Wednesday, August 19, 2015



Complete DHS Report for August 19, 2015

Daily Report                                            

Top Stories

 · Recently published research from a 2013 report revealed that weaknesses in the Megamos Crypto system could be leveraged via “close-range wireless communication” attacks to remotely unlock over 100 vehicle models. – The Guardian

2. August 18, The Guardian – (International) Security flaw affecting more than 100 car models exposed by scientists. Research published from a 2013 report by British and Dutch academics revealed weaknesses in the Swiss-made Megamos Crypto system used to prevent certain Audi, Citroën, Fiat, Honda, Volvo, and Volkswagen vehicles’ engines from starting when a remote key is not present, in which a third party could use “close-range wireless communication” attacks to disable the system and steal the vehicle. Source: http://www.theguardian.com/technology/2015/aug/18/security-flaw-100-car-models-exposed-scientists-volkswagen-suppressed-paper

 · A Romanian man pleaded guilty August 17 to his role in an international ATM skimming operation involving 4,583 stolen bank card numbers, skimming devices, and about $15,000 in stolen funds. – U.S. Attorney’s Office Eastern District of Pennsylvania See item 5 below in the Financial Services Sector

 · The New York Metropolitan Transportation Authority shut down Long Island Rail Road service in Bethpage August 16 after a small plane crashed onto the tracks. – WNBC 4 New York

9. August 17, WNBC 4 New York – (New York) 1 dead, 1 hurt in plane crash on Long Island Rail Road tracks. The New York Metropolitan Transportation Authority shut down service on the Long Island Rail Road at the site in Bethpage for most of the day August 16 after a small plane crashed onto the railroad tracks, killing the pilot and injuring a passenger. The plane took off from Gabreski Airport in Westhampton Beach and was headed to Morristown, New Jersey.Source: http://www.nbcnewyork.com/news/local/NY-Long-Island-Plane-Crash-Casualties-LIRR-Service-Suspended-321986792.html

 · The U.S. Internal Revenue Service announced August 17 that an additional 220,000 taxpayers may have had their account information breached in a May incident involving thefts targeting the agency’s “Get Transcript” system. – Associated Press

16. August 18, Associated Press – (National) IRS: Computer breach bigger than first thought; 334,000 victims. The U.S. Internal Revenue Service announced August 17 that an additional 220,000 taxpayers may have had their account information breached in an incident disclosed in May where thieves stole tax information after accessing the agency’s “Get Transcript” system where taxpayers can get tax returns and filings from previous years. The agency stated that it believes the total number of potential victims rose to 334,000 while it continues to investigate the breach.Source: http://www.tulsaworld.com/business/consumer/irs-computer-breach-bigger-than-first-thought-victims/article_51aba05f-b15e-5df4-acc3-387bdf675fb7.html

Financial Services Sector

5. August 17, U.S. Attorney’s Office Eastern District of Pennsylvania – (International) Romanian National admits to international ATM skimming scheme. A Romanian citizen pleaded guilty in Philadelphia August 17 to his role in an international scheme in which conspirators allegedly placed skimming devices on ATMs in Europe and the U.S., and withdrew funds from compromised accounts. Authorities arrested the man in South Carolina and found a total of 4,583 stolen bank card numbers, ATM skimming devices, and about $15,000 in stolen funds.Source: https://www.fbi.gov/philadelphia/press-releases/2015/romanian-national-admits-to-international-atm-skimming-scheme

6. August 17, Oak Lawn Patch – (Illinois) FBI intensifies search for serial bank robber dubbed ‘Midday Bandit’. The FBI is offering $10,000 for information leading to the capture and arrest of a suspect dubbed the “Midday Bandit”, who allegedly robbed 8 Chicago-area banks and attempted to rob 2 others since June 2014, with the most recent incident occurring at a U.S. Bank branch in Oak Park August 3. Source: http://patch.com/illinois/oaklawn/fbi-intensifies-search-serial-bank-robber-dubbed-midday-bandit

For another story, see item 16 above in Top Stories

Information Technology Sector

23. August 18, Securityweek – (International) High severity flaw in Android allows arbitrary code execution. Security researchers from Trend Micro discovered a heap overflow vulnerability in the Android operating system’s (OS) mediaserver Audio Policy Service, AudioEffect component, in which an app requiring no permissions could be used to execute arbitrary code. The vulnerability was patched in August security updates. Source: http://www.securityweek.com/high-severity-flaw-android-allows-arbitrary-code-execution

24. August 18, Securityweek – (International) Darkode member admits selling access to spam botnet. A New York member of the Darkode hacker forums pleaded guilty August 17 for his involvement in a scheme in which computers of Facebook users were infected with the Slenfbot worm and the “Facebook Spreader” malware, which used victim account information to spread. The suspect and co-conspirators allegedly received $200 - $300 for every 10,000 active infections from 2011 – 2012. Source: http://www.securityweek.com/darkode-member-admits-selling-access-spam-botnet

25. August 18, Threatpost – (International) Reflection DDoS attacks abusing RPC Portmapper. Officials from Level 3 Communications observed attackers utilizing Remote Procedure Call (RPC) Portmapper services for reflection distributed denial-of-service (DDoS) attacks between June and August, representing a new and effective method for bandwidth saturation. Source: https://threatpost.com/reflection-ddos-attacks-abusing-rpc-portmapper/114318

For another story, see item 2 above in Top Stories

Communications Sector

Nothing to report