Friday, April 8, 2016



Complete DHS Report for April 8, 2016

Daily Report                                            

Top Stories

• Two California men and a New Jersey woman were arrested and charged April 4 in Nashua, New Hampshire, after authorities found over 250 counterfeit credit and debit cards, and more than 20 gift cards in the trio’s vehicle. – NH1.com See item 8 below in the Financial Services Sector

• Dell SecureWorks released a report stating that the underground hacker market offered buying customers a plethora of services to hack the commercial facilities sector, the transportation sector, and the financial sector, among others. – SecurityWeek See item 25 below in the Information Technology Sector

• Officials signed a two-part agreement with the governors of Oregon and California April 6, agreeing to tear down four hydroelectric dams along the Klamath River, among other actions, after discovering the dams were preventing salmon from migrating to historic spawning grounds and degrading the water quality. – Associated Press

29. April 6, Associated Press – (California; Oregon) Officials sign unusual pact to tear down hydroelectric dams. The U.S. Interior Secretary signed a two-part agreement with the State governors of Oregon and California April 6, agreeing to tear down four hydroelectric dams along the Klamath River, restore tribal lands, provide additional water for farmers and ranchers, as well as continue to work on a six-year-old settlement, among other actions, after discovering the dams were preventing salmon from migrating to historic spawning grounds and degrading the water quality, thereby causing fish disease and an algae surge. Officials stated the project will be one of the largest river restoration plans in U.S. history. Source: http://abcnews.go.com/US/wireStory/officials-sign-unusual-pact-tear-klamath-dams-38202127

• Officials announced April 6 that repairs to the Lewisville Lake dam will begin in 2018 after a “sand boil” was found near the dam that could cause dam failure and potential floodwaters in downtown Dallas. – Dallas Morning News

30. April 6, Dallas Morning News – (Texas) High-risk Lewisville Lake dam gets congressional funding for important safety improvements. The U.S. Army Corps of Engineers announced April 6 that they will accelerate repairs to the Lewisville Lake dam to begin in 2018, two years earlier than scheduled after officials found a “sand boil” near the dam, indicating a potential tunnel underneath the infrastructure that could cause dam failure, displacement of 431,000 people, innumerable deaths, potential floodwaters in downtown Dallas, and about $21 billion in damages. In addition, the project will include additional monitoring equipment, a new drainage system, and spillway anchors to ensure the water does not sweep dirt as it flows. Source: http://thescoopblog.dallasnews.com/2016/04/high-risk-lewisville-lake-dam-gets-congressional-funding-for-safety-improvements.html/

Financial Services Sector

8. April 6, NH1.com – (New Hampshire; North Carolina; Massachusetts) Police: 3 people arrested for credit card scam, over 250 counterfeit credit/debit cards found. Two California men and a New Jersey woman were arrested and charged April 4 in Nashua, New Hampshire, after authorities found over 250 counterfeit credit and debit cards, more than 20 gift cards, and receipts originating from North Carolina in the trio’s vehicle. A subsequent search of the group’s two hotel rooms in Tewksbury, Massachusetts, revealed a laptop computer, a card reader and coder, a box of blank cards, and a large quantity of gift cards. Source: http://www.nh1.com/news/police-3-people-arrested-for-credit-card-scam-over-250-counterfeit-credit-debit-cards-found/

For another story, see item 25 below in the Information Technology Sector

Information Technology Sector

20. April 7, Softpedia – (International) Google reCAPTCHA cracked in new automated attack. Three security researchers developed a new automated attack that can bypass Google’s reCAPTCHA system and Facebook’s CAPTCHAS systems’ security measures and machine learning after solving the systems’ image answers security protocol with a 70.78 percent success rate when conducting studies on 2,235 CAPTCHAs. The new attack proved a higher degree of accuracy than previously reported and could potentially allow malicious hackers to conduct the same attack.Source: http://news.softpedia.com/news/google-recaptcha-cracked-in-new-automated-attack-502677.shtml

21. April 7, SecurityWeek – (International) OSVDB shut down permanently. Leaders of the Open Sourced Vulnerability Database (OSVDB) reported that its database will be shut down permanently due to the lack of support and contribution from the Information Technology (IT) industry. The project’s blog will remain active to help provide commentary on items related to the vulnerability world. Source: http://www.securityweek.com/osvdb-shut-down-permanently

22. April 7, The Register – (International) Remote code execution found and fixed in Apache OpenMeetings. A hacker from Recurity Labs discovered four vulnerabilities including a remote code execution (RCE) flaw, a predictable password reset token, and an arbitrary file read flaw in Apache OpenMeetings, a popular virtual meetings and shared whiteboard application, that could allow an unauthenticated attacker to gain remote code execution on the system to hijack installations of the product. To exploit the flaw, attackers only need to identify the administrator’s username. Source: http://www.theregister.co.uk/2016/04/07/apache_openmeetings_remote_code_exec/

23. April 6, Agence France-Presse – (International) Police raids target cyber-criminals in four countries: Germany. Approximately 700 international police officers participated in coordinated multi-national raids in the Netherlands, France, Canada, and Germany to arrest globally active hackers and a variety of Internet criminals that offered illicit services such as disguising malware from anti-virus programs to steal online passwords and banking information, among other actions. Officials reported that they arrested a chief suspect and confiscated about 300 computers and disks. Source: http://www.securityweek.com/police-raids-target-cyber-criminals-four-countries-germany

24. April 6, SecurityWeek – (International) Vulnerabilities continue to plague industrial control systems. The DHS Industrial Control Systems-Computer Emergency Readiness Team (ICS-CERT) released three security advisories on industrial control systems (ICS) that detailed vulnerabilities originally found and reported by independent researchers. The advisories indicated that critical infrastructure and industrial networks were still inundated with serious flaws. Source: http://www.securityweek.com/vulnerabilities-continue-plague-industrial-control-systems

25. April 6, SecurityWeek – (International) Hackers will break into email, social media accounts for just $129. Dell SecureWorks released a report which revealed that the underground hacker market, a virtual space for those interested in hiring a hacker to compromise a Gmail, Hotmail, or Yahoo account, only required customers to pay $129 for hacking personal email services and required customers to pay $500 to compromise corporate email accounts. In addition, the report stated the underground market offered a plethora of hacking services to buying customers including services to hack the commercial facilities sector, the transportation sector, and the financial sector, among others. Source: http://www.securityweek.com/hackers-will-break-email-social-media-accounts-just-129

Communications Sector

26. April 7, Softpedia – (International) CSRF bug in over 135 million ARRIS modems lets anyone factory reset the devices. A security researcher discovered a cross-site request forgery (CSRF) bug in ARRIS SURFboard SB6141 model that could allow an attacker to reset and/or factory reset the devices by using the administrative panel’s Internet Protocol (IP) inside scripts to automate attacks due to the devices unprotected Web-based administration panel, which is open to users on the local network. The researcher noted that over 135 million affected models were used internationally.