• Court
documents unsealed April 14 revealed that a man charged in the March 13 robbery
of a Wells Fargo bank branch in Washington, D.C., confessed to 8 other
robberies perpetrated by the “Black Hat Bandits” gang. – Washington Post See item 4 below in the Financial Services Sector
• A Government Accountability Office report
released April 14 warned that commercial flights with Internet-based technology
are vulnerable to having their onboard systems hacked remotely through the
plane’s Wi-Fi network. – Associated Press
5. April
15, Associated Press – (National) GAO reports warns hackers could
bring down plane using passenger Wi-Fi. A Government Accountability Office
report released April 14 warned that commercial flights that have been
modernized with Internet-based technology are vulnerable to having their
onboard systems hacked remotely through the plane’s passenger Wi-Fi network.
The report states that airlines are currently relying on firewalls to create a
barrier between the avionics in a cockpit and passenger Wi-Fi networks. Source:
http://www.foxnews.com/tech/2015/04/15/gao-reports-warns-hackers-could-bring-down-plane-using-passenger-wi-fi/
• A North Palm Beach-based ophthalmologist was
charged April 14 in connection to a scheme to allegedly defraud Medicare and
other healthcare programs out of over $105 million through the submission of
fake claims. – Reuters
12. April
14, Reuters – (Florida; New Jersey) Florida doctor indicted on
Medicare fraud: U.S. Attorney. A North Palm Beach-based ophthalmologist was
charged April 14 in connection a scheme to allegedly defraud Medicare and other
healthcare programs by billing Medicare for more than $190 million, and
receiving over $105 million in reimbursements through the submission of fake
claims and false diagnoses. The doctor was also charged with corruption along
with a New Jersey senator after they allegedly traded up to $1 million worth of
gifts in exchange for political favors. Source: http://www.reuters.com/article/2015/04/14/us-usa-florida-melgen-idUSKBN0N52JP20150414
• Findings from Verizon’s recently released
annual Data Breach Investigations Report revealed that the top industries
affected by data breaches in the last year were public administration,
financial services, manufacturing, accommodations, and retail, among other
findings. – IDG News Service See item 26
below in the Information Technology
Sector
Financial Services Sector
3. April
15, Softpedia – (National) Users in the U.S. targeted with
ransomware via tax return-flavored emails. Security researchers at
Kaspersky Lab identified a phishing scheme in which cybercriminals send emails
purportedly from the U.S. Internal Revenue Service regarding tax refunds which
contain rigged Microsoft Word files that download a trojan once macros are
enabled. The trojan blocks access to the Internet and demands payment to a
short message service (SMS) number via prepaid cards. Source: http://news.softpedia.com/news/Users-in-the-US-Targeted-with-Ransomware-Via-Tax-Return-Flavored-Emails-478465.shtml
4. April
14, Washington Post – (Washington, D.C.; Maryland; Virginia) Police
link man arrested in D.C. bank robbery to Black Hat Bandits. Court
documents unsealed April 14 revealed that a man charged in the March 13 robbery
of a Wells Fargo bank branch in Washington, D.C., confessed to 8 other bank
robberies perpetrated by the “Black Hat Bandits” gang throughout Virginia and
Maryland since January. Authorities are seeking other suspects linked to the
nine robberies. Source: http://www.washingtonpost.com/local/crime/police-link-man-arrested-in-dc-bank-robbery-to-black-hat-bandits/2015/04/14/9653db5c-e2ab-11e4-81ea-0649268f729e_story.html
For another story, see item 26 below
in the Information Technology Sector
Information Technology Sector
21. April 15,
Softpedia – (International) Victim of cyber-attack replies with own
backdoor. Security researchers at Kaspersky Lab reported that it observed
two cyberespionage advanced persistent threat (APT) groups called Hellsing and
Naikon engage in deliberate APT-on-APT attacks through spear-phishing emails
containing custom malware, signaling a potential new trend. Hellsing was
previously linked to other APT groups and the group has targeted diplomatic
organizations in the U.S. Source: http://news.softpedia.com/news/Victim-of-Cyber-Attack-Replies-with-Own-Backdoor-478425.shtml
22. April 15,
Help Net Security – (International) Adobe fixes Flash Player zero-day exploited
in the wild. Adobe released a new version of Flash Player for Windows,
Macintosh, and Linux that addresses 22 critical vulnerabilities, including one
that is exploited in the wild and could lead to code execution and an attacker
taking control of the affected system. A security bypass vulnerability that
could lead to information disclosure and memory leak flaws that could be
leveraged to bypass address space layout randomization (ALSR) also received
fixes. Source: http://www.net-security.org/secworld.php?id=18218
23. April 15,
Computerworld – (International) With latest patches, Oracle signals no more
free updates for Java 7. Oracle released patches addressing 14
vulnerabilities in Java as part of a 98 security-issue fix that covered
multiple product lines and marked the end of free Java 7 updates. Three of the
Java vulnerabilities were high severity and could be exploited over networks
without authentication and could lead to a complete compromise of affected
systems’ confidentiality and integrity, and 12 others could be exploited from
the Web through the Java browser plug-in. Source: http://www.computerworld.com/article/2909908/with-latest-patches-oracle-signals-no-more-free-updates-for-java-7.html
24. April 15,
Securityweek – (International) Google fixes 45 security flaws with release
of Chrome 42. Google released Chrome 42 for Windows, Mac, and Linux, which
included fixes for 45 security issues including a cross-origin bypass flaw in
the HTML parser, a type confusion in V8, a use-after-free vulnerability in
inter-process communication (IPC), and an out-of-bounds write bug in the Skia
graphics engine, among others. The update also removed support for the Netscape
Plugin Application Programming Interface (NPAPI). Source: http://www.securityweek.com/google-fixes-45-security-flaws-release-chrome-42
25. April 14,
Network World – (International) Microsoft Patch Tuesday April 2015 closes
0-day holes: 4 of 11 patches rated critical. Microsoft released 11 security
bulletins that address 26 vulnerabilities, including critical remote code
execution (RCE) flaws in Microsoft Office, a critical RCE vulnerability in
HTTP.sys that could allow an attacker to use a malicious HTTP request to
Windows Server to gain full remote control of a system, and 9 critical security
holes in Internet Explorer, among others. Source: http://www.networkworld.com/article/2909627/microsoft-subnet/patch-tuesday-april-2015-closes-0-day-holes-4-of-11-patches-rated-critical-by-microsoft.html
26. April 14,
IDG News Service – (International) Web app attacks, PoS intrusions and
cyberespionage leading causes of data breaches. Findings from Verizon’s
recently released annual Data Breach Investigations Report revealed that the
top industries affected by data breaches in the last year were public
administration, financial services, manufacturing, accommodations, and retail,
and that over two-thirds of cyberespionage incidents since 2013 involved
phishing attacks. The report also determined that banking information and
credentials were the most common records stolen, among other findings. Source: http://www.networkworld.com/article/2909953/web-app-attacks-pos-intrusions-and-cyberespionage-leading-causes-of-data-breaches.html
27. April 14,
Threatpost – (International) Apple fixes cookie access vulnerability in
safari on billions of devices. A recent Apple update patched a cookie
cross-domain vulnerability in all versions of the Safari Web browser on iOS, OS
X, and Windows, that affected up to 1 billion devices, and was a result of the
way Safari handled its file transfer protocol (FTP) uniform resource locator
(URL) scheme, which could allow attackers to call upon documents to access and
modify cookies belonging to Apple.com via JavaScript (JS). The update also
patched a proxy manipulation vulnerability in iOS and multiple kernel
vulnerabilities in OS X. Source: https://threatpost.com/apple-fixes-cookie-access-vulnerability-in-safari-on-billions-of-devices/112246
Communications Sector
Nothing to report