Complete DHS Report for
July 14, 2015
Daily Report
Top Stories
· Fiat Chrysler Automobiles issued a
recall July 11 for 88,346 model year 2008 – 2010 Dodge Challenger vehicles due
to ongoing issues with Takata Corporation air bag inflators which could cause
air bags to prematurely inflate or explode. – Bloomberg
3. July 11,
Bloomberg – (National) Chrysler recalls Dodge Challengers to fix flawed
air bags. Fiat Chrysler Automobiles issued a recall July 11 for 88,346
model year 2008 – 2010 Dodge Challenger vehicles due to ongoing issues with air
bag inflators manufactured by the Takata Corporation which could cause air bags
to prematurely inflate or explode.
· A former professional football player
and a business partner were indicted July 10 for their roles in an alleged
Ponzi scheme in which they used their company, Capital Financial Partners LLC,
to solicit $32 million from over 40 investors to fund high-interest loans. – Boston
Globe See item 6 below in the Financial Services Sector
· All lanes of northbound 110 Freeway in
Carson, California were shut down for several hours July 12 due to a 13-vehicle
car accident that injured 12 people. – KABC 7 Los Angeles
7. July 12,
KABC 7 Los Angeles – (California) Northbound 110 Freeway shut down after 13-car
crash. All lanes of northbound 110 Freeway in Carson, California were shut
down for several hours July 12 while officials investigated a 13-vehicle car
accident that injured 12 people, including 2 in critical condition.
· Metro Detroit customers of WOW, an
Internet, cable and phone service provider, experienced an Internet outage
during the weekend of July 11 due to an attack on the Domain Name Server. – WXYZ
7 Detroit See
item 23 below in the Communications Sector
Financial Services Sector
4. July 11,
Bay News 9 St. Petersburg – (Florida) Police: men use
backhoe to steal ATM at Winter Haven bank. Winter Haven, Florida police
charged two Clewiston men with grand theft after the pair allegedly used a
backhoe to steal an ATM machine from a CenterState Bank July 10. Source: http://www.baynews9.com/content/news/baynews9/news/article.html/content/news/articles/bn9/2015/7/11/police_men_use_backh.html
5. July
10, Las Vegas Review-Journal – (Nevada) Grand
jury indicts 11 for making credit cards at Las Vegas hotels. Las Vegas
prosecutors reported July 10 that 11 suspects were indicted for a year-long
credit card scheme operated out of casino hotels in which they allegedly used
stolen information to manufacture thousands of credit cards that they would use
for thousands of fraudulent transactions. Source: http://www.reviewjournal.com/news/las-vegas/grand-jury-indicts-11-making-credit-cards-las-vegas-hotels
6. July 10,
Boston Globe – (National) Ex-Patriot indicted for alleged Ponzi scheme. A
former professional football player and a business partner were indicted July
10 for their roles in an alleged Ponzi scheme in which they used their company,
Capital Financial Partners LLC, to solicit $32 million from over 40 investors
to fund high-interest, short-term loans to athletes, from which they would use
new investors’ funds to pay off earlier ones while diverting a portion for
their personal use. Source: https://www.bostonglobe.com/business/2015/07/10/former-patriot-will-allen-indicted-for-alleged-ponzi-scheme/JJd1keF75EdQDH1FaxwA1M/story.html
For another story, see item 28 below from the Commercial Facilities Sector
28. July 10,
Associated Press – (National) Data breach at ‘sweetest place on earth’ may have
compromised guests’ financial info. Hershey Entertainment & Resorts
reported July 10 that its point-of-sale system (PoS) was compromised after a
program was installed in its payment system that extracted payment card data
from February 14 – June 2. The company is working to resolve the issue and is
offering card monitoring to those affected.
Information Technology Sector
20. July 13,
Securityweek – (International) APT group uses Seaduke trojan to steal data
from high-value targets. Security researchers from Symantec released an
analysis of the highly-configurable Seaduke trojan used by an advanced
persistent threat (APT) group known for cyber-espionage attacks against
high-value targets including government organizations. The report revealed that
the trojan is installed onto select systems through the CozyDuke trojan, and
that it shares similarities with other “Duke” malware.
21. July 13,
Securityweek – (International) Java zero-day used in attacks on NATO member,
U.S. defense organization. Security researchers at Trend Micro reported that
the cyber-espionage group with monikers including Pawn Storm and APT28 was
using a Java Oracle SE zero-day remote code execution vulnerability in attacks
directed against the armed forces of a NATO member country as well as a U.S.
defense organization by sending out emails containing links to malicious
domains containing the exploit and a trojan dropper. Source: http://www.securityweek.com/java-zero-day-used-attacks-nato-member-us-defense-organization
22. July 13,
Securityweek – (International) Two new Flash Player zero-day bugs found in
Hacking Team leak. Security researchers discovered exploits for two
additional Adobe Flash Player zero-day vulnerabilities in the recent Hacking
Team data leak, including a flaw in the DisplayObject class in ActionScript 3,
and a use-after-free (UAF) vulnerability in the ActionScript3 BitmapData
object. Both vulnerabilities allow a remote, unauthenticated attacker to
execute arbitrary code on an affected system. Source: http://www.securityweek.com/two-new-flash-player-zero-day-bugs-found-hacking-team-leak
For additional stories, see
item 16 below from the Government Facilities Sector
and
23 below in the Communications Sector
16. July 10,
Nextgov – (National) Not just OPM – agency cybersecurity incidents on
the rise. A report released by the Government Accountability Office July 8
showed both cyber and non-cyber security breaches affecting Federal systems
have steadily increased from 6,000 in 2006 to 67,000 in 2014. The report
advocated risk-based cybersecurity programs and improved responses to security
incidents.
Communications Sector
23. July 13,
WXYZ 7 Detroit – (Michigan) Cable provider WOW says weekend attach on servers
left Michigan customers without internet service. Metro Detroit customers
of WOW, an Internet, cable and phone service provider, experienced an Internet
outage during the weekend of July 11 due to an attack on the Domain Name
Server. Crews repaired the issue July 13 and most customers have internet
service. Source:
http://www.wxyz.com/news/cable-provider-wow-says-attack-has-left-michigan-customers-without-internet-service
24. July 11,
WSIL 3 Harrisburg – (Illinois) Major Frontier Internet outage affects thousands. A
Frontier Communications spokesperson reported July 10 that tens of thousands of
customers in Southern Illinois experienced an Internet outage after railroad
workers cut one of the company’s cables in Du Quoin. The cable has now been
repaired and service was restored. Source: http://www.wsiltv.com/home/top-story/Major-Frontier-Internet-Outage-Affects-Thousands-313868071.html