Complete DHS Report for July 22, 2016
Daily Report
Top Stories
• Federal officials reached a $176 million settlement with
Enbridge Energy Partners July 20 following the release of at least 843,000
gallons of crude oil into the Kalamazoo River in Michigan in July 2010. – Associated
Press
2. July 20,
Associated Press – (National) Enbridge reaches $176M agreement for 2010 Michigan
oil spill. The U.S. Department of Justice and U.S. Environmental Protection
Agency reached a $176 million settlement with Enbridge Energy Partners July 20
following the release of at least 843,000 gallons of crude oil into the
Kalamazoo River in Michigan in July 2010. Under the settlement, Enbridge must
replace nearly 300 miles of pipeline between Neche, North Dakota, and Superior,
Wisconsin, as well as develop measures to prevent future spills, detect leaks,
and prepare for emergencies across Enbridge’s Lakehead network that extends
more than 2,000 miles across 7 States, among other requirements. Source: http://abcnews.go.com/International/wireStory/enbridge-reaches-176m-agreement-2010-michigan-oil-spill-40754722
• Two men were arrested in Corona, California, July 16 after
authorities found about 150 counterfeit credit cards, an encoding machine, and
several counterfeit IDs, among other illicit materials in the duo’s apartment.
– San Francisco Bay City News See item 5 below in
the Financial Services Sector
• Southwest Airlines reported July 20 that up to 700 flights
across its network were canceled and delayed due to multiple performance issues
with its technology systems following an outage. – IDG News Service
7. July 20,
IDG News Service – (National) Southwest Airlines delay flights after computer
issues. Southwest Airlines reported July 20 that up to 700 flights across
its network were canceled and delayed due to multiple performance issues with
its technology systems following an outage. Normal operations were expected to
be restored July 21. Source: http://www.networkworld.com/article/3098307/southwest-airlines-delays-flights-after-computer-issues.html#jump
• Federal officials issued a public health alert July 21 after the
Washington State Department of Health reported confirmed cases of Salmonella
potentially linked to the use and consumption of Kapowsin Meats Inc.’s, whole
hog roasters prepared for barbecue. – U.S. Department of Agriculture
12. July 21,
U.S. Department of Agriculture – (National) FSIS issues public
health alert for pork product due to possible Salmonella contamination. The
U.S. Department of Agriculture’s Food Safety and Inspection Service (FSIS)
issued a public health alert July 21 after the Washington State Department of
Health notified the FSIS of confirmed case patients involved in a Salmonella
outbreak potentially linked to the use and consumption of Kapowsin Meats
Inc.’s, whole hog roasters prepared for barbecue after a traceback
investigation found three of the case-patients had consumed the pork products.
FSIS personnel are working to remove the products from commerce.
Financial Services Sector
4. July 20,
KRDO 13 Colorado Springs – (Colorado) “Dum-Dum Bandit” robs 3
Colorado banks in 30 days. The FBI is searching July 20 for a man dubbed
the “Dum-Dum” Bandit who is suspected of robbing three banks in Denver since
June, including a U.S. Bank branch July 19.
5. July 20,
San Francisco Bay City News – (California) Police seize 150
credit cards, IDs in counterfeit bust. Two men were arrested in Corona,
California, July 16 after authorities found about 150 counterfeit credit cards,
numerous counterfeit IDs, and an encoding machine, among other illicit
materials in the duo’s apartment after police received information regarding
the illegal activities in May. Officials said the duo used the counterfeit
cards to make fraudulent purchases in Los Angeles, Orange, and Riverside
counties. Source: http://patch.com/california/temecula/police-seize-150-fake-credit-cards-ids-counterfeit-bust
Information Technology Sector
18. July 21,
Help Net Security – (International) Vulnerabilities affecting SAP HANA and SAP
Trex put 10,000 customers at risk. Onapsis released security advisories
reporting on vulnerabilities in SAP High-Performance Analytic Appliance (HANA)
and SAP Trex including a critical risk brute force attack affecting SAP HANA
that could allow an attacker to gain unrestricted access to business
information, and a critical risk remote command execution flaw affecting SAP
Trex that could allow an unauthenticated attacker to modify arbitrary database
information, among other vulnerabilities. Researchers from Onapsis reported the
flaws pose a risk to over 10,000 SAP customers running different versions of
SAP HANA. Source: https://www.helpnetsecurity.com/2016/07/21/sap-vulnerabilities/
19. July 21,
Help Net Security – (International) Cisco plugs critical flaw in data center
operations management solution. Cisco patched a critical vulnerability
affecting its Unified Computing System (UCS) Performance Manager software’s Web
framework after a researcher from the Adidas Group discovered that an attacker
could exploit the vulnerability by sending crafted Hypertext Transfer Protocol
Secure (HTTP) GET requests to an affected system, allowing the attacker to
execute arbitrary commands with root user privileges. Source: https://www.helpnetsecurity.com/2016/07/21/data-center-operations-cisco/
20. July 21,
SecurityWeek – (International) Chrome 52 patches 48 vulnerabilities. Google
released Chrome 52 patching 48 security flaws including 11 high risk flaws and
6 medium severity flaws after external researchers found a high risk sandbox
escape flaw in Pepper Plugin application programming interface (PPAPI), a high
risk uniform resource locator (URL) spoofing on iOS, a use-after-free in
Extensions, and a heap-buffer-overflow issue affecting sfntly, among other
vulnerabilities. Source: http://www.securityweek.com/chrome-52-patches-48-vulnerabilities
21. July 20,
Softpedia – (International) Backdoor account found in Dell network
security products. Researchers from Digital Defense, Inc., (DDI) released
patches addressing six serious security flaws affecting the Dell SonicWALL
Global Management System (GMS) after discovering the equipment had a hidden
account that could be exploited to add non-administrative users via the
command-line interface (CLI) Client, thereby elevating an attacker’s privilege
and allowing the malicious actor full control of the GMS interface and all
attached SonicWALL appliances. DDI researchers also discovered two unauthenticated
root command injections that lead to remote code execution (RCE) with root
privileges on Dell equipment, among other vulnerabilities. Source: http://news.softpedia.com/news/backdoor-found-in-dell-network-security-products-506477.shtml
22. July 20,
SecurityWeek – (International) CrypMIC ransomware emerges as CryptXXX
copycat. Trend Micro security researchers discovered a ransomware dubbed
CrypMIC was mimicking the CryptXXX ransomware family, in that it exploits the
Neurtino exploit kit (EK) to distribute the malware, utilizes the same ransom
note and payment site, and employs a custom protocol via transmission control
protocol (TCP) Port 443 to communicate with its command and control (C&C)
servers, among other similarities. Researchers reported that the source code
and capabilities of the two families are different after finding the CrypMIC
ransomware cannot harvest credentials and related information from the affected
device, as it does not download and execute an information-stealing module on
its process memory. Source: http://www.securityweek.com/crypmic-ransomware-emerges-cryptxxx-copycat
23. July 20,
Threatpost – (International) SoakSoak botnet pushing Neutrino exploit kit
and CryptXXX ransomware. Invincea researchers reported a surge in CryptXXX
ransomware infections targeting popular Web sites running the Revslider
slideshow plugin for Wordpress after discovering the SoakSoak botnet was
delivering the CryptXXX ransomware via business Web sites that were compromised
to redirect to the Neutrino exploit kit (EK). Source: https://threatpost.com/soaksoak-botnet-pushing-neutrino-exploit-kit-and-cryptxxx-ransomware/119379/
Communications Sector
Nothing to report
No comments:
Post a Comment