Complete DHS Report for August 3, 2016
Daily Report
Top Stories
• The FBI announced August 1 that a man dubbed the “Flip-Flop
Bandit” was arrested July 29 after robbing a bank in Pooler, Georgia, and
multiple others in North Carolina, Tennessee, Oklahoma, and Arkansas. – WFMY
2 Greensboro
4. August 1,
WFMY 2 Greensboro – (National) ‘Flip-Flop’ bandit wanted in NC bank robberies
captured in GA. The FBI announced August 1 that a man dubbed the “Flip-Flop
Bandit” was arrested July 29 after robbing a bank in Pooler, Georgia, and
multiple others in North Carolina, Tennessee, Oklahoma, and Arkansas. Source: http://www.wfmynews2.com/news/crime/multi-state-serial-robber-who-hit-ark-banks-caught-in-georgia/285842777
• Northbound lanes of Interstate 75 in Bradenton, Florida, were
closed for approximately 12 hours August 1 after a crash involving 2
semi-trucks and 3 other vehicles caused dozens of gallons of diesel to spill
onto the highway. – WTSP 10 St. Petersburg
8. August 2,
WTSP 10 St. Petersburg – (Florida) NB I-75 lanes in Bradenton
reopen after multi-vehicle crash. Northbound lanes of Interstate 75 in
Bradenton, Florida, were closed for approximately 12 hours August 1 while crews
worked to repair the roadway after a multi-vehicle crash involving 2
semi-trucks and 3 other vehicles caused dozens of gallons of diesel to spill
onto the highway. Source: http://www.wtsp.com/news/traffic/nb-i-75-lanes-closed-due-to-multi-vehicle-crash-in-bradenton/285528903
• New York officials announced August 1 that a bypass was
installed around a leaking sewage pipeline in Amsterdam the weekend of July 30
while crews work to replace the faulty pipes after approximately 500,000
gallons of sewage spilled into the North Chuctanunda Creek since July 25. – Albany
Times Union
18. August 1,
Albany Times Union – (New York) DEC: 500,000 gallons of sewage entered Mohawk
tributary. The New York State Department of Environmental Conservation
(DEC) announced August 1 that a bypass was installed around a leaking sewage
pipeline in Amsterdam, New York, the weekend of July 30 in order to redirect
the city’s sewage while crews work to replace the faulty pipes after
approximately 500,000 gallons of sewage spilled into the North Chuctanunda
Creek, which feeds into the Mohawk River, since July 25. The DEC urged all
municipalities that draw from the Mohawk River to sufficiently treat their
drinking water. Source: http://www.timesunion.com/local/article/Major-sewage-leak-mostly-fixed-in-Amsterdam-8989038.php
• Dr. Web researchers discovered an Android trojan, dubbed
Anrdoid.Spy.305 was plaguing 155 Android apps on the official Google Play Store
and affecting over 2.8 million users in order to deliver ads to a user’s
device. – Softpedia See item 25 below in
the Information Technology Sector
Financial Services Sector
4. August 1,
WFMY 2 Greensboro – (National) ‘Flip-Flop’ bandit wanted in NC bank robberies
captured in GA. The FBI announced August 1 that a man dubbed the “Flip-Flop
Bandit” was arrested July 29 after robbing a bank in Pooler, Georgia, and
multiple others in North Carolina, Tennessee, Oklahoma, and Arkansas. Source: http://www.wfmynews2.com/news/crime/multi-state-serial-robber-who-hit-ark-banks-caught-in-georgia/285842777
5. August 1,
Chicago Sun-Times – (Illinois) Feds: Tips led to capture of ‘North Center
Bandit.’ A man dubbed the “North Center Bandit” was arrested July 29 after
he allegedly robbed a Chase Bank branch in Chicago June 8 and four other North
Side banks since October 2015.
Information Technology Sector
23. August 2,
Softpedia – (International) Windows flaw reveals Microsoft account
passwords, VPN credentials. Researchers discovered an exploit affecting the
way Microsoft Windows handles old authentication procedures for shared network
resources where an attacker could embed a disguised link to a server message
block (SMB) resource inside a Webpage or an email viewed via Outlook that sends
the victim’s login credentials to authenticate on the malicious actor’s domain
once the user accesses the link via Internet Explorer, Edge, or Outlook. The
exploit gives the hacker access to the user’s Microsoft username, virtual
private network (VPN) credentials, or password, which is leaked as a NT LAN
Manager (NTLM) hash. Source: http://news.softpedia.com/news/windows-flaw-reveals-microsoft-account-password-vpn-credentials-506868.shtml
24. August 1,
Softpedia – (International) Data of 200 million Yahoo users pops up for
sale on the Dark Web. Yahoo is investigating a potential data breach after
cyber-criminal Peace_of_Mind (Peace) published a listing on TheRealDeal Dark
Web marketplace that reportedly offers data on over 200 million Yahoo users for
3 bitcoin, or approximately $1,800, including usernames, MD5-hashed passwords,
dates of birth for all users, and in some cases, backup email addresses,
country of origin, and ZIP codes for U.S. users. Source: http://news.softpedia.com/news/data-of-200-million-yahoo-users-pops-up-for-sale-on-the-dark-web-506864.shtml
25. August 1,
Softpedia – (International) Trojan in 155 Google Play Android apps
affects 2.8 million users. Security researchers from Dr. Web discovered a
new variant of the Android.Spy family trojan, dubbed Anrdoid.Spy.305 was
plaguing 155 Android apps on the official Google Play Store and affecting over
2.8 million users by collecting data about the user’s device, including the
email address connected to their Google user account, the name of the app the
trojan leverages for distribution, and the developer ID and software
developer’s kit (SDK) version, among other details in order to deliver ads.
Google released a list of all the apps potentially impacted by the trojan. Source: http://news.softpedia.com/news/trojan-in-155-google-play-android-apps-affects-2-8-million-users-506849.shtml
26. August 1,
SecurityWeek – (International) SSL flaw in Intel Crosswalk exposes apps to
MitM attacks. Intel released updates for its Crosswalk framework after
security researchers from Nightwatch Cybersecurity discovered a serious
vulnerability in the Crosswalk Project library that allows malicious actors to
launch man-in-the-middle (MitM) attacks and capture sensitive information
transmitted by the app after finding that when a user makes a network request
and accepts the initial error message displayed by the app if an invalid Secure
Socket Layer (SSL) certificate is found, the app accepts all future SSL
certificates without validation even when connections are made via different WiFi
hotspots and different certificates.
Communications Sector
Nothing to report
No comments:
Post a Comment