Complete DHS Report for March
25, 2015
Daily Report
Top Stories
· Between
1,500 – 2,000 patrons who dined at the Casa-di-Pizza restaurant in Buffalo, New
York, from March 9 – 19 were encouraged to obtain a hepatitis A vaccination
after an employee was diagnosed with the illness March 20. – Buffalo News
11. March
24, Buffalo News – (New York) Casa-di-Pizza management to address
hepatitis A situation. Between 1,500 and 2,000 patrons who dined at the
Casa-di-Pizza restaurant in Buffalo from March 9 – 19 were encouraged to obtain
a hepatitis A vaccination after an employee was diagnosed with the viral
illness March 20. Health officials opened a makeshift clinic at the Buffalo
Niagara Convention Center where patrons can receive the vaccine. Source: http://www.buffalonews.com/city-region/communities/casa-di-pizza-management-to-address-hepatitis-a-situation-20150324
·
Amy’s Kitchen, Inc., issued a recall for about 73,897 cases of various products
after a supplier notified the company that it may have received organic spinach
with the possible presence of Listeria monocytogenes– U.S. Food and Drug
Administration (See item 14)
14. March 23,
U.S. Food and Drug Administration – (International) Amy’s Kitchen recalls
various products because of possible health risk. The U.S. Food and Drug
Administration announced March 22 that Amy’s Kitchen, Inc., issued a recall for
about 73,897 cases of various products after a supplier notified the company
that it may have received organic spinach with the possible presence of
Listeria monocytogenes. The affected products were sent to retailers across the
U.S. and Canada. Source: http://www.fda.gov/Safety/Recalls/ucm439397.htm
· A
Pentagon spokesperson reported March 23 that U.S. military units notified
members whose names and addresses were included on a “kill list” allegedly
created by the Islamic State Hacking Division, who claim to be sympathizers of
the Islamic State terrorist group. – USA Today
21. March
23, USA Today – (International) Troops notified their names are
on Islamic State kill list. A Pentagon spokesperson reported March 23 that
U.S. military units notified members whose names and addresses were included on
a “kill list” allegedly created by the Islamic State Hacking Division, who
claim to be sympathizers of the Islamic State terrorist group. Officials stated
that the personal information of former and current military personnel was
pulled from publicly available sources and was not attributed to a data breach.
Source: http://www.usatoday.com/story/news/nation/2015/03/23/pentagon-response-islamic-state-kill-list/70335810/
· Three
subcontractors were killed and a fourth was injured March 23 when a track
snapped while the workers were dismantling a scaffold on the exterior of a
Raleigh, North Carolina high rise and the men fell about 200 feet to the
ground. – WSOC 9 Charlotte
33. March 24, WSOC 9 Charlotte – (North Carolina) 3
dead in scaffolding collapse at downtown Raleigh high-rise. Three
Associated Scaffolding subcontractors were killed and a fourth was seriously
injured March 23 when a track snapped while the workers were dismantling a
scaffold on the exterior of the under-construction Charter Square high rise in
downtown Raleigh and the men fell about 200 feet to the ground. The North
Carolina Department of Labor is investigating the incident. Source: http://www.wsoctv.com/news/news/report-3-dead-high-rise-scaffolding-collapse-ralei/nkcq5/
Financial Services Sector
4. March
24, KrebsOnSecurity – (International) Kreditech investigates
insider breach. Germany-based Kreditech is working with authorities to
investigate a November 2014 internal isolated security incident where an
apparent insider breach of its systems occurred and information from credit
applicants was taken. The company stated that no customer data was breached
from the event which originated from a form on its official Web site that
stored data in a caching system which deleted data every few days. Source: http://krebsonsecurity.com/2015/03/kreditech-investigates-insider-breach/
5. March
23, Securityweek – (International) Phishers leverage .gov domain
loophole to bypass email validation. Security researchers at Trend Micro
discovered that cybercriminals responsible for a March 4 – 11 phishing attack
that sent over 430,000 emails targeting American Express customers maximized
the attack’s effectiveness by exploiting a loophole in the way DomainKeys
Identified Mail (DKIM) and Sender Policy Framework (SPF) email verification
systems handle messages from .gov top-level domains (TLDs). Source: http://www.securityweek.com/phishers-leverage-gov-domain-loophole-bypass-email-validation
Information Technology Sector
26. March 24,
Softpedia – (International) Jailbroken iPhones unlocked with software
brute-force tool in 14 hours, tops. An iOS jailbreaker published a software
library under the GNU General Public License called TransLock, that unlocks iOS
devices in 14 hours or less via brute-force by injecting itself into the app
that manages the device’s home screen and setting return values in the
“SBFDeviceLockController” class to “No”, allowing unlimited attempts and the
ability to try a new PIN every five seconds. The tool only requires that the
device be connected via USB. Source: http://news.softpedia.com/news/Jailbroken-iPhones-Unlocked-with-Software-Brute-Force-Tool-in-14-Hours-Tops-476597.shtml
27. March 24,
Softpedia – (International) Unauthorized certificates issued for several
Google domains. Security engineers at Google reported that intermediate
certificate authority at Egypt-based MCS Holdings caused certifications for
several Google domains that are trusted by most operating systems (OS) and Web
browsers to be issued without authentication, leaving users vulnerable to impersonation
and secure communication decryption via man-in-the-middle (MitM) attacks. Users
of Google Chrome and Mozilla Firefox versions starting 33 are unaffected by the
issue. Source: http://news.softpedia.com/news/Unauthorized-Certificates-Issued-for-Some-Google-Domains-476583.shtml
28. March 24,
Securityweek – (International) Air-gapped computers can communicatethrough
heat: Researchers. Researchers at Israel’s Ben Gurion University
demonstrated that it was possible to establish a bidirectional communication
channel between two unconnected computers using heat and radio signals emitted
from components such as the central processing unit (CPU) and graphics
processing unit (GPU), allowing an attacker to use malware installed on each
system to exfiltrate data from an air-gapped computer, dubbed BitWhisper.
Source: http://www.securityweek.com/air-gapped-computers-can-communicate-through-heat-researchers
29. March 23,
Softpedia – (International) Flash Player vulnerable to bug patched in
2011. Security researchers from Minded Security and LinkedIn’s security
division discovered that the latest versions of Adobe’s Flash Player Web
browser plug-in are vulnerable to a same-origin bypass (SOP) flaw in the
company’s Flex SDK compiler that was patched in 2011, which could allow
attackers to steal victims’ data via SameOrigin Request Forgery or perform
actions on behalf of victims via Cross-site RequeForgery (CSRF) asking them to
visit a malicious Web page. Source: http://news.softpedia.com/news/Flash-Player-Vulnerable-to-Bug-Patched-in-2011-476543.shtml
30. March 23,
Softpedia – (International) Twitch security breached, mandatory password
reset in effect for all. The Twitch streaming service instituted mandatory
password resets, disconnected all accounts from Twitter and YouTube, and
emailed affected users after the company detected an authorized access attempt
that could have compromised users’ information including dates of birth, time
and Internet protocol (IP) address of last login, and limited information associated
with credit cards. Source: http://news.softpedia.com/news/Twitch-Security-Breached-Mandatory-Password-Reset-in-Effect-for-All-476558.shtml
31. March 23,
Securityweek – (International) DDoS attackers distracting security teawith
shorter attacks: Corero Networks. Corero Network Security reported in their
quarterly trends and analysis report that 96 percent of distributed
denial-of-service (DDoS) attacks against its customers in the fourth quarter of
2014 were less than 30 minutes in length and 79 percent used less than 5
gigabits per second (Gbps) of peak bandwidth, indicating that attacks were
becoming more difficult to detect and were likely intended to partially
saturate networks and distract security teams while leaving enough bandwidth
for subsequent attacks to infiltrate networks and access sensitive information.
Source: http://www.securityweek.com/ddos-attackers-distracting-security-teams-shorter-attacks-corero-networks
For additional stories, see items 4 and 5 above
in the Financial Services Sector
Communications Sector
32. March 24, KVIA 7 El Paso –
(New Mexico) Hostage threat at Las Cruces radio station building a “false
alarm”. The Bravo Mic Communications building in Las Cruces which houses at
least 2 radio stations and a marketing company was evacuated March 23 after a
caller reportedly stated that he was armed and was going to take hostages
inside the building. Authorities deemed the threat to be a false alarm and the
building was cleared to reopen after about 4 hours. Source: http://www.kvia.com/news/1-person-in-standoff-with-police-at-las-cruces-radio-station-building/31974644
For another story, see item 26 above in the Information Technology
Sector