Complete DHS Report for February 11, 2016
Daily Report
Top Stories
• Daimler AG and Volkswagen issued precautionary recalls
February 10 for a total of 1.5 million vehicles sold in the U.S. due to
potentially faulty Takata Corporation airbags. – CNN Money
3. February
10, CNN Money – (National) German carmakers recall U.S. vehicles over airbags.
Daimler AG and Volkswagen issued precautionary recalls February 10 for a
total of 1.5 million vehicles sold in the U.S. due to potentially faulty Takata
Corporation airbags that can explode when activated and release shrapnel inside
the vehicle, which has resulted in 9 deaths in the U.S. The recall includes
840,000 model years 2005 – 2014 Daimler vehicles and 680,000 model years 2006 –
2014 Volkswagen vehicles. Source: http://money.cnn.com/2016/02/10/news/companies/daimler-takata-airbag-recall/
• Officials issued a precautionary boil-water advisory for
Flint, Michigan residents February 10 after a February 9 water main break. – CNN
10. February
10, CNN – (Michigan) Adding insult to injury: Flint issues boil-water
advisory after water main break. Officials announced a precautionary
boil-water advisory for Flint residents February 10 after a February 9 water
main break decreased water pressure and may have allowed bacteria in the water.
In addition, the governor of Michigan asked for an additional $195 million in
funding for the current lead water crisis. Source: http://www.cnn.com/2016/02/10/politics/flint-water-crisis/
• Security researchers from Kaspersky Lab researchers
reported that the Poseidon Group has been targeting international financial
sectors, telecommunications sectors, critical manufacturing sectors, and energy
sectors to collect information from company networks via spear-phishing
packages. – The Register See
item 22 below in the Information Technology Sector
• Five men in Jacksonville, Florida, were arrested February
9 and charged for their involvement in a grand theft cargo scheme that netted
$1.5 million. – WJXT 4 Jacksonville
27. February
9, WJXT 4 Jacksonville – (Florida) Five arrested in Florida cargo
theft ring. The Jacksonville Sheriff’s Office arrested and charged five men
for their involvement in a grand theft cargo scheme February 9 after the men
allegedly stole $1.2 million worth of merchandise by stealing eight parked
semi-trucks from five Florida counties and selling the stolen properties for
monetary goods on the black market. Source: http://www.news4jax.com/news/crime/five-arrested-in-florida-cargo-theft-ring
Financial Services Sector
4. February
9, U.S. Securities and Exchange Commission – (International) Monsanto
paying $80 million penalty for accounting violations. The U.S. Securities
and Exchange Commission (SEC) announced February 9 that St. Louis-based
Monsanto Company agreed to pay an $80 million penalty and retain an independent
compliance consultant to settle charges that the company violated accounting
rules and misstated company earnings related to a rebate program tied its
flagship product, Roundup, after an SEC investigation found that the company
improperly accounted for millions of dollars in rebates to retailers and
distributors and misstated its consolidated earnings during a 3-year period.
Three accounting and sales executives also agreed to pay penalties for their
roles in the scheme. Source: https://www.sec.gov/news/pressrelease/2016-25.html
5. February
9, U.S. Attorney’s Office, Northern District of Alabama – (National)
IRS employee pleads guilty to $1 million ID theft tax fraud scheme. A
former U.S. Internal Revenue Service (IRS) employee who worked in the Taxpayer
Advocate Services office in Alabama pleaded guilty February 8 in Federal court
for her role in a tax-fraud scheme where she used her IRS computer access to
steal taxpayers’ identities and file up to $1.5 million in fraudulent tax
returns from 2008 – 2011. The former employee worked with three other
co-conspirators who were charged for their roles in the scheme. Source: http://www.justice.gov/usao-ndal/pr/irs-employee-pleads-guilty-1-million-id-theft-tax-fraud-scheme
For another story, see item 22 below in the Information Technology Sector
Information Technology Sector
15. February
10, Softpedia – (International) Linode VPS host accidentally deploys servers
with the same SSH key. Linode reported that its virtual private servers
(VPS) hosted on Ubuntu machines could have been susceptible to
man-in-the-middle (MitM) attacks after the company disseminated Ubuntu 15.0
images to some of its clients’ server, which used the same hard-coded secure
shell (SSH) key. The company stated its customers need to reconfigure the SSH
daemon and run a specific shell command to fix the vulnerability. Source: http://news.softpedia.com/news/linode-vps-host-accidentally-deploys-servers-with-the-same-ssh-key-500192.shtml
16. February
10, SecurityWeek – (International) Microsoft patches critical flaws in Windows,
Browsers. Microsoft released several patches for its products including
patches for 22 Flash Player flaws used in Internet Explorer 10, 11, and Edge,
and patched a critical memory corruption flaw in Windows Journal, a remote code
execution (RCE) flaw, and a denial-of-service (DoS) flaw, among other patched
vulnerabilities. Source: http://www.securityweek.com/microsoft-patches-critical-flaws-windows-browsers
17. February
10, IDG News Service – (International) Google will stop accepting new Flash ads on
June 30. Google reported that it will stop accepting new Adobe Flash-based
display ads for AdWords and DoubleClick Digital Marketing, and will not permit
Flash ads on its Display Network or DoubleClick after January 2017 due to the
frequent security vulnerabilities within Flash Players. Source: http://www.computerworld.com/article/3031908/security/google-will-stop-accepting-new-flash-ads-on-june-30.html#tk.rss_security
18. February
9, Softpedia – (International) Tool for hacking facebook accounts contains
Remtasu spyware. The Win32/Remtasu.Y malware, also known as Remtasu, was
reported infecting computer systems through different variants and through an
app named Hack Facebook to log keystrokes, steal data from clipboard, save the
information to local files, and upload the information to a remote file
transfer protocol (FTP) server by duplicating itself to the Windows System32
folder saved as InstallerDir and creating a registry key that executes the
malware process each time a user starts their computer. Researchers reported an
antivirus program should help detect the malware. Source: http://news.softpedia.com/news/tool-for-hacking-facebook-accounts-contains-remtasu-spyware-500132.shtml
19. February
9, SecurityWeek – (International) Nuclear EK gate uses decoy CloudFlare DDoS
check page. Security researchers from Malwarebytes reported that hackers
were using malvertising attacks to deceive users into visiting a rogue domain
similar to CloudFlare’s distributed denial of service (DDoS) check page, that
contained the Nuclear exploit kit (EK) to compromise a user’s system.
CloudFlare reported the fraudulent domain was not associated with its security
firm. Source: http://www.securityweek.com/nuclear-ek-gate-uses-decoy-cloudflare-ddos-check-page
20. February
9, SecurityWeek – (International) Adobe patches flaws in Flash, Photoshop,
Connect. Adobe release security updates and patches for its Flash Player,
Photoshop, Bridge, Connect, and Experience Manager that addressed several
vulnerabilities including 22 memory corruption flaws that can be exploited for
arbitrary code execution, a content spoofing flaw, a cross-site request forgery
flaw, and an insufficient input validation flaw affecting a Uniform Resource
Locator (URL), among other vulnerabilities. Source: http://www.securityweek.com/adobe-patches-flaws-flash-photoshop-connect
21. February
9, IDG News Service – (International) Google adds warning to unencrypted emails. Google
released a new security feature in its email services that warned users when a
recipient’s email does not support transport layer security (TLS) encryption
and reminded users to be mindful of transmitting or revealing sensitive
information via email. The new feature will use a small red unlocked padlock
icon to warn users of the various security levels. Source: http://www.computerworld.com/article/3031223/security/google-adds-warning-to-unencrypted-emails.html#tk.rss_security
22. February
9, The Register – (International) Sophisticated malware-as-a-racket fraudsters
have been scamming businesses for 10 years. Security researchers from
Kaspersky Lab reported that the Poseidon Group, a global cyber-espionage group,
has been targeting international financial sectors, telecommunications sectors,
critical manufacturing sectors, and energy sectors to collect information from
company networks via spear-phishing packages that are embedded with executable
elements inside Word documents, and using the information to blackmail victim
companies into contracting the Poseidon Group as a security firm. Researchers
found that several of the infections were found to have a very short life span
which contributed to the malware being undetectable.
Communications Sector
See item 22 above in the Information Technology
Sector