Wednesday, June 8, 2016



Complete DHS Report for June 8, 2016


Daily Report                                            


Top Stories



• Officials issued a recall the weekend of June 4 for nearly 563,000 model years 2004 – 2011 vehicles in 5 makes sold in the U.S. due to potentially faulty Takata Corp., passenger-side air bag inflators. – TheCarConnection.com


3. June 6, TheCarConnection.com – (National) Even more Takata recalls: 563,000 Audi, BMW, Jaguar, Land Rover, Mercedes-Benz vehicles affected. The National Highway Traffic Safety Administration issued a recall the weekend of June 4 for nearly 563,000 model years 2004 – 2011 vehicles in 5 makes sold in the U.S. due to potentially faulty Takata Corp., passenger-side air bag inflators equipped with ammonium nitrate, a chemical that may destabilize over time when exposed to hot, humid weather and cause the airbags to deploy with excessive force, spraying hot shrapnel into vehicle passenger compartments. The recalls are being conducted by region, with vehicles registered or sold in the Gulf Coast region taking priority. Source: http://www.thecarconnection.com/news/1104320_even-more-takata-recalls-563000-audi-bmw-jaguar-land-rover-mercedes-benz-vehicles-affected


• A former University of Missouri-Columbia administrative officer pleaded guilty June 6 to embezzling over $716,000 from the school over the course of 9 years. – St. Louis Post-Dispatch


12. June 6, St. Louis Post-Dispatch – (Missouri) Former University of Missouri employee admits embezzling more than $700,000. A former University of Missouri-Columbia administrative officer pleaded guilty June 6 in connection with a theft of over $716,000 from the school over the course of 9 years. The former employee created and registered three shell companies with the Missouri Secretary of State’s Office, which were used to fraudulently bill the university for services that were never provided from January 2005 – June 2014. Source: http://www.stltoday.com/news/local/education/former-university-of-missouri-employee-admits-embezzling-more-than/article_798dad22-befd-5582-9f54-b82ff63908a2.html


• Akamai released a report titled State of the Internet which revealed that during the first quarter of 2016, there were 19 distributed denial-of-service (DDoS) attacks that exceeded 100 Gigabits per second, making DDoS attacks four times more prevalent than the previous quarter. – IDG News Service See item 14 below in the Information Technology Sector


• Security researchers from FireEye reported that the Angler exploit kit (EK) installations were capable of bypassing Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) on Windows 7 to deliver a malicious payload. – Softpedia See item 15 below in the Information Technology Sector


Financial Services Sector 


Nothing to report


Information Technology Sector


13. June 7, SecurityWeek – (International) Facebook patches vulnerability in Messenger app. Security researchers from Check Point discovered that the Facebook Messenger app was plagued with a vulnerability that could allow attackers to change the content of a conversation or replace legitimate links and files with malicious content. Attackers could exploit the flaw by obtaining identification (ID) assigned to each message via a request to “facebook.com/ajax/mercury/thread_info.php” and send another message with a duplicate ID to the victim. Source: http://www.securityweek.com/facebook-patches-vulnerability-messenger-app


14. June 7, IDG News Service – (International) Massive DDoS attacks reach record levels as botnets make them cheaper to launch. Akamai released a report titled State of the Internet which revealed that during the first quarter of 2016, there were 19 distributed denial-of-service (DDoS) attacks that exceeded 100 Gigabits per second, making DDoS attacks four times more prevalent than the previous quarter. The report indicated that criminals could now afford to launch crippling attacks towards major companies. Source: http://www.networkworld.com/article/3079987/massive-ddos-attacks-reach-record-levels-as-botnets-make-them-cheaper-to-launch.html#tk.rss_all


15. June 6, Softpedia – (International) Angler exploit kit finds a method to escape Microsoft’s EMET security toolkit. Security researchers from FireEye reported that the Angler exploit kit (EK) installations were capable of bypassing Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) on Windows 7 to infect a system by deploying two exploits, one for Flash and one for Silverlight. The two exploits run their code via protected memory slots that allow them to deliver a malicious payload regardless of EMET’s Data Execution Mitigation (DEP), Export Address Table Access Filtering (EAF), and EAF+ mitigations. Source: http://news.softpedia.com/news/angler-exploit-kit-finds-a-method-to-escape-microsoft-s-emet-security-toolkit-504929.shtml


16. June 6, Softpedia – (International) Black Shades ransomware asks victims only for a measly $30. Several security researchers from various companies discovered a ransomware dubbed Black Shades Crypter was locking user files and demanding ransom money after finding that the ransomware adds an extra extension, “.silent” to encrypted files, informs victims to pay a small ransom to unlock their files, and encodes strings in its source code to make it difficult for malware analysts to decode. Source: http://news.softpedia.com/news/black-shades-ransomware-asks-victims-only-for-a-measly-30-504935.shtml


17. June 6, Softpedia – (International) Windows BITS Service used to reinfect computers with malware. Security researchers from SecureWorks stated that attackers were using Window’s Background Intelligent Transfer Service (BITS) to set up recurring malware download tasks, and then leveraging its autorun capabilities to install the malware after an investigation revealed that the original malware, called Zlob.Q, added malicious entries to the BITS service, which would download malicious code on the system, run the malware, and erase itself when the infection is completed. Source: http://news.softpedia.com/news/windows-bits-service-used-to-reinfect-computers-with-malware-504930.shtml


Communications Sector 


Nothing to report