Wednesday, February 3, 2016



Complete DHS Report for February 3, 2016

Daily Report                                            

Top Stories

• A snow storm February 1 forced the cancellation of hundreds of flights in the Denver area, closed part of Interstate 70 in Eastern Colorado, and caused a pileup on Interstate 80 in Nevada due to whiteout conditions. – Associated Press

7. February 2, Associated Press – (National) Colorado snowstorm sets stage for slick conditions. A snow storm February 1 forced the cancellation of a third of the flights traveling out of the Denver International Airport as well as the closure of Interstate 70 in Eastern Colorado due to whiteout conditions. The snowy weather also caused a pileup on Interstate 80 in Nevada and heavy winds in Southern California knock down power poles and trees, killing one driver. Source: http://www.chicagotribune.com/news/weather/sns-bc-us--severe-weather-20160202-story.html

• The U.S. Centers for Disease Control and Prevention announced February 1 that 2 separate E. coli outbreaks at Chipotle Mexican Grill, Inc., were over following a Federal investigation. – CNBC; Associated Press

14. February 1, CNBC; Associated Press – (National) CDC declares Chipotle-linked E. coli outbreak over. The U.S. Centers for Disease Control and Prevention announced February 1 that 2 separate E. coli outbreaks at Chipotle Mexican Grill, Inc., which sickened 60 people across 14 States, were over following a Federal investigation. Officials were unable to identify the ingredient responsible for the contamination. Source: http://www.cnbc.com/2016/02/01/cdc-declares-chipotle-linked-e-coli-outbreak-over.html

• Neiman Marcus Group reported that approximately 5,200 online customer accounts were compromised February 2 after hackers used stolen credentials from other breached organizations to abuse the company’s database and make unauthorized purchases. – SecurityWeek

26. February 2, SecurityWeek – (International) Neiman Marcus says hackers breached customer accounts. Neiman Marcus Group reported that approximately 5,200 online customer accounts which stored customers’ personal contact information, last four digits of credit card numbers, and purchase history were compromised February 2 after hackers used stolen credentials from other breached organizations to abuse the company’s database and make unauthorized purchases on Neiman Marcus Web sites. The luxury retail store is investigating the incident and notified its customers the week of January 25 of the breach. Source: http://www.securityweek.com/neiman-marcus-says-hackers-breached-customer-accounts

• Landry’s Incorporated reported February 1 that its payment processing system was compromised at several of its locations after the company found a malicious program installed onto its payment processing systems. – KPLC 7 Lake Charles

27. February 2, KPLC 7 Lake Charles – (Louisiana) Data breach at Golden Nugget may affect you. Landry’s Incorporated reported February 1 that its payment processing system was compromised at several of its locations including the Golden Nugget Casino in Lake Charles, Louisiana after the company found a malicious program installed onto its payment processing systems at its restaurants, food and beverage outlets, spas, entertainment destinations, and managed properties. The company has implemented enhanced security measures to mitigate future breaches and advised customers to monitor their bank accounts for any suspicious activity. Source: http://www.kplctv.com/story/31114015/data-breach-at-golden-nugget-may-affect-you

Financial Services Sector

5. February 1, U.S. Drug Enforcement Administration – (International) DEA and European authorities uncover massive Hizballah drug and money laundering scheme. The U.S. Drug Enforcement Administration (DEA) announced February 1 significant enforcement activity including the arrests of top leaders of the European cell of the Lebanese Hizballah’s External Security Organization Business Affairs Component (BAC) as part of Project Cassandra, an ongoing global investigation that involves law enforcement agencies in seven countries, which found that the network participates in international criminal activities such as drug trafficking cocaine to European and U.S. drug markets, laundering drug proceeds through the Black Market Peso Exchange, and using the proceeds to provide revenue and a weapons stream for Hizballah’s activities in Syria and worldwide. Source: http://www.dea.gov/divisions/hq/2016/hq020116.shtml
 
Information Technology Sector

22. February 2, Softpedia – (International) Compromised WordPress sites hijacked over and over again to show unwanted ads. Security researchers from Sucuri discovered a new campaign that targets WordPress Web sites after finding that all of the sites’ JavaScript files were infected with malicious codes to load an iframe, show advertisements, and leave an unknown backdoor on each Web page with the intention to reinfect Web sites once the pages were cleaned. Researchers reported that if victims hosted several domains on the same hosting account, all of the domains will be affected via cross-site contamination. Source: http://news.softpedia.com/news/compromised-wordpress-sites-hijacked-over-and-over-again-to-show-unwanted-ads-499775.shtml

23. February 2, Softpedia – (International) Deja-Vu: Google fixes another RCE vulnerability in the Mediaserver component. Google released patches for its Android mobile operating system (OS) fixing 13 flaws including 3 elevation of privilege issues in the Qualcomm Wi-Fi driver, and 2 remote code execution (RCE) vulnerabilities in its Mediaserver component that allowed an attacker to craft a malicious multimedia file and cause a memory corruption in the phone’s OS, among other exploits.

24. February 1, Softpedia – (International) Joomla zero-day accounted for the majority of web attacks in Q4 2015. The Solutionary Security Engineering Research Team (SERT) released a report titled, “Sert Quarterly Threat Report Q4 2015” which stated that malware attacks had increased during the past quarter, with virus and worm numbers increasing by 236 percent compared to Quarter 3 (Q3) and that ransomware attacks were growing within the U.S., accounting for 78 percent of all malware delivered during Quarter 4 (Q4). In addition, the report stated most violations were Web applications that targeted flaws in Web-based software and leveraged the Joomla zero-day vulnerability in Q4, among other information. Source: http://news.softpedia.com/news/joomla-zero-day-accounted-for-the-majority-of-web-attacks-in-q4-2015-499742.shtml

25. February 1, The Register – (International) WirelessHART industrial control kit is riddled with security holes. Security researchers from Applied Risk discovered several flaws in various WirelessHART products that could enable attackers to manipulate instruments and compromise process data integrity due to its low security protocol within its implementation layer, allowing hackers to extract the encryption key. Source: http://www.theregister.co.uk/2016/02/01/wirelesshart_ics_vuln/

Communications Sector

Nothing to report