Thursday, November 5, 2015



Complete DHS Report for November 5, 2015

Daily Report                                            

Top Stories

 • U.S. auto safety regulators fined Takata Corporation November 3 for deliberately mishandling a recall of more than 23 million air bags that have contributed to the death of at least 7 Americans. – CBS News

5. November 3, CBS News – (International) Takata fined up to $200 million for air bag bungle. U.S. auto safety regulators fined Japanese automotive parts maker Takata Corporation November 3 for deliberately mishandling a recall of more than 23 million air bags that have contributed to the death of at least 7 Americans. Takata will be forced to pay up to $200 million in penalties, stop all sales of inflators that use ammonium nitrate propellant, and will be subject to Federal oversight for 5 years, among other requirements. Source: http://www.cbsnews.com/news/takata-fined-up-to-200-million-for-air-bag-bungle

 • The Federal U.S. Attorney’s Office announced November 3 that nine Jacksonville, Florida residents were charged for allegedly defrauding the supplemental nutrition assistance program (SNAP) of more than $1.8 million by redeeming SNAP benefits through unauthorized Electronic Benefits Transfers. – WJXT 4 Jacksonville

20. November 3, WJXT 4 Jacksonville – (Florida) 9 indicted for SNAP fraud in Jacksonville. The Federal U.S. Attorney’s Office announced November 3 that 9 Jacksonville, Florida residents were charged for allegedly defrauding the supplemental nutrition assistance program (SNAP) of more than $1.8 million by reportedly redeeming SNAP benefits through unauthorized Electronic Benefits Transfers, and for setting up fake stores at local homes that never sold goods. Six suspects were in custody while the remaining 3are still on the run. Source: http://www.news4jax.com/news/9-indicted-for-snap-fraud-in-jacksonville/36230982

 • Researchers from Akamai discovered a new spam botnet in the wild, dubbed Torte that infects machines via Executable and Linkable Format Linux binaries and Hypertext Preprocessor scripts placed on the targeted server’s filesystem. – Softpedia See item 22 below in the Information Technology Sector

 • FireEye researchers discovered the malware XcodeGhost is still active and has evolved to support Xcode 7 and iOS 9, allowing attackers collect information from infected devices and open arbitrary Web sites. – Securityweek See item 23 below in the Information Technology Sector


Financial Services Sector
See item 21 below from the Government Facilities Sector

21. November 3, MLive.com – (Michigan) Roofing company pleads guilty in unemployment fraud case over ‘banking hours.’ Lutz Roofing Company in Shelby Township pleaded guilty November 2 to defrauding Michigan’s Unemployment Insurance Agency of more than $104,000, and multiple health care plans of more than $70,000 by allowing part-time employees to file for full unemployment benefits and log ‘banking hours,’ as well as directing workers to falsely reports on-the-job injuries in order to obtain health care benefits. Source: http://www.mlive.com/news/detroit/index.ssf/2015/11/roofing_company_pleads_guilty.html

Information Technology Sector

22. November 3, Softpedia – (International) Spam botnet leverages vulnerable WordPress sites. Researchers from Akamai Security Intelligence Research Team (SIRT) discovered a new spam botnet in the wild dubbed Torte that infects machines via Executable and Linkable Format (ELF) Linux binaries and Hypertext Preprocessor (PHP) scripts placed on the targeted server’s filesystem after the SIRT team received a suspicious PHP script for analysis. The botnet is one of the largest in recent years and accounts for 83,000 infections across 2 of 4 infection layers. Source: http://news.softpedia.com/news/spam-botnet-leverages-vulnerable-wordpress-sites-495659.shtml

23. November 3, Securityweek – (International) XcodeGhost Malware updated to target iOS 9. FireEye researchers discovered the malware XcodeGhost designed to target Apple’s mobile operating system (iOS) and graphical interface operating systems (OS X) is still active and has evolved to support Xcode 7 and iOS 9, allowing attackers to perform various actions including collecting information from infected devices and opening arbitrary Web sites. The malware has primarily targeted China, Germany, and the U.S. Source: http://www.securityweek.com/xcodeghost-malware-updated-target-ios-9

24. November 3, Securityweek – (International) Malware served via anti-adblocking service pagefair. The anti-adblocking solutions provider, PageFair reported hackers breached its systems after gaining access to a key email account via a spear phishing attack, which allowed attackers to hijack the content delivery network MaxCDN account and change its settings to replace the legitimate analytics JavaSript tag with malware disguised as an Adobe Flash Player update. PageFair reported that just 2.3 percent of the affected Web sites’ visitors were at risk of infection before neutralizing the attack. Source: http://www.securityweek.com/malware-served-anti-adblocking-service-pagefair

25. November 3, The Register – (International) Password reset invoked after vBulletin.com forum software site defaced. The official Web site of vBulletin.com was compromised October 30 following a hacker attack that used the handle “Coldzer0” by exploiting a zero-day vulnerability in its systems to hack its Web site and other Web sites powered by the company. User data including user names, email addresses, security questions and answers, and password salts were exposed, and as a precaution, vBulletin reset all account passwords. Source: http://www.theregister.co.uk/2015/11/03/vbulletin_forum_software_hacked_defaced/

Communications Sector

26. November 3, Washington Post – (Maryland) Hilton, M.C. Dean being fined for blocking guests’ Wi-Fi. The U.S. Federal Communications Commission announced November 2 that Hilton Worldwide and M.C. Dean face a total of $750,000 in fines related to complaints that revealed the companies allegedly obstructed people from accessing personal Wi-Fi hot spots at the Baltimore Convention center. M.C. Dean also faces fines for failure to cooperate with the investigation that revealed the hotel chain blocked Wi-Fi access at its properties. Source: https://www.washingtonpost.com/news/capital-business/wp/2015/11/03/hilton-m-c-dean-being-fined-for-blocking-guests-wi-fi/