Complete DHS Report for July 11, 2016
Daily Report
Top Stories
• A security researcher from Vulnerability Lab reported July 7
that BMW’s ConnectDrive Web portal was plagued with two zero-day
vulnerabilities including a cross-site scripting (XSS) flaw and a session
vulnerability. – Softpedia
4. July 8,
Softpedia – (International) Zero-days in BMW web portal let hackers
tamper with customer cars. A security researcher from Vulnerability Lab
reported July 7 that BMW’s ConnectDrive Web portal was plagued with two
zero-day vulnerabilities including a cross-site scripting (XSS) flaw and a
session vulnerability that can allow an attacker to bypass Vehicle
Identification Number (VIN) session validation and use another car’s VIN to
access and edit another user’s car settings. BMW has yet to patch the flaws. Source:
http://news.softpedia.com/news/zero-days-in-bmw-web-portal-let-hackers-tamper-with-customer-cars-506103.shtml
• The chief of the Dallas Police Department announced July 8 that
at least three gunman shot and killed five police officers and wounded seven
others during a protest in Dallas July 7 over fatal police shootings in other
States. – Associated Press
16. July 8,
Associated Press – (Texas) Police: 5 officers dead, 7 hurt in Dallas protest
shooting. The chief of the Dallas Police Department announced July 8 that
at least three gunman shot and killed five police officers and wounded seven
others during a protest in Dallas July 7 over fatal police shootings in other
States. One suspect was killed in an exchange with police and authorities were
continuing to investigate the incident while searching for other suspects
involved in the shootings.
• Senrio security researchers found that over 120 other D-Link
products were plagued with the same remote-code execution (RCE) flaw found in
the D-Link Network Cloud Cameras that could allow attackers to execute
arbitrary code on the devices. – Softpedia See
item 19 below in the Communications
Sector
• Wendy’s fast food restaurant released an updated database July 7
which revealed that addition restaurant locations may have been affected by a
2015 security breach. – United Press International; Wall Street Journal
22. July 7,
United Press International; Wall Street Journal –
(National) Wendy’s says credit, debit card breach affected over a thousand
U.S. locations. Wendy’s restaurant released an updated database July 7
which revealed that addition restaurant locations may have been affected by a
2015 security breach after the company discovered malware on the company’s
point-of-sale (PoS) systems May 2016. Company officials allegedly believe more
than 1,000 nationwide locations were affected.
Financial Services Sector
7. July 8,
Huntsville Times – (National) Former Regions Bank VPs indicted in bribery, wire
fraud scheme. Two former vice presidents at Regions Bank, who also served
as officers at Regions Equipment Financing Corp., (REFCO) in Birmingham,
Alabama, were indicted July 7 for their roles in a $5 million bribery and wire
fraud scheme where the duo and a co-conspirator allegedly established a
fraudulent company, Residual Assurance Inc., that would enter an agreement with
REFCO to provide residual value insurance, directed REFCO’s residual value
insurance business to the company, and split the business’s proceeds between
September 2010 and November 2015. The charges allege that the former executives
collectively received over $3 million for their roles in the scheme. Source: http://www.al.com/news/index.ssf/2016/07/former_regions_bank_vps_indict.html
Information Technology Sector
18. July 7,
Softpedia – (International) New “Patchwork” cyber-espionage group uses
copy-pasted malware for its attacks. Security researchers from Cymmetria
reported that a new cyber-espionage group dubbed, Patchwork Advanced Persistent
Threat (APT) was seen infecting at least 2,500 machines since December 2015 and
can infect an underlying operating system (OS) with their malware using
spear-phishing emails that contain PowerPoint files as attachments, which are
embedded with the Sandworm exploit. The cyber criminals use an assortment of
copy-pasted code from known malware such as PowerSploit, Meterpreter, Autolt,
and UACME. Source: http://news.softpedia.com/news/new-patchwork-cyber-espionage-group-uses-copy-pasted-malware-for-its-attacks-506101.shtml
For
additional stories, see item 4 above in Top Stories
and
19 below in the Communications Sector
Communications Sector
19. July 8,
Softpedia – (International) D-Link vulnerability affects over 120
products, 400,000 devices. Security researchers from Senrio discovered that
over 120 other D-Link products were plagued with the same remote-code execution
(RCE) vulnerability found in the D-Link DCS-930L Network Cloud Cameras that
could allow attackers to execute arbitrary code on the devices. Researchers
reported that an alleged 400,000 D-Link products could be affected.
No comments:
Post a Comment