Thursday, April 14, 2016



Complete DHS Report for April 14, 2016

Daily Report                                            

Top Stories

• Southcross Energy Partners announced April 12 that 2 people were killed and 1 other was injured after they were blown out of a manhole near Woodsboro when about 800 pounds of pressure leaked following equipment failure. – Corpus Christi Caller Times

2. April 12, Corpus Christi Caller-Times – (Texas) 2 killed, 1 hurt in gas pressure leak. Southcross Energy Partners announced April 12 that two people were killed and a third person was injured after they were blown out of a manhole near Woodsboro when about 800 pounds of pressure leaked following equipment failure. The company is investigating the incident. Source: http://www.caller.com/news/local/2-killed-1-hurt-in-gas-pressure-leak-30517430-79c5-4a23-e053-0100007f5877-375479971.html

• A woman pleaded guilty April 12 for her role in a scheme involving at least 4 co-conspirators where they offered caregiver services and provided legal wills through Linwood-based A Better Choice, bilking over $2.7 million from 12 elderly clients between January 2003 and December 2012. – Press of Atlantic City

11. April 12, Press of Atlantic City – (New Jersey) Linwood woman admits to bilking millions from elderly. A woman pleaded guilty April 12 for her role in a scheme where she identified potential elderly clients and offered them caregiver services through Linwood-based A Better Choice, bilking over $2.7 million from 12 clients from January 2003 through December 2012. The woman worked with at least four other co-conspirators to provide caregiver services and provide legal wills and powers of attorney for the clients.

• Symantec Corporation reported that in 2015 over half a billion personal records were stolen or lost and that data breaches grew by 85 percent from 2014. – Softpedia See item 19 below in the Information Technology Sector

• BAE Systems researchers discovered an improved version of the Qbot malware had affected more than 54,000 international machines with 85 percent of infections reported in the U.S. – SecurityWeek See item 20 below in the Information Technology Sector

Financial Services Sector

Nothing to report

Information Technology Sector

16. April 13, SecurityWeek – (International) Adobe patches flaws in Creative Cloud, RoboHelp. Adobe released Creative Cloud version 3.6.0.244, which patched an important vulnerability in the sync process that affected Creative Cloud Libraries version 3.5.1.209 and earlier versions, as well as a security hotfix for RoboHelp Server version 9, which patched a critical vulnerability linked to the Structured Query Language (SQL) queries that could lead to information disclosure, among other patched vulnerabilities. Source: http://www.securityweek.com/adobe-patches-flaws-creative-cloud-robohelp

17. April 13, SecurityWeek – (International) Another IBM Java patch bypassed by researchers. Researchers from Security Explorations discovered that IBM’s patch for Java’s “issue 70” was inefficient and could be easily bypassed and exploited for a complete sandbox escape flaw against Java versions 7 and 8 after the patches did not address the root causes of the vulnerabilities or introduce security checks into the code. Security Explorations published a report advising how IBM’s patch can be bypassed and released a Proof-of-Concept (PoC) code for the flaw.

18. April 12, SecurityWeek – (International) Links found between different ransomware families. Researchers from AlienVault released a report addressing several similarities between PowerWare and PoshCoder ransomware including the use of the RijndaelManaged class and that both ransomware encrypt the same file types, which suggests that the two threats are connected. In addition, the report stated several similarities between Rokku and Chimera ransomware including the use of the ReflectiveLoader function, which is used in both ransomware for reflective dynamic link library (DLL) injection to load a library from memory into a host process.

19. April 12, Softpedia – (International) Over half a billion personal records were stolen or lost in 2015. Symantec Corporation released a report which stated that in 2015 many companies avoided disclosing the full details of their data breaches after researchers found that over 429 million records were lost or stolen and that data breaches grew by 85 percent compared to data breaches in 2014. In addition, the report stated that 75 percent of popular Web sites had major vulnerabilities; of which, 15 percent were considered as critical flaws. Source: http://news.softpedia.com/news/over-half-a-billion-personal-records-were-stolen-or-lost-in-2015as-502858.shtml

20. April 12, SecurityWeek – (International) Improved Qbot worm targets public institutions. Researchers from BAE Systems discovered that an improved version of the Qbot malware was targeting public organizations such as police departments, hospitals, and universities after finding that the malware’s developers had made several improvements to avoid detection and that more than 54,000 international machines were part of the botnet, with 85 percent of infections listed in the U.S. Researchers noted that cyber attackers distributed the Qbot malware via compromised Web sites that lead to the RIG exploit kit (EK). Source: http://www.securityweek.com/improved-qbot-worm-targets-public-institutions

Communications Sector

Nothing to report