Complete DHS Report for August 25, 2016
Daily Report
Top Stories
• Ford Motor Company issued a recall August 24 for 77,502 of its
model years 2013 – 2015 vehicles in select makes due to faulty fuel pump
control modules, which may fail and cause the engine to stall while the vehicle
is in motion. – TheCarConnection.com
2. August 24,
TheCarConnection.com – (National) Recalls: 2017 Ford Escape; 2013-15 Ford Flex,
Taurus, Lincoln MKS, MKT; 2015-16 Ford Transit. Ford Motor Company issued a
recall August 24 for 77,502 of its model years 2013 – 2015 vehicles in select
makes sold in the U.S. due to a faulty fuel pump control module which may fail
and cause the engine to stall or shut off while the vehicle is in motion,
thereby increasing the risk of an accident. Ford also issued a recall for
17,985 of its model year 2017 Ford Escape vehicles sold in the U.S. due to
faulty software that can cause the power windows to close with excessive force,
thereby increasing the risk of injury. Source:
• Four private equity fund advisers affiliated with Apollo Global
Management, LLC agreed August 23 to pay $52.7 million to settle charges that
the advisers misled investors and failed to monitor a senior partner who
charged personal expenses to Apollo-advised funds. – U.S. Securities and
Exchange Commission See item 3 below in
the Financial Services Sector
• Four people were arrested in Murfreesboro, Tennessee, August 17
when police discovered 83 magnetic strips in the suspects’ vehicle. – WGNS
1450 AM Murfreesboro See item 4 below in
the Financial Services Sector
• Researchers warned that the Navis WebAccess component of the
Navis maritime transportation logistics software suite was plagued by a
zero-day structured query language (SQL) injection flaw after U.S. ports
suffered cyber-attacks. – Softpedia
7. August 23,
Softpedia – (International) US ports targeted with zero-day SQL injection
flaw. The Industrial Control Systems Cyber Emergency Response Team
(ICS-CERT) warned that the Navis WebAccess component of the Navis maritime
transportation logistics software suite was plagued by a zero-day structured
query language (SQL) injection flaw after U.S. ports reported a series of
attacks that targeted publicly available news-pages in the Navis application
and occurred as a part of the Uniform Resource Locator (URL) string due to a
flaw in the application’s error reporting system. Navis released a patch for
the flaw and ICS-CERT stated all five U.S. companies using the application have
applied the necessary patches. Source: http://news.softpedia.com/news/us-ports-targeted-with-zero-day-sql-injection-flaw-507566.shtml
Financial Services Sector
3. August 23,
U.S. Securities and Exchange Commission – (National) Apollo charged with
disclosure and supervisory failures. The U.S. Securities and Exchange
Commission announced August 23 that 4 private equity fund advisers affiliated
with Apollo Global Management, LLC agreed to pay a $52.7 million settlement to
resolve claims that the Apollo advisers failed to adequately inform investors
about accelerated monitoring fees and benefits the advisers received, failed to
disclose information regarding interest payments made on a loan between an
adviser’s affiliated general partner and 5 funds, and failed to monitor a
senior partner who charged personal expenses to Apollo-advised funds and their
portfolio companies. Source: https://www.sec.gov/news/pressrelease/2016-165.html
4. August 23,
WGNS 1450 AM Murfreesboro – (Tennessee) Four arrested in fraudulent
credit card case in Murfreesboro. Four people were arrested in
Murfreesboro, Tennessee, August 17 when police discovered 83 magnetic strips in
the suspects’ vehicle after the group allegedly used re-encoded credit cards at
an area Walmart store to make multiple fraudulent purchases. Source: http://wgnsradio.com/four-arrested-in-fraudulent-credit-card-case-in-murfreesboro--cms-34556
Information Technology Sector
17. August 24,
Help Net Security – (International) Leaked EXTRABACON exploit can work on newer
Cisco ASA firewalls. Researchers from SilentSignal discovered the
EXTRABACON exploit of the zero-day buffer overflow vulnerability affecting the
Simple Network Management Protocol (SNMP) code of the Cisco Adaptive Security
Appliance (ASA), Private Internet eXchange (PIX), and Firewall Services Module
versions 8.4. (4) and earlier leaked by ShadowBrokers, can also be modified to
compromise ASA version 9.2.(4). Cisco researchers are working to develop a
definite solution of the exploit. Source: https://www.helpnetsecurity.com/2016/08/24/extrabacon-newer-cisco-asa/
18. August 23,
Softpedia – (International) Two free decrypters available for WildFire
ransomware. Kaspersky and Intel McAfee released two decrypters that can
unclock files encrypted by WildFire ransomware infections and are available for
download from the NoMoreRansom Website. Researchers stated that since July 23,
WildFire infected 5,309 devices and earned 136 Bitcoin, or $79,000 from users
paying the ransom. Source: http://news.softpedia.com/news/two-free-decrypters-available-for-wildfire-ransomware-507572.shtml
19. August 23,
Softpedia – (International) Face authentication systems can be bypassed
using a VR headset & Facebook photos. Researchers from the University
of North Carolina at Chapel Hill reported hackers could bypass face
authentication systems on the 1U App, BioID, KeyLemon, Mobius, and True Key
after finding that if an attacker passes a high-resolution photo through a
three-dimensional (3D) modeling software, then transfers the 3D head to a
virtual reality (VR) device, a machine running the facial recognition software
will authenticate the attacker. Researchers found that in photos where the
quality was lower, such as social media photos, the authentication rate was
lower. Source: http://news.softpedia.com/news/face-authentication-systems-can-be-bypassed-using-a-vr-headset-facebook-photos-507568.shtml
For additional stories, see
item 7 above in Top Stories and item 21 below in the Communications Sector
Communications Sector
20. August 24,
Help Net Security – (International) Cybercriminals select insiders to attack
telecom providers. Kaspersky Lab and B2B International researchers reported
that 28 percent of all cyber-attacks involve malicious activity by insiders
after finding that cybercriminals were using insiders to gain access to
telecommunications networks and subscriber data, and recruiting employees
through underground message boards, or through blackmail, forcing the employee
to distribute spear-phishing campaigns on behalf of the attacker, hand over
corporate credentials, or provide information on the company’s internal systems
in order to hack a targeted telecommunications firm.
21. August 24,
Softpedia – (International) Critical flaws let attackers hijack cellular
phone towers. Security researchers from Zimperium discovered three critical
flaws affecting software packages from Legba Incorporated, Range Networks, and
OsmoCOM, among other vendors running on Base Transceiver Station (BTS)
stations, including a flaw in a core BTS software service that exposes the
device to external connections, which could allow an attacker to reach the BTS
station’s transceiver and take remote control of the BTS station, extract
information from the passing data, alter Global System for Mobile
Communications (GSM) traffic, or crash the station. Researchers also discovered
a memory buffer overflow bug that could allow an attacker to run malicious code
on the device, and an issue that allows an attacker to remotely execute
commands on the station’s transceiver module without administrative
credentials. Source: http://news.softpedia.com/news/critical-flaws-let-attackers-hijack-cellular-phone-towers-507579.shtml
No comments:
Post a Comment