Thursday, September 24, 2015



Complete DHS Report for September 24, 2015

Daily Report                                            

Top Stories

 • Volkswagen announced September 22 emissions discrepancies in 11 million vehicles worldwide, and pledged $7.3 billion to cover recall and other costs. – CNN

6. September 22, CNN – (International) Volkswagen scandal widens. Volkswagen announced September 22 that internal investigations revealed significant discrepancies in 11 million vehicles worldwide, after U.S. regulators reported that the company had installed software to engage emissions management on diesel vehicles when being tested, only to run up to 40 times more emissions when on the road. Volkswagen pledged $7.3 billion to cover the cost of affected vehicle recalls and other mitigation efforts. Source: http://money.cnn.com/2015/09/22/news/vw-recall-diesel/

 • Washington, D.C. Metro service for the Green and Yellow lines between the U Street and Fort Totten stations was restored September 22 after being suspended while authorities evacuated 500-600 people from a Metro tunnel after a train lost power. – WRC 4 Washington, D.C.

12. September 22, WRC 4 Washington, D.C. – (Washington, D.C.) Service restored after hundreds of evacuated from stuck Metro train near Papal Mass site. Washington, D.C. Metro service on the Green and Yellow lines between the U Street and Fort Totten stations was fully restored September 22 after being suspended for hours while firefighters helped escort 500-600 passengers out of a Metro tunnel between th Columbia Heights and Georgia Ave-Petworth stations, after a northbound train got stuck due to a power loss. No injuries were reported. Source: http://www.nbcwashington.com/news/local/Metro-Delays-Expected-on-Green-and-Yellow-Lines-328732351.html

 • The U.S. Office of Personnel Management confirmed September 23 that the number of current and formal Federal employees impacted in a data breach was up to 5.6 million, up from the 1.1 million reported in July. – NBC News

18. September 23, NBC News – (National) OPM hack: 5.6 million fingerprints (not 1.1 million) were stolen. The U.S. Office of Personnel Management confirmed September 23 that the number of fingerprints of current and former Federal employees impacted in a data breach reported June 4 were 5.6 million, up from the 1.1 million originally reported in July. Source: http://www.nbcnews.com/tech/security/opm-5-6-million-fingerprints-not-1-1-million-were-n432281

 • The U.S. President declared a major disaster September 22 for the 76,067-acre Valley Fire in California that was 75 percent contained, and crews continued to battle the 70,868 Butte fire, which was 80 percent contained. – Los Angeles Times

20. September 23, Los Angeles Times – (California) U.S. President declares major disaster in deadly California wildfire. The U.S. President declared a major disaster for the 76,067-acre Valley Fire burning in northern California that destroyed an estimated 1,261 structures and was 75 percent contained by September 22. Fire crews also continued to battle the 70,868-acre Butte Fire, which destroyed over 545 structures and was 80 percent contained. Source: http://www.msn.com/en-us/news/us/obama-declares-major-disaster-in-deadly-california-wildfire/ar-AAeEDso

Financial Services Sector

7. September 22, U.S. Securities and Exchange Commission – (National) SEC charges investment adviser with failing to adopt proper cybersecurity policies and procedures prior to breach. St. Louis-based R.T. Jones Capital Equities Management agreed September 22 to pay $75,000 to settle U.S. Securities and Exchange Commission charges that the firm failed to establish required cybersecurity policies and procedures in advance of a breach that compromised information of about 100,000 individuals in July 2013. Source: http://www.sec.gov/news/pressrelease/2015-202.html

8. September 22, Office of the Attorney General, State of Louisiana – (National) Attorney General announces arrest of Baton Rouge man for orchestrating national financial fraud scheme. A Baton Rouge man was arrested September 22 for allegedly running a major credit-repair fraud involving at least 13 other suspects that resulted in over 300 stolen identities and losses of more than $5 million by stealing the Social Security numbers of children and selling them as Credit Profile Numbers to individuals who needed lines of credit. Source: https://www.ag.state.la.us/Article.aspx?articleID=1106&catID=2

Information Technology Sector

25. September 23, Securityweek – (International) Firefox 41 patches critical vulnerabilities. Mozilla released updates addressing 30 vulnerabilities in Firefox version 41, including use-after-free bugs with IndexedDB and manipulation of HyperText Markup Language (HTML) content that could lead to an exploitable crash, memory safety bugs that can be exploited to execute arbitrary code, and two flaws involving cross-origin resource sharing (CORS)“preflight” request handling, among others. Source: http://www.securityweek.com/firefox-41-patches-critical-vulnerabilities

26. September 23, Softpedia – (International) Brute-forcing URL shorteners can expose sensitive corporate information. Security researchers and social engineers discovered that brute-force attacks could be used to uncover active short links by services running Bit.ly Uniform Resource Locator (URL) shorteners, potentially accessing sensitive or private documents passed through a company’s shortener, and that attackers could bypass rate limits with the use of proxies. Source: http://news.softpedia.com/news/brute-forcing-url-shorteners-can-expose-sensitive-corporate-information-492442.shtml

27. September 23, Help Net Security – (International) WD My Cloud NAS devices can be hijacked by attackers. Security researchers from VerSprite discovered vulnerabilities in Western Digital My Cloud network attached storage (NAS) products’ RESTful Application Program Interface (API) in which any authorized remote user can remotely execute commands and steal files belonging to other users, as well as abuse root access to the NAS in a private internal network. Researchers also discovered a separate flaw in the device’s web application allowing for cross-site request forgery attacks. Source: http://www.net-security.org/secworld.php?id=18885

28. September 23, Securityweek – (International) Large number of iOS apps infected by XcodeGhost. Security researchers from Pangu discovered that the number of iOS applications affected by the XcodeGhost malware is over 3,400, and FireEye reported the number on the App store could be over 4,000. The malware injects malicious code into legitimate iOS and OS X applications using a modified version of Apple’s Xcode development platform, and has been detected in apps distributed worldwide. Source: http://www.securityweek.com/large-number-ios-apps-infected-xcodeghost

29. September 23, The Register – (International) Malvertisers slam Forbes, Realtor with world’s worst exploit kits. Security researchers from FireEye and Malwarebytes reported that multiple Forbes Web sites and Realtor.com were hit with malvertising attacks that redirected users to sites hosting the Neutrino and Angler exploit kits (EKs), which boast a 40 percent exploit-rate for victims and leverage Adobe Flash, Java, Microsoft Silverlight, and other browser vulnerabilities and quickly incorporate zero day flaws. Source: http://www.theregister.co.uk/2015/09/23/malvertising_forbes/

30. September 23, Softpedia – (International) New adware facilitates the distribution of trojans for Mac users. Security researchers from Dr. Web discovered a new malware named “Adware.Mac.WeDownload.1” containing a modified version of Adobe Flash Player that, once clicked, requests administrator privileges and contacts a command-and-control (C&C) server to install additional malicious applications. Source: http://news.softpedia.com/news/new-adware-facilitates-the-distribution-of-trojans-for-mac-users-492466.shtml

For another story, see item 7 above in the Financial Services Sector

Communications Sector

Nothing to report