Complete DHS Report for
August 25, 2015
Daily Report
Top Stories
· U.S. 26 in Oregon remained closed
August 24 after initially closing August 22 for approximately 12 hours due to a
brush fire. – KGW 8 Portland
4. August 24,
KGW 8 Portland – (Oregon) U.S. 26 remains closed Monday due to brush fire near
Manning. U.S. 26 in Manning, Oregon, remained closed August 24 after
initially closing August 22 for approximately 12 hours due to a brush fire. The
roadway was reopened and closed again August 23 while crews worked to contain
the fire. Source:
http://www.kgw.com/story/news/local/washington-county/2015/08/22/hwy-26-closed-near-manning-because-brush-fire/32215783/
· Lookout released a report revealing
that 14,622 Lookout-enabled devices across 20 Federal agencies encountered
1,781 app-based threats and that 18 percent of Federal employees with personal
and government-issued smartphones reported encountering malicious software,
among other findings. – Help Net Security
15. August 24,
Help Net Security – (International) Risky mobile behaviors are prevalent in the
government. Lookout released findings from a report revealing that 14,622 Lookout-enabled devices
across 20 Federal agencies encountered 1,781 app-based threats, that employees
use personal mobile devices in various ways that can compromise agency network
security, and that 18 percent of Federal employees with personal and
government-issued smartphones reported encountering malicious software, among
other findings. Source: http://www.net-security.org/secworld.php?id=18790
· Crews reached 10 percent containment
August 24 of the Okanogan Complex Fire that has burned over 400 square miles in
Washington and is now the largest fire in State history. – Associated Press
16. August 24,
Associated Press – (Washington) Washington wildfire is now largest in state
history. Crews reached 10 percent containment August 24 of the Okanogan
Complex Fire that has burned over 400 square miles in Washington and is now the
largest fire in State history. Firefighters battled 16 other wildfires in
central and eastern Washington covering over 940 square miles that have damaged
or destroyed more than 200 homes. Source: http://www.msn.com/en-us/news/us/im-alive-%E2%80%94-people-survey-damage-from-washington-fire/ar-BBm2hHc
· A man died of a self-inflicted gunshot
wound after entering a Federal building in New York August 21, and shooting and
fatally injuring a security officer. – WCBS 2 New York City
24. August 21,
WCBS 2 New York City – (New York) Police: Gunman shoots security officer dead, kills
self at Varick Street Federal building. A man died of a self-inflicted
gunshot wound after entering a Federal building in New York August 21, and
shooting and fatally injuring a security officer. The building was placed on
lockdown and evacuated while officials investigated the incident.
Financial Services Sector
3. August 21,
South Florida Sun-Sentinel – (Florida) ‘Lucky Bandit’ pleads guilty to
bank robbery charges. A man believed to be the suspect dubbed the “Lucky
Bandit” pleaded guilty August 21 to attempting to rob a Citibank branch and to
robbing a Wells Fargo bank in Pembroke Pines last April.Source: http://www.sun-sentinel.com/local/broward/fl-lucky-bandit-pleads-brf-20150821-story.html
Information Technology Sector
25. August 24,
Securityweek – (International) Zero-day flaws found in Dolphin, Mercury
browsers for Android.A security researcher discovered a vulnerability in
the Dolphin Web browser for Android in which a man-in-the-middle (MitM)
attacker could inject a specially crafted file to arbitrarily write files or
execute remotely, as well as unpatched insecure Intent URI scheme
implementation and path transversal vulnerabilities in the Mercury Web browser
that could allow a remote attacker to read and write arbitrary files within the
application’s data directory.Source: http://www.securityweek.com/zero-day-flaws-found-dolphin-mercury-browsers-android
26. August
24, Softpedia – (International) Google
patches Android vulnerability that allowed arbitrary code execution. Google
issued an update addressing a heap overflow vulnerability in the Android
mediserver’s Audio Policy Service that an attacker could trigger to cause a
continuous crash loop in the affected device. Source: http://news.softpedia.com/news/google-patches-android-vulnerability-that-allowed-arbitrary-code-execution-489905.shtml
27. August 24,
Securityweek – (International) Apple patches nine vulnerabilities in
QuickTime for Windows. Apple patched nine vulnerabilities in QuickTime
7.7.8 for Microsoft Windows, including denial-of-service (DoS) flaws that can
be exploited via specially crafted .MOV files, leading to a memory corruption
condition that can cause QuickTime to terminate unexpectedly. Source: http://www.securityweek.com/apple-patches-nine-vulnerabilities-quicktime-windows
For additional stories, see
item 2 below from the Critical
Manufacturing Sector and 15 above in Top Stories
2. August 24,
The Register – (International) Samsung smart fridge leaves Gmail logins open
to attack. Security researchers from Pen Test Partners discovered a Secure
Sockets Layer (SSL) vulnerability in Samsung’s RF28HMELBSR smart fridge in
which a man-in-the-middle (MitM) attacker could use a fake Wi-Fi access point
and deauthentication to steal Google login credentials via the refrigerator’s
calendar client. Source: http://www.theregister.co.uk/2015/08/24/smart_fridge_security_fubar/
Communications Sector
Nothing to report
No comments:
Post a Comment