Complete DHS Report for May 17, 2016
Daily Report
Top Stories
• M&T Bank Corporation agreed May 13 to pay the Federal
government $64 million to settle charges after a former underwriter at M&T
filed a whistleblower lawsuit against the bank in 2013 alleging she witnessed
fraud in the bank’s Federal Housing Administration underwriting practices. – Rochester
Democrat and Chronicle See item 6 below in
the Financial Services Sector
• Southbound lanes of Moreno Boulevard in San Diego were closed
for 13 hours May 13 – May 14 while northbound lanes remained closed for at
least 24 hours after a semi-truck carrying fuel overturned and spilled diesel.
– KNSD 39 San Diego
11. May 14,
KNSD 39 San Diego – (California) Tanker truck overturns near Interstate 8, spills
fuel. The southbound lanes of Moreno Boulevard in San Diego were closed for
13 hours May 13 – May 14, while the northbound lanes remained closed for at
least 24 hours after a semi-truck carrying fuel overturned, spilling an unknown
amount of diesel onto the roadway. HAZMAT crews were working to clean up the
spill and the cause of the crash remains under investigation. Source: http://www.nbcsandiego.com/news/local/Fuel-Truck-Overturns-Near-Insterstate-8-HAZMAT-Responding-SDPD-379473051.html
• Risk Based Security reported that the popular forum, Nulled.io
was compromised after hackers leaked a 1.3Gb archive containing data for more
than 536,000 user accounts. – SecurityWeek See item 21 below in
the Information Technology Sector
• A May 15 fire displaced 20 residents and caused $1 million in
damages to a 16-unit apartment complex in Janesville, Wisconsin, after the
blaze began when smoking material was improperly disposed. – WIFR 23
Freeport
28. May 15,
WIFR 23 Freeport – (Wisconsin) 20 displaced in Janesville apartment fire. A
May 15 fire displaced 20 residents and caused $1 million in damages to a
16-unit apartment complex in Janesville, Wisconsin, after the blaze began when
smoking material was improperly disposed. One person was treated for smoke
inhalation and the incident was contained. Source: http://www.wifr.com/content/news/20-Displaced-in-Janesville-Apartment-Fire-379584471.html
Financial Services Sector
5. May 13,
SecurityWeek – (International) Upgraded Android banking trojan targets users
in 200 countries. Security researches from Doctor Web reported that an Android
banking trojan dubbed Android.SmsSpy.88. origin, initially discovered in 2014,
was updated with new ransomware capabilities including a credit card
information stealing capability that targets around 100 banking applications by
using WebView to display a phishing window on top of the legitimate banking
app, and by utilizing a fake Google Play payment phishing page to intercept and
send short message service (SMS) and multimedia messaging service (MMS)
messages, send unstructured supplementary service data (USSD) requests, and
transmit all saved messages to the server, among other malicious actions.
Security researchers stated the trojan has infected over 40,000 devices in over
200 countries. Source: http://www.securityweek.com/upgraded-android-banking-trojan-targets-users-200-countries
6. May 13,
Rochester Democrat and Chronicle – (National) M&T Bank
settles ederal fraud case for $64 million. M&T Bank Corporation agreed
May 13 to pay the Federal government $64 million to settle charges after a
former underwriter at M&T filed a whistleblower lawsuit against the bank in
2013 alleging she witnessed fraud in the bank’s Federal Housing Administration
underwriting practices, prompting a Federal investigation which revealed that
the bank awarded housing loans that did not meet Federal requirements. Source: http://www.democratandchronicle.com/story/money/business/2016/05/13/mt-bank-settles-federal-fraud-case-64-million/84330828/
7. May 13,
U.S. Securities and Exchange Commission – (National) SEC charges two
attorneys with defrauding escrow clients. The U.S. Securities and Exchange
Commission announced May 13 fraud charges against two attorneys acting as
escrow agents after the duo allegedly made undisclosed risky investments and
stole $13.8 million they obtained in escrow amounts from small business owners
by making misrepresentations to clients about a purported loan company,
Atlantic Rim Funding, siphoning clients’ investment funds to pay themselves and
others, and gambling on risky securities derivatives. Officials stated the pair
concealed their illicit actions by claiming the money used for the securities
trades was their own and did not belong to clients. Source: https://www.sec.gov/news/pressrelease/2016-87.html
Information Technology Sector
21. May 16,
SecurityWeek – (International) Data leaked from hacker forum Nulled.io. Risk
Based Security reported that the popular forum, Nulled.io was compromised after
hackers leaked a 1.3Gb archive containing more than 536,000 user account
information including usernames, email addresses, hashed passwords, application
program interface (API) credentials for payment gateways, authentication logs,
and Internet Protocol (IP) addresses, among other data. Researchers are unsure
how the Nulled.io database was compromised and the forum was taken offline due
to the attack.
22. May 16,
Softpedia – (International) New Simple attack on Squid proxies leverages
malicious flash ads. Squid released versions 4.0.10 and 3.5.18 addressing a
vulnerability in its products after a graduate from Tsinghua University
discovered a vulnerability dubbed Squison in Squid 3.5.12 to 3.5.17 and all 4.x
versions up to 4.0.9 that could allow hackers to poison a Squid proxy server’s
cache with malicious content by using simple attacks including a malicious
Flash ad or through a Web site controlled by an attacker. Source: http://news.softpedia.com/news/new-simple-attack-on-squid-proxies-leverages-malicious-flash-ads-504103.shtml
23. May 16,
IDG News Service – (International) Researchers crack new version of CryptXXX
ransomware. Researchers from Kaspersky Lab created a new tool titled,
RannohDecryptor that will help victims decrypt files and recover lost
information affected by the CryptXXX 2.0 malware. Researchers advised users to
install software program updates to mitigate ransomware attacks. Source: http://www.networkworld.com/article/3070477/researchers-crack-new-version-of-cryptxxx-ransomware.html
24. May 15,
Softpedia – (International) Silk Road 3.0 pops up on the Dark Web, once
again. A Reddit online thread reported that a new Silk Road marketplace
dubbed, Silk Road 3.0, was active after its predecessor site was shut down
following an FBI raid that arrested the Web site’s users, moderators, and
administer. The marketplace was seen actively compiling stolen data, exploits,
botnets, drugs, and weapons, among other illegal items, for attackers to
purchase. Source: http://news.softpedia.com/news/silk-road-3-0-pops-up-on-the-dark-web-once-again-504089.shtml
25. May 13,
Softpedia – (International) Five-year-old SAP vulnerability affects over
500 companies, not 36. The U.S. Computer Emergency Response Team (US-CERT)
issued a public alert to all U.S. companies after ERPScan discovered at least
533 companies were affected by an SAP vulnerability largely due to the
companies’ failure in installing a SAP security patch issued in 2010. The
vulnerability can allow attackers to gain complete control of SAP business
platforms via a bug in Invoker Servlet, a component in SAP’s Java platforms. Source:
http://news.softpedia.com/news/five-year-old-sap-vulnerability-affects-over-500-companies-not-36-504043.shtml
26. May 13,
SecurityWeek – (International) Meteocontrol patches flaws in Photovoltaic
Data logger. Meteocontrol released an update for all versions of its
WEB’log Basic 100, Light, Pro, and Pro unlimited products used in the energy,
water, critical manufacturing, and commercial facilities sectors after a
security researcher discovered that the products were plagued by critical
authentication flaws, information exposure flaws, and a cross-site request
forgery (CSRF) flaw that could allow attackers to perform actions on behalf of
the user without authentication and access an administrator password in clear
text. Source: http://www.securityweek.com/meteocontrol-patches-flaws-photovoltaic-data-logger
For another story, see item 5 above in the Financial Services Sector
Communications Sector
See item 5 above in the Financial Services Sector
No comments:
Post a Comment