Complete DHS Report for
November 17, 2015
Daily Report
Top Stories
• A Pacific Gas and Electric Co. pipeline was shut down
after it ruptured and exploded November 13 in Kerns County, California, killing
1 person and injuring 2 others. – Associated Press
2. November
14, Associated Press – (California) 1 killed, 2 injured after gas line explodes in
California. A Pacific Gas and Electric Co. pipeline was shut down after it
ruptured and exploded November 13 in Kerns County, California, killing 1 person
and injuring 2 others. The line was cut by someone using heavy equipment and
fire crews were able to put out the fire that also destroyed a nearby home. Source: http://www.foxnews.com/us/2015/11/14/1-killed-2-injured-after-gas-line-explodes-in-california/
• Kia Motors issued a recall November 6 for 256,000 of its
Soul vehicles model year 2014 – 2016 due to a manufacturing error in the pinion
plug that could loosen and fall out, causing a dangerous inability to control
the vehicle. – New York Times
3. November
13, New York Times – (National) Kia issues a second recall of Soul models in 2
years. Kia Motors issued a recall November 6 for 256,000 of its Soul
vehicles model year 2014 – 2016 due to a manufacturing error in the pinion
plug, a part of the steering assembly that could loosen and fall out, causing a
dangerous inability to control the vehicle. The recall follows an earlier
recall of 52,000 Kia Soul vehicles for the same issue. Source: http://www.nytimes.com/2015/11/14/business/kia-issues-a-second-recall-of-soul-models-in-2-years.html
• A City Sightseeing tour bus veered out of control and ran
down several people before crashing into a construction site in San Francisco’s
Union Square November 13, leaving at least 20 people injured. – Fox News;
Associated Press
10. November
14, Fox News; Associated Press – (California) At least 20
injured, 6 critically when out-of-control tour bus crashes in San Francisco. A
City Sightseeing tour bus veered out of control and ran down several people
before crashing into scaffolding lining a construction site in San Francisco’s
Union Square November 13, leaving at least 20 people injured. Authorities are
investigating the cause of the accident. Source: http://www.foxnews.com/us/2015/11/14/several-hurt-as-careening-tour-bus-crashes-in-san-francisco/
• A Maryland
couple was convicted November 12 in connection to orchestrating a scheme to
defraud Washington, D.C. Medicaid out of more than $80 million through one of
the defendant’s company, Global Health Care Services of the District. – Washington
Post
19. November
12, Washington Post – (Washington, D.C.) Federal jury convicts Md. couple in $80
million D.C. Medicaid fraud case. A Maryland couple was convicted November
12 in connection to orchestrating a scheme to defraud Washington, D.C. Medicaid
out of more than $80 million between 2009 and 2014 through one of the
defendant’s company, Global Health Care Services of the District. The pair
enlisted relatives and others to sign up and coach Medicaid recipients who
received kickbacks for submitting false claims for health care that was never
provided.
Financial Services Sector
5. November
15, Chicago Sun-Times – (Illinois) Wheaton financial firm owner
charged with wire fraud. The owner of Illinois Stock Transfer Company in
Wheaton was charged November 12 for 10 counts of wire fraud after stealing more
than $1.2 million from a client’s fund account and using the funds for his
company’s corporate taxes, payroll, and business expenses from 2012 to 2014. Source: http://chicago.suntimes.com/news/7/71/1103407/wheaton-financial-firm-owner-charged-wire-fraud
6. November
14, Softpedia – (National) PoS malware spread via weaponized Microsoft Word
documents. Researchers from Proofpoint discovered the point-of-sale (PoS)
malware dubbed AbaddonPOS was a part of a malware-delivery campaign allowing
attackers to download other malware from Command and Control servers (C&C)
using its own custom protocol via Microsoft Word documents and malicious Web
sites, in an attempt to steal credit and debit card transaction data. Source: http://news.softpedia.com/news/pos-malware-spread-via-weaponized-microsoft-word-documents-496155.shtml
Information Technology Sector
28. November
16, Securityweek – (International) Thousands of sites infected with Linux
encryption ransomware. Researchers from Dr. Web reported that approximately
2,000 Web sites were compromised by the Linux file-encrypting ransomware dubbed
Linux.Encoder1, that targets the root and home files, web servers, backups, and
source code via a downloaded file containing the public RSA key used to store
AES keys that adds .encrypt extension to each file, allowing files to be nearly
impossible to recover without paying a ransom to the attackers. A patch was
released, but experts warned that attackers may update the malware to make file
decryption more difficult. Source: http://www.securityweek.com/thousands-sites-infected-linux-encryption-ransomware
29. November
16, IDG News Service – (International) State-sponsored cyberspies inject victim
profiling and tracking scripts in strategic websites. Security researchers
from FireEye discovered an attack campaign dubbed WITCHCOVEN, which has
injected computers profiling and tracking scripts into over 100 Web sites
involved in international business travel, diplomacy, energy production and
policy, international economics, and official government work. The malware was
designed to identify users of interest and target such users with exploits
designed for their specific computer and software configurations. Source: http://www.computerworld.com/article/3005270/malware-vulnerabilities/state-sponsored-cyberspies-inject-victim-profiling-and-tracking-scripts-in-strategic-websites.html#tk.rss_security
30. November
16, InfoWorld – (International) Microsoft fixes Hyper-V bug in Windows. Microsoft
released patches for vulnerabilities in its Hyper-V hypervisor software
affecting several Windows Servers, including a flaw in the central processing
unit (CPU) chip set that issues instructions and causes the host system into a
nonresponsive state, resulting in a denial-of-service condition for users’
operating systems. No attacks in the wild have been reported. Source: http://www.infoworld.com/article/3005238/security/microsoft-fixes-hyper-v-bug-in-windows.html
31. November
16, Softpedia – (International) A quarter of web-accessible devices have
vulnerable firmware. Researchers from EURECOM and Ruhr University in
Bochum, Germany, released a study confirming the weak state of security for
Internet of Things (IoT) devices included cross-site scripting (XSS) vulnerabilities,
cross-site request forgery (CSRF) vulnerabilities, SQL injection (SQLi)
vulnerabilities, and remote code/command execution (RCE) vulnerabilities which
can grant attackers access to devices, spy on users, steal data, and rewrite
the firmware to perform other malicious activities. Source: http://news.softpedia.com/news/a-quarter-of-web-accessible-devices-have-vulnerable-firmware-496229.shtml
32. November
16, Securityweek – (International) Libpng Library updated to patch
vulnerabilities. The official Portable Network Graphics (PNG) reference
library, Libpng released an update addressing several memory corruption
vulnerabilities in all its versions from 1.6.18 – 1.0.63, affected by a
potential out-of-bounds read in the png_set_tIME() and png_convert_to_rfc1123()
functions, and an out-of-bounds write issue in the png_get_PLTE() and
png_set_PLTE() functions that failed to check for an out-of-range palette when
reading or writing PNG files. The flaws were patched with the release of
updated versions. Source: http://www.securityweek.com/libpng-library-updated-patch-vulnerabilities
33. November
15, Softpedia – (International) Compromised Web site fools security vendor,
continues to infect users. Researchers from Palo Alto Networks reported
that the CryptoWall 3.0 ransomware, that previously affected all users via the
Angler Exploit Kit when users visited the Web site, cxda.[.]gov[.]cn, was still
active and compromised 4,000 additional Web sites despite initial reports that
revealed the malicious campaign had stopped. Researchers revealed a “dormant”
and “filtering” functionality imbedded in the campaign’s malicious code allowed
attackers to go unnoticed depending on the Web sites’ source Internet Protocol
(IP) and user agent. Source: http://news.softpedia.com/news/compromised-website-fools-security-vendor-continues-to-infect-users-496178.shtml
34. November
13, Softpedia – (International) Oil and gas companies indirectly put at risk
by vulnerabilities in ERP systems. Researchers from ERPScan presenting at
Black Hat Europe 2015 showed how a vulnerability in an enterprise resource
planning (ERP) suite from SAP and Oracle used inside oil and gas companies,
could allow an attacker to gain access into operation technology (OT)
infrastructure through connected applications that are insecure. The
researchers also determined that misconfigurations, the presence of unnecessary
privileges, and custom code provided entry or access escalation points for
attacks. Source: http://news.softpedia.com/news/oil-and-gas-companies-indirectly-put-at-risk-by-vulnerabilities-in-erp-systems-496124.shtml
Communications Sector
Nothing to report
No comments:
Post a Comment