Complete DHS Report for February 5, 2016
Daily Report
Top Stories
• Honda Motor Co., Ltd. expanded a February 1 recall
February 3 and added an additional 2.23 million of its Acura and Honda vehicles
due to potentially defective Takata PSDI-5 driver-side inflators which could
rupture and kill vehicle occupants. – Reuters
2. February
4, Reuters – (International) Honda adds 2.2 million vehicles to Takata air
bag recall. Honda Motor Co., Ltd. expanded a February 1 recall February 3
and added an additional 2.23 million of its model years 2005 – 2016 Acura and
Honda vehicles sold in the U.S., following the recall of 269,000 similar models
sold in Canada that were equipped with potentially defective Takata PSDI-5
driver-side inflators which could rupture and kill vehicle occupants. The
automaker also recalled 341,000 of its model years 2008 – 2010 Honda Accords
due to a defect in the supplemental restraint system’s electronic control unit,
which could result in airbags failing to deploy.
• A boil water advisory was issued February 4 for thousands
of businesses, residents, and five schools in North Fort Worth after an
operational error led to the draining of an elevated water tank. – KTVT 11
Fort Worth
8. February
4, KTVT 11 Fort Worth – (Texas) Thousands told to boil drinking
water in far North Fort Worth. A boil water advisory was issued February 4
for thousands of businesses, residents, and five schools in North Fort Worth
while officials run contamination test following an operational error that lead
to the draining of an elevated water tank, resulting in a dramatic pressure
decrease in parts of the water system. The drop in pressure could allow
microbes and harmful bacteria to get into the water. Source: http://dfw.cbslocal.com/2016/02/04/thousands-asked-to-boil-drinking-water-far-north-fort-worth/
• The governor of Florida declared a state of emergency
February 3 in four counties where a total of nine people were diagnosed with
travel-related cases of the Zika virus. – ABC News
11. February
3, ABC News – (Florida) Florida gov. declares state of emergency in
counties with Zika virus. The governor of Florida declared a state of
emergency February 3 in four counties where a total of nine people were
diagnosed with travel-related cases of the Zika virus. The Florida Department
of Health is working with Federal health officials and medical centers in the
State to monitor the virus. Source: http://abcnews.go.com/Health/florida-gov-declares-state-emergency-counties-zika-virus/story?id=36696887
• The U.S. Internal Revenue Service announced that it
suffered a hardware failure February 3, which caused several of its tax
processing systems to go offline through at least February 4 while the agency
worked to repair and restore operations. – USA Today; Associated Press
13. February
4, USA Today; Associated Press – (National) IRS computer
problems shut down e-file system. The U.S. Internal Revenue Service
announced that it suffered a hardware failure February 3, which caused several
of its tax processing systems to go offline through at least February 4 while
the agency worked to repair and restore operations. Source: http://www.usatoday.com/story/money/business/2016/02/03/irs-computer-problems/79792890/
Financial Services Sector
3. February
3, KRGV 5 Weslaco – (International) 2 doctors facing charges in wire fraud case. Two
doctors from a family medicine clinic in Mexico were charged February 3 for
their roles in a $5 million insurance benefits scheme in which the pair
allegedly conspired with American Family Life Insurance Company (AFLAC)
policyholders to prepare over 50,000 fraudulent claim forms and accident
reports, file the false claims in the McAllen area, and then deliver the claims
to the clinic in Mexico to receive benefit checks from the insurance company
from September 2001 – August 2010.
For another story, see item 13 above in Top Stories
Information Technology Sector
16. February
4, SecurityWeek – (International) Cisco patches high severity flaws in several
products. Cisco released software updates for its Application Policy
Infrastructure Controller (APIC) and several other products that patched high
severity vulnerabilities including a denial-of-service (DoS) flaw in Nexus 900
switches, a remote authentication flaw in ASA-CX and Prime Security Manager
(PRSM), and a logic issue in the role-based access control (RBAC) processing
code that allowed unauthenticated attackers to make configuration changes. In
addition, Cisco released advisories detailing three medium severity issues that
have yet to be patched.
17. February
4, SecurityWeek – (International) Serious Crypto flaw found in Socat tool. A
security researcher from Microsoft discovered a backdoor in the networking
utility, Socat versions 1.7.3.0 and 2.0.0-b8 that could allow attackers to
eavesdrop on communications and recover the shared secret from a key exchange
within its encrypted channels after finding that to the “p” parameter in
1024-bit Diffie-Hallman (DH) was not prime. Source: http://www.securityweek.com/serious-crypto-flaw-found-socat-tool
18. February
4, SecurityWeek – (International) Flaws expose Sauter SCADA systems to
takeover. Sauter released firmware updates for its moduWEB Vision SCADA
products after a researcher from Outpost24 discovered multiple vulnerabilities
could be exploited by a remote attacker to take control of the products via a
pass the hash attack. The attack can be administered through the use of default
accounts, which have the password hash for the administrative account as a
backup feature.
19. February
3, Computerworld – (International) Google expands Chrome’s Safe Browsing
defenses to sniff out ad scams. Google reported February 3 that it is
expanding its Safe Browsing technology to help protect users from misleading
embedded content, such as social engineering ads which deceived users into
providing their personal information and convinced users to download malware
disguised as updates for name-brand software. Source: http://www.computerworld.com/article/3029735/internet/google-expands-chromes-safe-browsing-defenses-to-sniff-out-ad-scams.html#tk.rss_security
20. February
3, SecurityWeek – (International) Microsoft EMET adds Windows 10 compatibility.
Microsoft released updated version 5.5 for its Enhanced Mitigation
Experience Toolkit (EMET) to include Windows 10 capability and several other
improvements including enhanced writing of the mitigations to the registry,
ease in leveraging existing tools to manage EMET mitigations via Group Policy
(GPO), and support for untrusted fonts mitigation in Windows 10.
Communications Sector
Nothing to report