Tuesday, May 31, 2016



Complete DHS Report for May 31, 2016

Daily Report                                            

Top Stories

• Eight automakers announced a recall May 27 for over 12 million model years 2002 – 2011 vehicles sold in the U.S. due to defective Takata Corp., passenger-side air bag inflators. – Reuters

2. May 27, Reuters – (International) Automakers recall 12 million U.S. vehicles over Takata air bags. Eight automakers announced a recall May 27 for over 12 million model years 2002 – 2011 vehicles sold in the U.S. due to defective Takata Corp., passenger-side air bag inflators that can explode with too much force and spray metal shrapnel into vehicle passenger compartments. The defective inflators have been linked to over 100 injuries and at least 13 deaths globally.

• Washington, D.C. officials announced that track work May 28 – May 30 will take all Orange Line trains out of service, close three stations, and force single-tracking between certain stations on four lines. – WTOP 103.5 FM Washington, D.C.

8. May 26, WTOP 103.5 FM Washington, D.C. – (Maryland; Virginia; Washington, D.C.) Metro: 3 stations closed, work on all lines Memorial Day weekend. The Washington Metropolitan Area Transit Authority announced May 26 that track work May 28 – May 30 on the Metro will take all Orange Line trains out of service, close the Vienna, Dunn Loring, and West Falls Church stations, and force single-tracking between certain stations on the Red, Silver, Blue, and Green lines. Source: http://wtop.com/sprawl-crawl/2016/05/metro-close-orange-line-work-lines-memorial-day-weekend/

• The use of Probuphine, an implant that slowly releases a low dose of buprenorphine over 6 months, was approved May 26 to help individuals struggling with addiction to heroin and painkillers. – Associated Press

15. May 26, Associated Press – (National) FDA approves first drug-oozing implant to control addiction. The U.S. Food and Drug Administration approved May 26 the use of Probuphine, an implant that slowly releases a low dose of buprenorphine over 6 months, in order to help individuals struggling with addiction to heroin and painkillers. The implant is expected to be used as part of a multipronged addiction treatment program, and doctors who implant the device are required to receive special training on the implantation and removal of the device. Source: http://www.cbsnews.com/news/fda-approves-first-drug-oozing-implant-to-control-addiction/

• A U.S. Government Accountability Office report found that some business systems run by U.S. government agencies are written in mainframe assembler code or COBOL, are outdated, and consume larger portions of agencies’ budgets just for operation and maintenance. – Ars Technica

17. May 26, Ars Technica – (National) Government agencies keep sacrificing cash to zombie IT systems, GAO finds. A U.S. Government Accountability Office (GAO) report on business systems run by U.S government agencies found that some of the systems used are written in mainframe assembler code or COBOL, are outdated, and are consuming larger portions of agencies’ IT budgets just for operation and maintenance. Some of the agencies included in the top ten oldest systems cited by GAO include the U.S. Department of the Treasury, the U.S. Department of Defense, the U.S. Department of Veterans Affairs, and the U.S. Department of Commerce, among others. Source: http://arstechnica.com/information-technology/2016/05/government-agencies-keep-sacrificing-cash-to-zombie-it-systems-gao-finds/

Financial Services Sector

4. May 26, SecurityWeek – (Texas) PayPal settles with Texas over Venmo app security claims. The State of Texas and PayPal entered into an Assurance of Voluntary Complance agreement May 26 after Venmo, a company acquired by PayPal, violated the Texas Deceptive Trade Practices – Consumer Protection Act by allegedly providing confusing and deficient privacy and security disclosures, and failing to provide clarification over access to the user’s contact list. PayPal agreed make “behavioral” changes regarding interactions between Venmo and its users.

5. May 26, East Oregonian – (Oregon) Nearly 100 reports of missing money in Hermiston bank fraud. Authorities are searching May 26 for a man suspected of installing a skimming device on a Portland area ATM beginning the week of May 8 and using the stolen data to manufacture fraudulent debit cards in order to withdraw cash from other area ATMs after officials received approximately 100 reports of fraudulent bank account activity. Authorities stated that the scheme has caused thousands of dollars in losses, and believe the man is part of an organized group. Source: http://www.eastoregonian.com/eo/local-news/20160526/nearly-100-reports-of-missing-money-in-hermiston-bank-fraud

Information Technology Sector

21. May 26, SecurityWeek – (International) Angler EK malvertising campaign abuses recent Flash zero-day. Security researchers from Malwarebytes reported that a previously patched zero-day flaw in Adobe Flash Player was being exploited in a new malvertising campaign targeting ad networks through a conditional malicious code which redirects users to the Angler exploit kit (EK) after executing fingerprinting checks. Attackers exploit the vulnerability via specially crafted Microsoft Office documents. Source: http://www.securityweek.com/angler-ek-malvertising-campaign-abuses-recent-flash-zero-day

22. May 26, Softpedia – (International) Windows trojan uses TeamViewer to turn your PC into a web proxy. Security researchers from Dr. Web and Yandex reported that the backdoor trojan dubbed, BackDoor.TeamViewer.49 was using a malware dropper called Trojan.MulDrop6.39120 and a malicious Adobe Flash Player update package to secretly distribute the TeamViewer trojan. Once the TeamViewer trojan is installed, the trojan connects via an encrypted channel to the attackers’ command and control (C&C) server, where it relays Web traffic to other servers on the Internet and uses the affected device as a proxy server. Source: http://news.softpedia.com/news/windows-trojan-uses-teamviewer-to-turn-your-pc-into-a-web-proxy-504540.shtml

23. May 26, SecurityWeek – (International) “SandJacking” attack allows hackers to install evil iOS apps. A security researcher from Mi3 Security discovered that attackers could exploit a new Apple feature, which allows developers to create mobile operating system (iOS) apps using certificates easily obtained by providing an Apple ID, to quickly replace a legitimate app on an iOS device with a rogue version that contains malicious capabilities to give attackers complete control and access to the application. The security researcher released a proof-of-concept (PoC) titled, “Su-A-Cyder” that can replace legitimate apps for malicious apps when the targeted phone is connected to a computer.

For another story, see item 4 above in the Financial Services Sector

Communications Sector

See item 23 above in the Information Technology Sector