Complete DHS Report for February 26, 2016
Daily Report
Top Stories
• A severe storm system that moved across southern and eastern
States February 23 – February 24 caused 52 tornadoes, left 7 people dead and
injured 20 others, knocked out power to more than 100,000 customers, and
cancelled schools, among other actions. – CNN
1. February
25, CNN – (National) Seven dead after tornadoes, powerful storms hit
the U.S. East Coast, South. A severe storm system that moved across
southern and eastern States February 23 – February 24 caused 52 tornadoes, left
7 people dead and injured 20 others, knocked out power to more than 100,000
customers, cancelled schools, prompted several States to declare states of
emergency, and forced the cancellation of over 2,800 flights nationwide. Source: http://www.cnn.com/2016/02/25/us/severe-weather-threat-for-southeast/index.html
• Honda Motor Co. Ltd., issued a nationwide recall February 9 for
42,129 of its Honda Civic sedans due to a potentially missing piston wrist pin
circlip or an incorrectly installed piston wrist pin circlip which could cause
the engine to seize. – Autoblog
4. February
24, Autoblog – (National) Honda recalls 2016 Civic 2.0-liter engine for
piston issue. The National Highway Traffic Safety Administration announced
February 9 that Honda Motor Co. Ltd., issued a recall for 42,129 of its model
year 2016 Honda Civic sedans with the 2.0-liter 4-cylinder engine sold in the
U.S. due to a potentially missing piston wrist pin circlip or an incorrectly
installed piston wrist pin circlip which could cause the engine to seize,
resulting in engine damage and increasing the risk of fire during a crash.
Honda Motor Co. Ltd., received one report of an engine fire. Source: http://www.autoblog.com/2016/02/24/2016-honda-civic-sedan-2-liter-recall-official/
• New York officials reported February 24 that three people were
charged for their roles in an $8 million fraud scheme by diverting 30 Federal
grant money from several Federal agencies and using the money for personal
expenses. – Elmira Star-Gazette See item 6 below in
the Financial Services Sector
• Officials are investigating a theft incident at York Hospital in
York County, Maine after the personal information of hundreds of employees and
four campuses were stolen by cyber criminals February 22. – Portland Press
Herald
9. February
25, Portland Press Herald – (Maine) York Hospital reports data breach
affecting its employees. A spokesperson for York Hospital in York County,
Maine, stated February 24 that the personal information, including Social
Security numbers, of hundreds of employees and four campuses in the county was
stolen by cyber criminals February 22, and that the theft remains under
investigation. The hospital asserted that no patient information was
compromised in the breach. Source: http://www.pressherald.com/2016/02/24/york-hospital-reports-data-breach-affecting-its-employees/
Financial Services Sector
6. February
24, Elmira Star-Gazette – (National) Former Horseheads residents
face fraud charges. The U.S. Attorney’s Office in Rochester, New York
announced February 24 that 2 Virginia residents and a Washington man were
charged for their roles in an $8 million fraud scheme where the group allegedly
diverted 30 Federal grant money from several Federal agencies including the
U.S. Department of Energy, and the U.S. Department of Transportation, among
other agencies, into their personal bank accounts in Horseheads and Elmira, New
York and used the money for personal expenses. The trio allegedly fabricated
letters of support and investment, provided false information on research grant
proposals and reports on business entities, facilities, and employees, and
provided falsified reports on how Federal funds were expended. Source: http://www.stargazette.com/story/news/local/2016/02/24/former-horseheads-residents-face-fraud-charges/80877220/
Information Technology Sector
16. February
25, SecurityWeek – (International) OpenSSL preparing patches for high severity
flaws. The OpenSSL Project reported it will release versions 1.0.2g and
1.0.1s for its OpenSSL product early March 2016 to patch several
vulnerabilities including a high severity flaw that could allow attackers to
obtain the key needed to decrypt traffic if the targeted application uses the
Diffie-Hellman (DH) key exchange. Source: http://www.securityweek.com/openssl-preparing-patches-high-severity-flaws
17. February 25,
SecurityWeek – (International) Critical Drupal updates patch several
vulnerabilities. Drupal released versions 6.38, 7.43, and 8.0.4 that
patches ten vulnerabilities including a bypass issue, denial-of-service (DDoS)
vulnerability, and an open redirect vulnerability, among other flaws. Source: http://www.securityweek.com/critical-drupal-updates-patch-several-vulnerabilities
18. February
24, Softpedia – (International) Attackers can hijack wireless mice and
keyboards to install malware. Security researchers from Bastille discovered
that wireless mouse and keyboard USB dongles, sold by Dell, HP, Lenovo, and
Microsoft, among other companies, were susceptible to a remote attack called,
Mousejack after finding that the USB dongles did not have unique pairings
between a computer and its device, allowing attackers to use similar devices
with the victim’s dongle and take control of a victim’s computer and carry out
malicious actions. Source: http://news.softpedia.com/news/attackers-can-hijack-wireless-mice-and-keyboards-to-install-malware-500925.shtml
19. February
24, SecurityWeek – (International) Sony hackers linked to many espionage,
destruction campaigns. Novetta, Kaspersky Lab, AlientVault, and Symantec
security firms released a report February 24 detailing that the activities of
the threat group dubbed, the Lazarus Group was allegedly linked to numerous
attacks including a 2014 attack on Sony Pictures Entertainment, the Dark Seoul
and Operation Tory campaigns, and attacks on government, media, military,
aerospace, manufacturing, and financial organizations located in South Korea
and the U.S. Researchers found that the attacks and the Lazarus Group shared
similar code between malicious tools and similarities in the attackers’ modus
operandi. Source: http://www.securityweek.com/sony-hackers-linked-many-espionage-destruction-campaigns
Communications Sector
Nothing to report
No comments:
Post a Comment