Wednesday, March 25, 2015



Complete DHS Report for  March 25, 2015

Daily Report

Top Stories

 · Between 1,500 – 2,000 patrons who dined at the Casa-di-Pizza restaurant in Buffalo, New York, from March 9 – 19 were encouraged to obtain a hepatitis A vaccination after an employee was diagnosed with the illness March 20. – Buffalo News

11. March 24, Buffalo News – (New York) Casa-di-Pizza management to address hepatitis A situation. Between 1,500 and 2,000 patrons who dined at the Casa-di-Pizza restaurant in Buffalo from March 9 – 19 were encouraged to obtain a hepatitis A vaccination after an employee was diagnosed with the viral illness March 20. Health officials opened a makeshift clinic at the Buffalo Niagara Convention Center where patrons can receive the vaccine. Source: http://www.buffalonews.com/city-region/communities/casa-di-pizza-management-to-address-hepatitis-a-situation-20150324

 · Amy’s Kitchen, Inc., issued a recall for about 73,897 cases of various products after a supplier notified the company that it may have received organic spinach with the possible presence of Listeria monocytogenes– U.S. Food and Drug Administration (See item 14)

14. March 23, U.S. Food and Drug Administration – (International) Amy’s Kitchen recalls various products because of possible health risk. The U.S. Food and Drug Administration announced March 22 that Amy’s Kitchen, Inc., issued a recall for about 73,897 cases of various products after a supplier notified the company that it may have received organic spinach with the possible presence of Listeria monocytogenes. The affected products were sent to retailers across the U.S. and Canada. Source: http://www.fda.gov/Safety/Recalls/ucm439397.htm

 · A Pentagon spokesperson reported March 23 that U.S. military units notified members whose names and addresses were included on a “kill list” allegedly created by the Islamic State Hacking Division, who claim to be sympathizers of the Islamic State terrorist group. – USA Today

21. March 23, USA Today – (International) Troops notified their names are on Islamic State kill list. A Pentagon spokesperson reported March 23 that U.S. military units notified members whose names and addresses were included on a “kill list” allegedly created by the Islamic State Hacking Division, who claim to be sympathizers of the Islamic State terrorist group. Officials stated that the personal information of former and current military personnel was pulled from publicly available sources and was not attributed to a data breach. Source: http://www.usatoday.com/story/news/nation/2015/03/23/pentagon-response-islamic-state-kill-list/70335810/

 · Three subcontractors were killed and a fourth was injured March 23 when a track snapped while the workers were dismantling a scaffold on the exterior of a Raleigh, North Carolina high rise and the men fell about 200 feet to the ground. – WSOC 9 Charlotte

33. March 24, WSOC 9 Charlotte – (North Carolina) 3 dead in scaffolding collapse at downtown Raleigh high-rise. Three Associated Scaffolding subcontractors were killed and a fourth was seriously injured March 23 when a track snapped while the workers were dismantling a scaffold on the exterior of the under-construction Charter Square high rise in downtown Raleigh and the men fell about 200 feet to the ground. The North Carolina Department of Labor is investigating the incident. Source: http://www.wsoctv.com/news/news/report-3-dead-high-rise-scaffolding-collapse-ralei/nkcq5/

Financial Services Sector

4. March 24, KrebsOnSecurity – (International) Kreditech investigates insider breach. Germany-based Kreditech is working with authorities to investigate a November 2014 internal isolated security incident where an apparent insider breach of its systems occurred and information from credit applicants was taken. The company stated that no customer data was breached from the event which originated from a form on its official Web site that stored data in a caching system which deleted data every few days. Source: http://krebsonsecurity.com/2015/03/kreditech-investigates-insider-breach/

5. March 23, Securityweek – (International) Phishers leverage .gov domain loophole to bypass email validation. Security researchers at Trend Micro discovered that cybercriminals responsible for a March 4 – 11 phishing attack that sent over 430,000 emails targeting American Express customers maximized the attack’s effectiveness by exploiting a loophole in the way DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF) email verification systems handle messages from .gov top-level domains (TLDs). Source: http://www.securityweek.com/phishers-leverage-gov-domain-loophole-bypass-email-validation

Information Technology Sector

26. March 24, Softpedia – (International) Jailbroken iPhones unlocked with software brute-force tool in 14 hours, tops. An iOS jailbreaker published a software library under the GNU General Public License called TransLock, that unlocks iOS devices in 14 hours or less via brute-force by injecting itself into the app that manages the device’s home screen and setting return values in the “SBFDeviceLockController” class to “No”, allowing unlimited attempts and the ability to try a new PIN every five seconds. The tool only requires that the device be connected via USB. Source: http://news.softpedia.com/news/Jailbroken-iPhones-Unlocked-with-Software-Brute-Force-Tool-in-14-Hours-Tops-476597.shtml

27. March 24, Softpedia – (International) Unauthorized certificates issued for several Google domains. Security engineers at Google reported that intermediate certificate authority at Egypt-based MCS Holdings caused certifications for several Google domains that are trusted by most operating systems (OS) and Web browsers to be issued without authentication, leaving users vulnerable to impersonation and secure communication decryption via man-in-the-middle (MitM) attacks. Users of Google Chrome and Mozilla Firefox versions starting 33 are unaffected by the issue. Source: http://news.softpedia.com/news/Unauthorized-Certificates-Issued-for-Some-Google-Domains-476583.shtml

28. March 24, Securityweek – (International) Air-gapped computers can communicatethrough heat: Researchers. Researchers at Israel’s Ben Gurion University demonstrated that it was possible to establish a bidirectional communication channel between two unconnected computers using heat and radio signals emitted from components such as the central processing unit (CPU) and graphics processing unit (GPU), allowing an attacker to use malware installed on each system to exfiltrate data from an air-gapped computer, dubbed BitWhisper. Source: http://www.securityweek.com/air-gapped-computers-can-communicate-through-heat-researchers

29. March 23, Softpedia – (International) Flash Player vulnerable to bug patched in 2011. Security researchers from Minded Security and LinkedIn’s security division discovered that the latest versions of Adobe’s Flash Player Web browser plug-in are vulnerable to a same-origin bypass (SOP) flaw in the company’s Flex SDK compiler that was patched in 2011, which could allow attackers to steal victims’ data via SameOrigin Request Forgery or perform actions on behalf of victims via Cross-site RequeForgery (CSRF) asking them to visit a malicious Web page. Source: http://news.softpedia.com/news/Flash-Player-Vulnerable-to-Bug-Patched-in-2011-476543.shtml

30. March 23, Softpedia – (International) Twitch security breached, mandatory password reset in effect for all. The Twitch streaming service instituted mandatory password resets, disconnected all accounts from Twitter and YouTube, and emailed affected users after the company detected an authorized access attempt that could have compromised users’ information including dates of birth, time and Internet protocol (IP) address of last login, and limited information associated with credit cards. Source: http://news.softpedia.com/news/Twitch-Security-Breached-Mandatory-Password-Reset-in-Effect-for-All-476558.shtml

31. March 23, Securityweek – (International) DDoS attackers distracting security teawith shorter attacks: Corero Networks. Corero Network Security reported in their quarterly trends and analysis report that 96 percent of distributed denial-of-service (DDoS) attacks against its customers in the fourth quarter of 2014 were less than 30 minutes in length and 79 percent used less than 5 gigabits per second (Gbps) of peak bandwidth, indicating that attacks were becoming more difficult to detect and were likely intended to partially saturate networks and distract security teams while leaving enough bandwidth for subsequent attacks to infiltrate networks and access sensitive information. Source: http://www.securityweek.com/ddos-attackers-distracting-security-teams-shorter-attacks-corero-networks

For additional stories, see items 4 and 5 above in the Financial Services Sector

Communications Sector

32. March 24, KVIA 7 El Paso – (New Mexico) Hostage threat at Las Cruces radio station building a “false alarm”. The Bravo Mic Communications building in Las Cruces which houses at least 2 radio stations and a marketing company was evacuated March 23 after a caller reportedly stated that he was armed and was going to take hostages inside the building. Authorities deemed the threat to be a false alarm and the building was cleared to reopen after about 4 hours. Source: http://www.kvia.com/news/1-person-in-standoff-with-police-at-las-cruces-radio-station-building/31974644

For another story, see item 26 above in the Information Technology Sector