Thursday, July 16, 2015




Complete DHS Report for July 16, 2015

Daily Report                                            

Top Stories

 · Over 168,000 Duke Energy customers in Ohio and Kentucky were without power July 14 and 7,000 remained without service after recent storms July 15. – WXIX 19 Cincinnati

2. July 15, WXIX 19 Cincinnati – (Ohio; Kentucky) Duke energy: outages should be restored by Thursday night. Over 168,000 Duke Energy customers in Ohio and Northern Kentucky were without power July 14 after powerful storms damaged power lines across the area, and 7,000 remained without service July 15. Duke Energy officials expect power to be restored to customers by July 16. Source: http://www.fox19.com/story/29550788/thousands-without-power-following-storms

 · Three suspects pleaded guilty in Florida July 14 to their roles in a $64 million fraud scheme in which Great Country Mortgage Bankers employees targeted customers with U.S. Federal Housing Administration loans.– WFOR 4 Miami; Associated Press See item 10 below in the Financial Services Sector

 · A July 14 report revealed that the U.S. Office of Personnel Management has yet to officially notify 21.5 million victims of a cyberattack discovered in May. – Reuters

22. July 15, Reuters – (National) OPM hack: U.S. has not notified 21.5 million victims of massive data breach. A July 14 report revealed that the U.S. Office of Personnel Management (OPM) has yet to officially notify 21.5 million victims of a cyberattack discovered in May which exposed sensitive information disclosed in security clearance investigations. Multiple Federal agencies are working with OPM to develop a central system to inform victims, although officials reported this could be delayed for several weeks due to the complicated nature of the data. Source: http://www.ibtimes.com/opm-hack-us-has-not-notified-215-million-victims-massive-data-breach-2008940

 · Officials filed charges against 12 suspects affiliated with the Darkode hacker Web forum after officials shut down the site and arrested or searched 70 members worldwide. – IDG News Service See item 25 below in the Information Technology Sector

Financial Services Sector

10. July 14, WFOR 4 Miami; Associated Press – (Florida) Three plead guilty in $64M mortgage fraud scheme. Three suspects pleaded guilty July 14 to their roles in a $64 million mortgage fraud scheme in which Great Country Mortgage Bankers employees targeted first-time, low-income, and poor-credit buyers with U.S. Federal Housing Administration loans which they would obtain with falsified documents, before selling them at a profit. Twenty-five have pleaded guilty in connection with the scheme. Source: http://miami.cbslocal.com/2015/07/14/three-plead-guilty-in-64m-mortgage-fraud-scheme/

11. July 14, U.S. Securities and Exchange Commission – (National) SEC Charges 34 defendants in microcap market manipulation schemes. The U.S. Securities and Exchange Commission charged 15 individuals and 19 entities July 14 for allegedly attempting to manipulate the trading of microcap stocks by acting as unregistered broker-dealers for customers wanting to hide their stock ownership and manipulate the microcap market. Source: http://www.sec.gov/news/pressrelease/2015-146.html

Information Technology Sector

25. July 15, IDG News Service – (International) Darkode computer hacking forum shuts after investigation spanning 20 countries. U.S. authorities filed hacking charges against 12 suspects affiliated with the Darkode hacker Web forum after the FBI and law enforcement organizations from 20 countries shut down the site and arrested or searched 70 Darkode members worldwide. The Web site allowed hackers to share technology and tradecraft used to infect computers and wireless devices of victims. Source: http://www.networkworld.com/article/2948634/darkode-computer-hacking-forum-shuts-after-investigation-spanning-20-countries.html#tk.rss_all

26. July 15, Softpedia – (International) Hacking Team malware hides in UEFI BIOS to survive PC reinstalls. Security researchers from Trend Micro discovered that Hacking Team ensured surveillance malware persistence on systems by using Unified Extensible Firmware Interface (UEFI) Basic Input/Output System (BIOS) rootkit to re-install the malware every time it was deleted from the system. Source: http://news.softpedia.com/news/hacking-team-malware-hides-in-bios-to-survive-pc-reinstalls-486949.shtml

27. July 15, Securityweek – (International) Oracle patches Java zero-day, 192 other security bugs. Oracle released updates addressing 193 security issues across multiple product lines, including a Java remote code execution vulnerability that was exploited by the advanced persistent threat (APT) group Pawn Storm, 54 flaws in third-party components in Oracle product distributions, and 23 vulnerabilities in Java SE that can be exploited remotely by an unauthenticated attacker, among other fixes. Source: http://www.securityweek.com/oracle-patches-java-zero-day-192-other-security-bugs

28. July 15, Help Net Security – (International) TeslaCrypt 2.0 makes it impossible to decrypt affected files. Security researchers at Kaspersky Lab discovered that recent TeslaCrypt version 2.0 ransomware infections display a Cryptowall 3.0 Web page, possibly in an attempt to convince victims that the malware uses more robust encryption than it actually does. Source: http://www.net-security.org/malware_news.php?id=3075

29. July 15, Softpedia – (International) HTML5 can be used to hide malware in drive-by download attacks. Italian security researchers discovered that Hypertext Markup Language 5 (HTML5)-based obfuscation techniques could be used to hide malware in drive-by download exploits using HTML technologies and application program interfaces (API). Source: http://news.softpedia.com/news/html5-can-be-used-to-hide-malware-in-drive-by-download-attacks-486974.shtml

30. July 14, Securityweek – (International) Microsoft patches Hacking Team zero-days, other vulnerabilities. Microsoft released 14 bulletins addressing vulnerabilities in Windows, Office, SQL Server, and Internet Explorer, including a zero-day Jscript 9 use-after-free memory corruption bug in Internet Explorer 11 and a memory corruption flaw in the Adobe Type Manager Font Driver that could both allow an attacker to take complete control of a vulnerable system, as well as a remote code execution flaw affecting the Remote Desktop Protocol (RDP). Source: http://www.securityweek.com/microsoft-patches-hacking-team-zero-days-other-vulnerabilities

Communications Sector

Nothing to report