Complete DHS Report for
July 29, 2015
Daily Report
Top Stories
· Fiat Chrysler Automobiles issued a
recall for about 1 million Ram pickup trucks due to an issue with the steering
wheel wiring harness and another separate recall for 843,536 Ram vehicles due
to an issue with the truck’s Occupant Restraint Control module. – Car
Connection
4. July 27,
Car Connection – (National) 2012-2015 Ram pickups recalled to fix seatbelts,
airbags; 1.9 million vehicles affected. Fiat Chrysler Automobiles issued a
recall for about 1 million model year 2012 – 2014 Ram pickup trucks due to an
issue with the steering wheel wiring harness that could cause potential
inadvertent driver side air bag deployment, and a separate recall for 843,536
model year 2013 – 2015 Ram vehicles due to an issue with the truck’s Occupant
Restraint Control module that could cause side curtain and seat airbags to
deploy and seatbelt pretensioners to activate unexpectedly.
· The owner of Stanfill Wealth Management
in Knoxville was charged July 27 after allegedly defrauding over 21 investors
out of almost $7 million. – WBIR 10 Knoxville See item 5 below in the Financial Services Sector
· Oregon State Police reported July 27 a
statewide investigation had begun after 10 government offices received mail
containing a suspicious substance that hospitalized a sheriff and prompted the
evacuation of several locations. – KATU 2 Portland
17. July 27,
KATU 2 Portland – (Oregon) Statewide investigation underway after government
offices receive suspicious mail. Oregon State Police announced July 27 a
statewide investigation after at least ten government offices received mail
containing a suspicious substance, sparking the evacuation of several
locations, and hospitalizing a sheriff who opened one of the letters at the
Grant County Correctional Facility. A U.S. Postal official believe the letters
are related but do not believe the general public is at risk.
· A July 26 wildfire destroyed a mobile
home and prompted the evacuation of 400 Clearlake residents from the Cache
Creek Apartment complex. – Santa Rosa Press Democrat
31. July 27,
Santa Rosa Press Democrat – (California) Clearlake fire forces
evacuation of 400. A wildfire destroyed a mobile home and prompted the
evacuation of surrounding homes in Clearlake and 400 residents at the Cache
Creek Apartment complex July 26. Over 123 firefighters, 14 engine companies, 2
tankers, and 6 helicopters helped contain the incident.
Financial Services Sector
5. July 28,
WBIR 10 Knoxville – (Tennessee) Fraud victims speak out after financial adviser
indicted, arrested. Authorities unsealed indictments against the owner of
Stanfill Wealth Management July 27 in Knoxville, alleging that she defrauded
over 21 investors out of almost $7 million by promising to invest funds in
Charles Schawb and Co., and instead diverted the money for her personal use.
For another story, see item 16 below from the Government Facilities Sector
16. July 27,
HousingWire.com – (New York) NY State senator convicted in foreclosure
embezzlement scheme. A New York State senator vacated his senate seat July
24 after being convicted of obstruction of justice and making false statements
to Federal agents, stemming from charges that he embezzled funds held in escrow
from the sale of real estate properties.
Information Technology Sector
19. July 28,
Softpedia – (International) One in 600 Web sites lists its .git folder,
exposing sensitive data. A Web developer discovered that out of 1.5 million
Web sites scanned, 2,402 had an inadvertently exposed .git folder, possibly
exposing sensitive information.
20. July 28,
Securityweek – (International) Cybercriminals use Angler exploit kit to
target PoS systems. Trend Micro researchers reported that cybercriminals
have been utilizing the Angler exploit kit (EK) to deliver a reconnaissance
trojan that detects mitigation tools before downloading one of three
point-of-sale (PoS) malware payloads. Source: http://www.securityweek.com/cybercriminals-use-angler-exploit-kit-target-pos-systems
21. July 28,
IDG News Service – (International) Over 10 million Web surfers possibly exposed
to malvertising. Cyphort released tracking data from malicious
advertisement campaigns revealing that since July 18, over 10 million people
may have visited Web sites containing malicious ads which redirect visitors to
directories hosting the Angler exploit kit (EK). Source: http://www.computerworld.com/article/2953256/security/over-10-million-web-surfers-possibly-exposed-to-malvertising.html#tk.rss_security
22. July 28,
Softpedia – (International) Darkode forum returns with enhanced security
measures. MalwareTech researchers reported that the Darkode hacker forum
was back online with enhanced security and authentication processes to prevent
future infiltrations, after July raids by the FBI and international partners
led to the shutdown of the Web site and the detainment of multiple individuals
associated with it. Source: http://news.softpedia.com/news/darkode-forum-returns-with-enhanced-security-measures-487966.shtml
23. July 28,
SC Magazine – (International) Apple App Store and iTunes buyers hit by
zero-day. Security researchers from Vulnerability Lab published a zero-day
filter bypass flaw in Apple’s online invoicing system used in its App Store and
iTunes that could allow an attacker to hijack a user’s purchasing session to
buy and download any app or content they want, before charging it to the
original user. Source: http://www.scmagazineuk.com/apple-app-store-and-itunes-buyers-hit-by-zero-day/article/428864/
24. July 28,
Network World– (International) Software vulnerabilities hit a record high in
2014, report says. Secunia released analysis from its Vulnerability Review
2015 revealing that the number of recorded software vulnerabilities hit a
record high of 15,435 in 2014, an increase of 18 percent from the previous
year, and that many organizations are too slow to release security fixes, among
other findings. Source: http://www.networkworld.com/article/2953304/security/software-vulnerabilities-on-the-rise-record-high-report.html#tk.rss_all
25. July 27,
Dark Reading – (International) Phishing attacks drive spike in DNS threat. Infoblox
and Internet Identity published data revealing that the Domain Name System
(DNS) Threat Index jumped nearly 60 percent in the second quarter of 2015,
reportedly due to a corresponding 74 percent increase in phishing and phishing
domains over the same period. Source: http://www.darkreading.com/attacks-breaches/phishing-attacks-drive-spike-in-dns-threat/d/d-id/1321480
Communications Sector
For another story, see
item 23 above in the Information Technology Sector