Complete DHS Report for May 25, 2016
Daily Report
Top Stories
• Shell Pipeline Co., announced May 23 that it shut down its San
Pablo Bay Pipeline after it ruptured May 20 near Tracy, California, spilling as
much as 21,000 gallons of crude oil into the soil. – San Francisco Chronicle
1. May 23,
San Francisco Chronicle – (California) Oil pipeline near Tracy
spills thousands of gallons of crude. Shell Pipeline Co., announced May 23
that it shut down its San Pablo Bay Pipeline after it ruptured May 20 along the
Alameda County-San Joaquin County border near Tracy, spilling as much as 21,000
gallons of crude oil into the soil. Crews reported to the site to clean up the
contaminated soil and monitor air, water, and ground conditions. Source: http://www.sfgate.com/bayarea/article/Oil-pipeline-near-Tracy-spills-thousands-of-7940489.php
• Toyota Motor Corp., expanded a previous recall May 23 to include
approximately 1.6 million of its model years 2006 – 2011 Lexus, Scion, and
Toyota vehicles in select models sold in the U.S. due to faulty Takata Corp.
front passenger side air bag inflators. – Reuters
3. May 23,
Reuters – (National) Toyota recalls 1.6 million U.S. vehicles for
Takata air bags. Toyota Motor Corp., expanded a previous recall May 23 to
include approximately 1.6 million of its model years 2006 – 2011 Lexus, Scion,
and Toyota vehicles in select models sold in the U.S. due to faulty Takata
Corp. front passenger side air bag inflators that can rupture with excessive
force, releasing shrapnel into vehicle occupants. The defective inflators have
been linked to over 100 injuries and 13 deaths globally. Source: http://www.reuters.com/article/us-autos-takata-toyota-idUSKCN0YE2MX
• Two unrelated plane crashes in Hawaii May 23 left two people
injured and a group of two instructors, two tandem jumpers, and a pilot dead. –
CNN
6. May 24,
CNN – (Hawaii) Two plane crashes in Hawaii leave five dead and two
injured. Two unrelated plane crashes in Hawaii May 23 left a group of two
instructors, two tandem jumpers, and a pilot dead after the group took off for
a skydiving tour from Port Allen Airport in Kauai, while the second crash left
two people injured after the plane experienced engine trouble while inbound to
Honolulu International Airport. Source: http://www.cnn.com/2016/05/23/us/hawaii---plane-crashes/index.html
• Schools in Colorado, Wisconsin, Utah, New Hampshire, Delaware,
and Minnesota were placed on lockdown or evacuated May 23 following a series of
automated hoax bomb threat calls. – Associated Press
14. May 24,
Associated Press – (National) School threats could be latest in school
“swatting.” Schools in Colorado, Wisconsin, Utah, New Hampshire, Delaware,
and Minnesota were placed on lockdown or evacuated May 23 following a series of
automated bomb threat calls. Nothing suspicious was found after authorities
searched the campuses.
Source: http://www.msn.com/en-us/news/us/school-threats-could-be-latest-in-school-swatting/ar-BBtnMHf
Financial Services Sector
Nothing
to report
Information Technology Sector
17. May 24,
Softpedia – (International) Pastejacking attack overrides your clipboard
to trick you into running evil code. A security researcher discovered a
clipboard hijacking attack titled Pastejacking was capable of using Cascading
Style Sheets (CSS) to add malicious content to the clipboard without a user’s
awareness, tricking users into executing unwanted terminal commands via
JavaScript. Source: http://news.softpedia.com/news/pastejacking-attack-overrides-your-clipboard-to-trick-you-into-running-evil-code-504420.shtml
18. May 24,
SecurityWeek – (International) Adobe patches flaw in Connect web
conferencing software. Adobe released Connect 9.5.3 addressing several
functionality vulnerabilities and one security flaw after a security researcher
discovered that attackers could exploit an untrusted search path issue
affecting the Connect add-in installer to launch Dynamic Link Library (DLL)
loading attacks. The flaws affect Connect versions 9.5.2 and earlier for
Microsoft Windows. Source: http://www.securityweek.com/adobe-patches-flaw-connect-web-conferencing-software
19. May 24,
Softpedia – (International) DMA Locker 4.0 may be the next big thing in
terms of ransomware. A security researcher from Malwarebytes reported that
the DMA Locker 4.0 ransomware had new improvements to its features including
the new utilization of a command and control (C&C) server instead of using a
single encryption key hardcoded in the ransomware. In addition, the ransomware
can now generate unique Advanced Encryption Standard (AES) encryption keys for
each file with a public RSA key obtained from the C&C server. Source: http://news.softpedia.com/news/dma-locker-4-0-may-be-the-next-big-thing-in-terms-of-ransomware-504413.shtml
20. May 23,
SecurityWeek – (International) Critical vulnerability plagues 60% of Android
devices. An elevation of privilege (EoP) flaw in the Widevine Qualcommm Secure
Execution Environment (QSEE) TrustZone application reportedly affects about 60
percent of all Android devices globally despite being patched in January after
security researchers discovered that QSEE was extremely privileged, allowing
direct interaction with the TrustZone kernel and direct access to the system’s
memory, enabling an attacker to hijack the Linux Kernel without having to find
and exploit a Kernel flaw. Source: http://www.securityweek.com/critical-vulnerability-plagues-60-android-devices
Communications Sector
Nothing to report
No comments:
Post a Comment