Complete DHS Report for May 10, 2016
Daily Report
Top Stories
• Officials from Israel’s Ministry of Justice approved May 8 the
extradition of two men to the U.S. for their roles in a “pump-and-dump” stock
manipulation scheme from 2011 – 2015. – Reuters See item 3 below in
the Financial Services Sector
• Officials announced May 6 a year-long maintenance program for
Washington, D.C.’s Metro system which will shut down sections of the tracks in
order to replace 48,000 wooden ties, 36,000 track fasteners, and clear 87,000
linear feet of drains at 15 locations along the system. – USA Today
10. May 6, USA
Today – (Washington, D.C.) Major repairs and major delays for DC
Metro to begin in June. Officials from the Washington Metropolitan Area
Transit Authority (WMATA) announced May 6 a maintenance program for the city’s
Metro system called Safe Tracks which will shut down sections of the tracks in
order to replace 48,000 wooden ties, 36,000 track fasteners, and clear 87,000
linear feet of drains at 15 locations along the system following incidents of
tunnel fires and emergency closures of the system in January 2015 and March
2016. Repairs are scheduled to begin in June and last until 2017. Source: http://www.usatoday.com/story/news/2016/05/06/dc-subway-get-massive-repairs-but-without-closing-lines/84019322/
• Pilgrim’s Pride Corp., expanded a previous recall May 6 to
include approximately 5,176,844 pounds of its fully cooked chicken products due
to potential contamination with plastic pieces. – U.S. Department of
Agriculture
11. May 9,
U.S. Department of Agriculture – (National) Pilgrim’s Pride
Corp. recalls poultry products due to possible foreign matter contamination. Pilgrim’s
Pride Corp., expanded a previous recall May 6 to include approximately
5,176,844 pounds of its fully cooked chicken products sold in 30 variations due
to potential contamination with plastic pieces after the firm received consumer
complaints regarding extraneous materials found in the chicken nugget products.
There have been no confirmed reports of adverse reactions and the products were
shipped for institutional use nationwide. Source: http://www.fsis.usda.gov/wps/portal/fsis/topics/recalls-and-public-health-alerts/recall-case-archive/archive/2016/recall-027-2016-release-expansion
• A Federal Protective Service officer was taken into custody and
charged after he shot three people at the Westfield Montgomery Mall in Maryland
before shooting another woman in the parking lot of a Giant grocery store May
6. – NBC News
32. May 7, NBC
News – (Maryland) Maryland mall shooting suspect charged with 3
counts of murder. A Federal Protective Service officer was taken into
custody and charged after he shot two men and a woman in the parking lot of the
Westfield Montgomery Mall in Maryland before shooting another woman in the
parking lot of a Giant grocery store May 6. Two of the individuals who were shot
died from their injuries, and authorities stated that the officer is also
suspected of shooting his estranged wife in a separate incident May 5. Source: http://www.nbcnews.com/news/us-news/maryland-mall-shooting-suspect-eulalio-tordil-charged-3-counts-murder-n569921
Financial Services Sector
3. May 9,
Reuters – (International) Israel approves extradition to U.S. of two
securities fraud suspects. Officials from Israel’s Ministry of Justice
approved May 8 the extradition of two men to the U.S. indicted in the U.S.
District Court for the Southern District of New York for their roles in a
“pump-and-dump” stock manipulation scheme where the men and co-conspirators acquired
shares in thinly traded companies, sent millions of spam emails inducing
investors to purchase the stocks in order to artificially inflate the price,
then sold off their holdings from 2011 – 2015. Authorities stated that charges
were added to the indictment in March after discovering that the duo hacked
into a dozen companies’ networks and stole the personal information of more
than 100 million people.
Information Technology Sector
26. May 9,
SecurityWeek – (International) Over two dozen flaws found in Aruba products.
Aruba Networks patched some of the 26 security flaws discovered by a Google
security engineer, and is working to patch the remaining vulnerabilities which
impact all versions of ArubaOS, AirWave Management Platform 8.x versions prior
to 8.2, and Aruba Instant access points (IAP) prior to 4.1.3.0 and 4.2.3.1.
Some of the vulnerabilities discovered include the transmission of login
credentials via Hypertext Transfer Protocol (HTTP), default accounts, remote
code execution flaws, firmware-related weaknesses, information disclosure
issues, and Protocol Application Programming Interface (PAPI)-related security
bugs. Source: http://www.securityweek.com/over-two-dozen-flaws-found-aruba-products
27. May 9,
Softpedia – (International) Google suffers minor data breach via
third-party benefits vendor. Google notified an unknown number of employees
following a data breach that occurred when a manager of a third-party benefits
vendor sent a file containing the names and Social Security numbers of an
undisclosed number of Google employees to the wrong person. The individual who
received the data deleted it from his computer and notified Google’s vendor of
the incident. Source: http://news.softpedia.com/news/google-suffers-minor-data-breach-via-third-party-benefits-vendor-503839.shtml
28. May 8,
Softpedia – (International) Bucbi ransomware makes a comeback after two
years. Researchers at Palo Alto Networks reported that a cyber-crime group
is utilizing a re-tooled version of the Bucbi ransomware that does not rely on
social engineering tactics and works without needing to connect to an online
command and control (C&C) server, uses a different installation routine,
and also employs a different ransom note. The group uses brute-force attacks
against corporate networks running Internet-available Remote Desktop Protocol (RDP)
servers. Source: http://news.softpedia.com/news/bucbi-ransomware-makes-a-comeback-after-two-years-503821.shtml
29. May 8,
Softpedia – (International) 190 Android apps infected with malware
discovered on the Google Play Store. Google removed 190 applications
infected with malware from its Google Play Store after it was notified by Dr.
Web security researchers who discovered that the malware’s mode of operation,
Android.Click, waits for 6 hours after it is installed before forcibly loading
a Uniform Resource Locator (URL) in the user’s browser, prompting the user back
to the Google Play Store to download a second app. Source: http://news.softpedia.com/news/190-android-apps-infected-with-malware-discovered-on-the-google-play-store-503824.shtml
30. May 7,
Softpedia – (International) WordPress 4.5.2 released to fix XSS and SOME
security bugs. The WordPress project released version 4.5.2 of its
open-source platform addressing two security issues in two libraries packed
with the content management system (CMS) after Cure53 researchers found a
Same-Origin Method Execution (SOME) vulnerability in the Plupload library,
which allows attackers to perform unintended actions on a Web site on behalf of
victims, and a cross-site scripting (XSS) issue in the MediaElement.js library.
Source: http://news.softpedia.com/news/wordpress-4-5-2-released-to-fix-xss-and-some-security-bugs-503783.shtml
Communications Sector
Nothing to report
No comments:
Post a Comment