Friday, September 11, 2015



Complete DHS Report for September 11, 2015

Daily Report                                            

Top Stories

 • Officials reported September 9 that a Salmonella Poona outbreak linked to cucumbers grown in Mexico has killed 2 people and sickened 341 people across 30 States. – CNN

14. September 9, CNN – (National) Salmonella outbreak kills two, sickens hundreds in the U.S. Officials reported September 9 that a Salmonella Poona outbreak linked to cucumbers grown in Mexico has killed 2 people and sickened 341 people across 30 States.

 • Excellus BlueCross BlueShield announced September 9 that hackers gained unauthorized access to information technology systems in 2013, potentially compromising the information of approximately 10.5 million individuals. – SC Magazine

17. September 9, SC Magazine – (National) Excellus BlueCross BlueShield announces breach, 10.5M records at risk. Excellus BlueCross BlueShield and affiliate Lifetime Healthcare Companies announced September 9 that hackers gained unauthorized access to information technology systems in 2013, potentially compromising the personal, financial, and medical information of approximately 10.5 million individuals. Officials stated that there was no evidence that the information was removed or used inappropriately and an investigation is ongoing.Source: http://www.scmagazine.com/excellus-bluecross-blueshield-announces-breach-105m-records-at-risk/article/437651/

 • Researchers announced that the Turla advanced persistent threat (APT) group utilizes design flaws on older communications satellites, allowing the group to intercept Internet traffic and hide the location of their command-and-control (C&C) servers. – Softpedia See item 24 below in the Information Technology Sector

 • Zimperium released its Stagefright exploit code and Python script, allowing users to test if their devices are vulnerable to the Stagefright bug. – Softpedia See item 25 below in the Information Technology Sector

Financial Services Sector

4. September 9, U.S. Securities and Exchange Commission – (National) SEC charges BDO and five partners in connection with false and misleading audit opinions. The U.S. Securities and Exchange Commission September 9 charged national audit firm BDO USA and five of the firm’s partners for allegedly dismissing red flags and issuing false and misleading unqualified audit opinions about the financial statements of staffing services company General Employment Enterprises regarding $2.3 million purportedly invested in a 90-day nonrenewable CD. BDO agreed to pay disgorgement of its audit fees and interest totaling approximately $600,000 and pay a $1.5 million penalty in addition to complying with undertakings related to its quality controls.Source: http://www.sec.gov/news/pressrelease/2015-184.html

5. September 9, Reuters – (California) SEC charges father, son, friend with insider trading in GE deal. The U.S. Securities and Exchange Commission charged three California men September 9 with alleged insider trading ahead of General Electric Co.’s $580 million merger with cancer diagnostics company Clarient Co. in 2010 after one of the men reportedly learned about the merger from a senior Clarient director. The three men agreed to pay a total of $169,485 in fines. Source: http://www.reuters.com/article/2015/09/09/sec-insidertrading-general-electric-clar-idUSL1N11F25F20150909

6. September 8, Reuters – (National) Bankrate to pay $15 million to settle SEC fraud charges. Bankrate Inc., agreed to pay $15 million in a settlement with the U.S. Securities and Exchange Commission (SEC) September 8 after its chief financial officer, former director of accounting, and former vice president of finance allegedly posted artificially inflated financial results in 2012, causing share prices to rise, allowing the chief financial officer to sell $2 million of company stock at inflated prices. Source: http://www.reuters.com/article/2015/09/08/us-sec-bankrate-idUSKCN0R81U920150908

For another story, see item 26 below in the Information Technology Sector

Information Technology Sector

22. September 10, Securityweek – (International) SAP updates patch twenty vulnerabilities. Germany-based SAP enterprise software maker updated 5 previously released patches and issued a new patch addressing 20 vulnerabilities including 8 that were missing authorization checks, 6 cross-site scripting (XSS) bugs, an information disclosure vulnerability, cross-site forgery (CSRF), remote code execution, SQL injection, in addition to other types of attacks. Source: http://www.securityweek.com/sap-updates-patch-twenty-vulnerabilities

23. September 10, Help Net Security – (International) PIN-changing, screen-locking Android ransomware. ESET researchers found a piece of ransomware that locks Android users out of their devices by changing the personal identification number (PIN) via masquerading as an app to view adult videos. Once users download and install the malicious app the LockerPin trojan prompts the user to install a patch for the app which unknowingly activates the Device Administrator privileges while appearing as an alleged message from the FBI asking the victim to pay a $500 fine to regain access to the device. Source: http://www.net-security.org/malware_news.php?id=3097

24. September 9, Softpedia – (International) Russian hacking group uses satellites to hide C&C servers. Kaspersky Labs announced that the Turla advanced persistent threat (APT) group utilizes design flaws on older communications satellites, allowing the group to intercept Internet traffic and use it to hide the location of their command-and-control (C&C) servers. The group can reportedly launch man-in-the-middle (MitM) attacks and intercept traffic through satellite dishes located in areas were the unencrypted satellites provide coverage. Source: http://news.softpedia.com/news/russian-hacking-group-uses-satellites-to-hide-c-c-servers-491352.shtml

25. September 9, Softpedia – (International) Zimperium releases exploit code for testing against Stagefright vulnerability. Zimperium released its Stagefright exploit code and Python script, allowing security experts, phone vendors, and users to test if their devices are vulnerable to the Stagefright bug, which affects over 95 percent of all Android devices running versions 2.2 or higher.Source: http://news.softpedia.com/news/zimperium-releases-exploit-code-for-testing-against-stagefright-vulnerability-491361.shtml

26. September 9, Securityweek – (International) DD4BC extortionist group launched over 140 DDoS attacks: Akamai. A report published by Akamai Technologies’ Prolexic Security Engineering and Response Team (PLXert) found that the extortionist group DD4BC, who led a distributed denial-of-service (DDoS) attack against several organizations and demanded Bitcoin payments, launched a total of 141 attacks between September 2015 and August 2015, with 58 percent of attacks targeting financial service institutions. The report also found that that group now utilizes social media platforms to expose and threaten targeted organizations in addition to the DDoS attack.Source: http://www.securityweek.com/dd4bc-extortionist-group-launched-over-140-ddos-attacks-akamai

Communications Sector

See item 26 above in the Information Technology Sector