Report                                            

Top Stories

 · A U.S. Air Force report revealed that the near-crash and ensuing fire in a RC-135V aircraft in April was caused by an oxygen leak due to an improperly tightened retaining nut connecting tubing in the aircraft’s galley. – CNN

3. August 27, CNN – (National) Loose nut costs Air Force $62.4 million in accident. A U.S. Air Force report published in early August revealed that the near-crash and ensuing fire in a RC-135V aircraft in April, which caused $62.4 million in damage, was caused by an oxygen leak due to an improperly tightened retaining nut connecting tubing in the aircraft’s galley. The report attributed the failure to L-3 Communications depot personnel who were responsible for the plane’s maintenance. Source: http://www.cnn.com/2015/08/27/politics/loose-nut-air-force-crash/

 · BNY Mellon Corp worked to address an issue August 26 in its InvestOne system, after the system broke down over the weekend of August 22 and created a backlog of funds to price. – Reuters See item 5 below in the Financial Services Sector

 · Utah-based Novacare, LLC issued a voluntary recall August 24 of several lots of various brands of its dietary supplements due to mislabeling and undeclared salicylic acid. – U.S. Food and Drug Administration

15. August 26, U.S. Food and Drug Administration – (National) Novacare, LLC issues voluntary nationwide recall of dietary supplements due to undeclared salicylic acid. Utah-based Novacare, LLC issued a voluntary recall August 24 of several lots of various brands of its dietary supplements due to mislabeling and undeclared salicylic acid, which is acutely toxic. The unapproved dietary supplements were distributed nationwide.

 · Fire Crews across the Northwest worked August 27 to contain about 50 large wildfires that have burned nearly 1.6 million acres in parts of Washington, Oregon, Idaho, and Montana. – Reuters

22. August 27, Reuters – (National) Wildfire smoke fouls air across U.S. Northwest. Fire Crews across the Northwest worked August 27 to contain about 50 large wildfires that have burned nearly 1.6 million acres in parts of Washington, Oregon, Idaho, and Montana. The wildfires have forced evacuations for thousands of residents, killed 3 firefighters, and prompted an air quality warning in the region due to unhealthy and smoky air. Source: http://www.reuters.com/article/2015/08/27/us-usa-wildfires-idUSKCN0QV29Y20150827

Financial Services Sector

4. August 27, Softpedia – (International) PayPal fixes XSS flaw that allowed access to unencrypted credit card details. PayPal addressed a cross-site scripting (XSS) flaw on the Web site’s SecurePayments page in which an attacker could inject customized payment forms into the page HyperText Markup Language (HTML) in order to intercept user financial and PayPal login information in clear text. Source: http://news.softpedia.com/news/paypal-fixes-xss-flaw-that-allowed-access-to-unecrypted-credit-card-details-490217.shtml

5. August 26, Reuters – (National) BNY Mellon pricing glitch affects billions of dollars of funds. BNY Mellon Corp worked to address an issue August 26 in its InvestOne system that is uses to calculate prices for client mutual funds and exchange traded funds (ETF), after the system broke down over the weekend of August 22 and created a backlog of funds to price. The system, run by SunGard, was operating at limited capacity August 25. Source: http://www.reuters.com/article/2015/08/26/bnymellon-funds-nav-idUSL1N1112FT20150826

6. August 26, WLS 7 Chicago – (Illinois) ‘Uptown Beach Bandit’ robs 3 North Side banks. The FBI is searching for a suspect dubbed the “Uptown Beach Bandit” who authorities allege has robbed 3 North Side banks in Chicago since August 5, with the latest robbery occurring August 22 at a TCF bank. The suspect is considered armed and dangerous. Source: http://abc7chicago.com/news/uptown-beach-bandit-robs-3-north-side-banks/957607/

Information Technology Sector

24. August 27, The Register – (International) FireEye intern VXer pleads guilty for Darkode droid RAT ruse. A former FireEye intern from Pittsburgh pleaded guilty to creating and selling the Dendroid remote access trojan (RAT) for Android phones on the Darkode hacker forums. Denroid was capable of infecting about 1,500 phones for each buyer, while it is unknown how many copies the suspect sold. Source: http://www.theregister.co.uk/2015/08/27/fireeye_intern_vxer_pleads_guilty_for_darkode_droid_rat_ruse/

25. August 27, Threatpost – (International) Endress+Hauser patches buffer overflow in dozens of ICS products. Endress+Hauser and CodeWrights released updates addressing a remotely exploitable vulnerability found in the Device Type Manager (DTM) library of dozens of Endress+Hauser’s products used for industrial process automation, in which an attacker could use a specially crafted packet to create a buffer overflow in the DTM, causing the affected product to hang indefinitely.Source: https://threatpost.com/endresshauser-patches-buffer-overflow-in-dozens-of-ics-products/114429

26. August 27, Securityweek – (International) Small percentage of employees responsible for most cloud security risk: Report. Report findings from a CloudLock analysis of 10 million users across 1,800 organizations revealed that the top 1 percent of users in organizations are responsible for 57 percent file ownership, 81 percent of file shares, 73 percent of exposed files, and 62 percent of application industries, suggesting that cyber risks could be mitigated by reaching out to an organization’s top users, among other findings. Source: http://www.securityweek.com/small-percentage-employees-responsible-most-cloud-security-risk-report

For another story, see item 4 above in the Financial Services Sector

Communications Sector
 
27. August 26, Brainerd Dispatch – (Minnesota) Accidental fiber cut causes 2+ day Internet outage near Aitkin. CenturyLink officials reported that 2,197 DSL Internet customers around Aitkin, Crosby, Deerwood, and Detroit Lakes were without service from August 22 to August 24 after a third-party vendor inadvertently cut a fiber line. Source: http://www.brainerddispatch.com/news/3826028-accidental-fiber-cut-causes-2-day-internet-outage-near-aitkin

28. August 26, Glen Falls Post-Star – (New York) Thurman phone outage could last into Thursday. The town of Thurman in New York was without phone and Internet service August 25 after a vehicle hit a utility pole, damaging Verizon equipment and forcing residents to use phones in nearby towns, or at the local Town Hall or fire station. Officials reported that service may not be restored until August 27. Source: http://poststar.com/news/local/thurman-phone-outage-could-last-into-thursday/article_4e2264ec-e9f0-592b-af82-9ba6812b5967.html