Complete DHS Report for
December 30, 2015
Daily Report
Top Stories
• Fiat Chrysler Automobiles issued 2 recalls December 27
for more than 412,938 of its Jeep Grand Cherokee, Dodge Durangos, Compass, and
Patriot vehicles distributed in the U.S. due to a vanity mirror wiring and
clamp issue that can cause a fire. – Autoblog
3. December
27, Autoblog – (International) FCA recalls 570,000 SUVs from Jeep and Dodge
over fire woes. Fiat Chrysler Automobiles (FCA) issued two recalls December
27 for 352,831 of its model year 2011 – 2012 Jeep Grand Cherokee vehicles and
models built before 2012 Dodge Durango vehicles due to a vanity mirror wiring
issue, as well as 60,107 of its model year 2015 Jeep Compass and Patriot
vehicles distributed in the U.S. due to an out-of-position clamp that could
lead to a leak in the power steering fluid line and pose a fire hazard or loss
of power-steering.
• Two former employees of Jaycal Tax Service in Phenix
City, Alabama, pleaded guilty December 28 for their roles in an identity theft
scheme that stole over 1,000 identities between 2007 and 2012. – Montgomery
Advertiser See
item 5 below in the Financial Services Sector
• Adobe released out-of-band security updates that
addressed several vulnerabilities in its Flash Player products which affects
all platforms and can allow an attacker to take control of an infected system
through a spear phishing campaign. – SecurityWeek See item 20 below in the Information Technology Sector
• Researchers from Palo Alto Networks discovered that a
total of 11,149 computers were infected by new malware dubbed ProxyBack, which
targets personal computers and educational institutes in Europe. – Softpedia
See item 21 below in the Information Technology Sector
Financial Services Sector
4. December
29, Quincy Patriot Ledger – (Massachusetts) Quincy Credit Union works
to replace debit cards, stolen money. Quincy Credit Union reported that at
least 675 of its customers’ accounts were compromised the weekend of December
26 after officials found hackers had installed an ATM skimming device to the
company’s machines. Officials believe hackers installed the malicious devices
early December and later created duplicate cards, which were used to withdraw
cash at ATMs throughout New York City. Source: http://www.patriotledger.com/news/20151228/quincy-credit-union-works-to-replace-debit-cards-stolen-money
5. December
28, Montgomery Advertiser – (Alabama) 2 plead guilty to ID theft, $4
million in tax fraud. Two former employees of Jaycal Tax Service in Phenix
City pleaded guilty December 28 to aggravated identity theft and conspiring to
defraud the government after the two obtained more than 1,000 stolen
identities, filed over 1,200 false Federal tax returns, and claimed more than
$4 million in fraudulent returns between 2007 and 2012. Source: http://www.montgomeryadvertiser.com/story/news/crime/2015/12/28/2-plead-guilty-id-theft-claiming-4-million-false-returns/77970688/
Information Technology Sector
18. December
29, Softpedia – (International) AVG forcibly installs vulnerable Chrome extension
that exposes users’ browsing history. A researcher from Google Project Zero
discovered a serious vulnerability in the AVG Web TuneUp Chrome extension,
which was forcibly installed when users downloaded the AVG Antivirus that
allowed attackers to access users’ cookies, browsing history, and other details
by executing cross-site scripting (XSS) attacks and cross-domain requests. AVG
Web TuneUp Version 4.2.5.169 patched the flaw and Google blocked AVG’s inline
installation of the extension. Source: http://news.softpedia.com/news/avg-forcibly-installs-vulnerable-chrome-extension-that-exposes-user-s-browsing-history-498187.shtml
19. December
28, SecurityWeek – (International) Android malware uses firewall rules to block
security apps. Researchers from Symantec discovered a new Microsoft Android
malware, dubbed Android.Spywaller, that allows attackers to block mobile
security applications, exfiltrate sensitive data from compromised mobile
devices including personally identifying information (PII), and collect data
belonging to specific third-party communication applications including
BlackBerry Messenger, Oovoo, and Skype, among others, through a reverse payload
attack that drops and runs the DroidWall firewall binary to create firewall
rules and block the application’s security using its own unique identifier
(UID). The malware was seen targeting users in China via the Qihoo 360
application and researchers advised users to install security solutions to
block mobile threats, update software regularly, and install applications from
trusted sources. Source: http://www.securityweek.com/android-malware-uses-firewall-rules-block-security-apps
20. December
28, SecurityWeek – (International) Adobe issues emergency patch for flash
zero-day under attack. Adobe released out-of-band security updates that
addressed several vulnerabilities in its Flash Player products including a type
confusion vulnerability, an integer overflow vulnerability, a use-after-free
vulnerability, and a memory corruption vulnerability that affects all platforms
and can allow an attacker to take control of an affected system through a spear
phishing campaign.Source: http://www.securityweek.com/adobe-issues-emergency-patch-flash-zero-day-under-attack
21. December
28, Softpedia – (International) ProxyBack malware turns infected computers
into internet proxies. Researchers from Palo Alto Networks discovered that
a total of 11,149 computers were infected by the new malware, ProxyBack, which
targets personal computers (PC) and educational institutes in Europe by
altering infected devices into Internet proxies while illegally using them to
transfer Internet traffic via an established connection with a malicious proxy
server, where it receives instructions to route traffic to attackers’ Web servers.
Each affected device works as a bot inside a larger network to send commands
and updated instructions via simple Hypertext Transfer Protocol (HTTP). Source:
http://news.softpedia.com/news/proxyback-malware-turns-infected-computers-into-internet-proxies-498167.shtml
Communications Sector
Nothing to report
No comments:
Post a Comment