Complete DHS Report for July 19, 2016
Daily Report
Top Stories
• ConAgra Foods Inc., expanded a previous recall July 15 to
include an additional 191,791 pounds of its frozen chicken and beef entrée
products due to potential contamination with metal fragments. – U.S.
Department of Agriculture
11. July 16, U.S.
Department of Agriculture – (National) ConAgra Foods recalls frozen
chicken and beef products due to possible foreign matter contamination. ConAgra
Foods Inc., expanded a previous recall July 15 to include an additional 191,791
pounds of its frozen chicken and beef entrée products sold in 9 variations due
to potential contamination with metal fragments discovered after an
establishment employee found metal fragments while dispensing sugar used to
make the sauce during processing. There have been no confirmed reports of
adverse reactions and the products were shipped to distributors and retail
locations nationwide. Source: http://www.fsis.usda.gov/wps/portal/fsis/topics/recalls-and-public-health-alerts/recall-case-archive/archive/2016/recall-056-2016-release-expansion
• The Jesse Bounds Farm in Oregon sustained significant damage
July 15 following a fire that burned through 15,000 tons of hay, cut power to
the area, and forced surrounding roads to close after the fire began behind a
barn. – KVAL 13 Eugene
12. July 16,
KVAL 13 Eugene – (Oregon) Fire continues to burn on farm north of Junction
City. The Jesse Bounds Farm near Junction City, Oregon, sustained
significant damage July 15 following a fire that burned through 15,000 tons of
hay, cut power to the area, and forced surrounding roads to close after the
fire began behind one of the barns. No injuries were reported and crews were
working to contain the blaze. Source: http://kval.com/news/local/fire-continues-to-burn-on-farm-north-of-junction-city
• Louisiana State Police announced July 17 that a Missouri man
shot and killed three police officers and wounded three others in Baton Rouge July
17 after ambushing the officers and causing a standoff. – CNN
20. July 18,
CNN – (Louisiana) Baton Rouge shooting: 3 officers dead; shooter
was Missouri man, sources say. Louisiana State Police announced July 17
that a Missouri man shot and killed three police officers and wounded three
others in Baton Rouge July 17 after ambushing the officers and causing a
standoff. The suspect was killed in an exchange with police and authorities
were continuing to investigate the incident. Source: http://www.cnn.com/2016/07/17/us/baton-route-police-shooting/
• Canonical officials reported that an attacker exploited a
Structured Query Language (SQL) injection flaw in its Ubuntu Forums to access
and download part of the Forums database, containing usernames, email
addresses, and internet protocol addresses (IPs) for 2 million users. – Help
Net Security See item 21 below in
the Information Technology Sector
Financial Services Sector
4. July 15,
San Francisco Chronicle – (California) ‘Dreaded bandit’ wanted in
series of Bay Area bank robberies. The FBI offered a reward July 15 in
exchange for information leading to the arrest or conviction of a man dubbed
the “Dreaded Bandit” who is suspected of robbing at least three San Francisco
Bay area banks since April, including a Comerica, Inc., bank branch in the Cow
Hollow neighborhood July 11. Authorities stated the suspect is armed. Source: http://www.sfgate.com/crime/article/Dreaded-bandit-wanted-in-series-of-Bay-Area-8380582.php
5. July 14,
U.S. Attorney’s Office, Middle District of Louisiana –
(Louisiana, Mississippi, Texas) Metairie woman convicted of multi-State bank
fraud scheme and aggravated identity theft. A Metairie, Louisiana woman
pleaded guilty July 13 to Federal charges for her role in a multi-State bank
fraud scheme where she stole individual’s personal information and used the
information to create fraudulent credit cards in order to embezzle
approximately $102,257 from victims’ accounts at 21 banks in Louisiana, Texas,
and Mississippi. Source: https://www.justice.gov/usao-mdla/pr/metairie-woman-convicted-multi-state-bank-fraud-scheme-and-aggravated-identity-theft
Information Technology Sector
21. July 18,
Help Net Security – (International) Ubuntu Forums hacked again, 2 million users
exposed. Canonical chief executive officer (CEO) reported that an attacker
exploited a Structured Query Language (SQL) injection flaw in its Ubuntu Forums
to access and download part of the Forums database, containing usernames, email
addresses, and internet protocol addresses (IPs) for 2 million users. Canonical
shut down the database, reset all users’ passwords, and installed a Web
application firewall after being notified that an individual was claiming to
have a copy of the Forums database. Source: https://www.helpnetsecurity.com/2016/07/18/ubuntu-forums-hacked/
22. July 17,
Softpedia – (International) Researcher finds way to steal money from
Instagram, Google, and Microsoft. An independent Belgian security
researcher discovered a flaw in Facebook, Google, and Microsoft’s two-factor
authorization (2FA) voice-based token distribution systems that could allow an
attacker, who has created premium phone services and linked them together with
fake Instagram, Google, and Microsoft Office 365 accounts, to use automated
scripts to request 2FA tokens for all accounts, and by doing so, place
legitimate phone calls to their premium phone service, thereby earning a
substantial profit. Source: http://news.softpedia.com/news/researcher-finds-way-to-steal-money-from-instagram-google-and-microsoft-506387.shtml
23. July 15,
IDG News Service – (International) Cisco patches serious flaws in router and
conferencing server software. Cisco Systems released patches addressing
several vulnerabilities in its Cisco internetwork operating system (IOS), IOS
XR, ASR 5000, WebEx Meetings Server, and Cisco Meeting Server including a high
severity denial-of-service flaw and an arbitrary code execution issue in its
Cisco IOS XR software, two cross-site scripting (XSS) vulnerabilities in the
WebEx Meetings Server version 2.6, and an insure Simple Network Management
Protocol (SNMP) implementation flaw in the ASR 5000 Series platform, among
other vulnerabilities. Source: http://www.computerworld.com/article/3096028/security/cisco-patches-serious-flaws-in-router-and-conferencing-server-software.html#tk.rss_security
24. July 15,
SecurityWeek – (International) Locky ransomware gets offline encryption
capabilities. Security researchers from Avira discovered an update to the
Locky ransomware that allows the ransomware to enter an offline encryption mode
when it cannot connect to the command and control (C&C) server. The
development mimics the Bart ransomware, in that it ensures that the ransomware
can carry out malicious actions even when its Internet connectivity is blocked,
making detection more difficult. Source: http://www.securityweek.com/locky-ransomware-gets-offline-encryption-capabilities
For another story, see item 25 below in the Communications Sector
Communications Sector
25. July 17,
Softpedia – (International) Pokemon GO servers suffer DDoS attack at the
hands of PoodleCorp. The popular gaming app, Pokemon GO, went offline for
several hours July 16 due to a distributed denial-of-service (DDoS) attack
carried out by hacker group PoodleCorp. Source: http://news.softpedia.com/news/pokemon-go-servers-suffer-ddos-attack-at-the-hands-of-poodlecorp-506386.shtml
For another story, see item 22 above in the Information Technology Sector
No comments:
Post a Comment