Monday, June 1, 2015




Complete DHS Report for June 1, 2015

Daily Report

Top Stories

 · AEP/SWEPCO reported May 28 that service had been restored to 54,000 of the 60,000 homes and businesses that had lost power due to severe storms that moved through Texas May 25. – Mount Pleasant Daily Tribune

3. May 29, Mount Pleasant Daily Tribune – (Texas) Power largely restored. AEP/SWEPCO reported May 28 that service had been restored to 54,000 of the 60,000 homes and businesses that had lost power due to severe storms that moved through the area on May 25. Source: http://www.dailytribune.net/news/power-largely-restored/article_5272945e-0606-11e5-a93b-83f439289ef0.html

 · Fiat Chrysler Automobiles announced plans to recall an additional 1.4 million vehicles globally in connection to an issue with air bags manufactured by the Takata Corporation.– USA Today

6. May 29, USA Today – (International) Automakers add millions more cars to Takata air bag recalls. Fiat Chrysler Automobiles announced plans to recall an additional 1.4 million vehicles globally, Honda Motor Company, Ltd., added 350,000 vehicles in the U.S., and BMW added 420,100 in the U.S. in connection to an issue with air bags manufactured by the Takata Corporation that could cause them to prematurely inflate or explode, increasing the risk of injury and crashes to drivers and passengers. Source: http://www.usatoday.com/story/money/cars/2015/05/28/automakers-takata-recall-nhtsa/28074627/

 · Security researchers discovered a malware campaign, dubbed Grabit, which has infiltrated businesses worldwide with a commercial keylogger called HawkEye and several remote administration tools distributed via emails. – Softpedia See item 22 below in the Information Technology Sector

 · Security researchers identified over 50 vulnerabilities in network-attached storage and network video recorder products from D-Link, including information leakage, authentication flaws, CGI vulnerabilities, input validation problems, and Web page issues. – Securityweek See item 23 below in the Information Technology Sector

Financial Services Sector

8. May 29, Asbury Park Press – (New Jersey) Jackson man admits $6M mortgage scam. A former loan officer in North Jersey pleaded guilty May 28 to his role in a $6 million mortgage fraud scheme in which he allegedly conspired with 9 others to target 15 institutions in Newark and Elizabeth and used information about potential “straw buyers” along with falsified documents to obtain mortgage loans. Authorities believe the scheme caused establishments around $10 million in losses over a 4-year period. Source: http://www.app.com/story/news/crime/jersey-mayhem/2015/05/28/joseph-divalli-jackson-mortgage-scam/28080355/

9. May 28, Leesburg Today – (Virginia) Bicycle Bank Bandit indicted on 16 counts. The suspect dubbed the “Bicycle Bandit” was indicted May 28 on charges that he allegedly robbed 5 Northern Virginia banks and attempted to rob another between 2013 – 2015. The suspect was originally charged in March but escaped from a hospital where he was receiving treatment, triggering a large manhunt. Source: http://www.leesburgtoday.com/news/bicycle-bank-bandit-indicted-on-counts/article_f0d74f9e-0576-11e5-b96c-97fc7e4608bc.html

Information Technology Sector

22. May 29, Softpedia – (International) Non-sophisticated malware steals thousands of credentials from targeted SMBs. Security researchers from Kaspersky discovered a large malware campaign, dubbed Grabit that has infiltrated small and medium businesses worldwide across a variety of sectors with a commercial keylogger called HawkEye and several remote administration tools (RATs) distributed via emails containing malicious macro-laden Microsoft Word documents. The researchers reported that the campaign has collected about 10,000 files from the U.S., India, and Thailand since February. Source: http://news.softpedia.com/news/Non-Sophisticated-Malware-Steals-Thousands-of-Credentials-from-Targeted-SMBs-482696.shtml

23. May 29, Securityweek – (International) Researchers find over 50 security flaws in D-Link NAS, NVR devices. Security researchers at SEARCH-LAB identified over 50 vulnerabilities in network-attached storage (NAS) and network video recorder (NVR) products from D-Link, including information leakage, authentication flaws, CGI vulnerabilities, input validation problems, and Web page issues, some of which attackers could exploit remotely to execute arbitrary code and take over affected devices. Source: http://www.securityweek.com/researchers-find-over-50-security-flaws-d-link-nas-nvr-devices

24. May 29, Threatpost – (International) Angler Exploit Kit exploiting new Adobe vulnerability, dropping CryptoWall 3.0. A security researcher at SANS Internet Storm Center discovered variants of the Angler Exploit Kit (EK) dropping CryptoWall ransomware on affected machines for the first time, and security researchers at FireEye observed that the EK added a recent Adobe Flash Player vulnerability in which attackers could exploit a race condition in its shader class to execute arbitrary code.. Source: https://threatpost.com/angler-exploit-kit-exploiting-new-adobe-vulnerability-dropping-cryptowall-3-0/113044

For another story, see item 25 below from the Commercial Facilities Sector

25. May 29, Security Week – (International) Sally Beauty: Cybercriminals planted malware on PoS Systems for 6 weeks. Sally Beauty announced May 28 that cybercriminals had deployed malware on multiple company point-of-sale (PoS) systems between March and April, and that it had cleaned the malware from all affected systems. The company believes attackers accessed names, credit and debit card numbers, expiration dates, cardholder verification values, and service codes in the breach. Source: http://www.securityweek.com/sally-beauty-cybercriminals-planted-malware-pos-systems-6-week

Communications Sector

See item 22 above in the Information Technology Sector