Complete DHS Report for August 2, 2016
Daily Report
Top Stories
• General Motors issued a recall July 30 for 32,913 of its model
year 2016 Chevrolet Cruze vehicles sold in the U.S. due to potentially
improperly manufactured headlamps which can lead to reduced nighttime
visibility. – TheCarConnection.com
4. July 30,
TheCarConnection.com – (National) 2016 Chevrolet Cruze recalled to fix headlight
problem. General Motors issued a recall July 30 for 32,913 of its model
year 2016 Chevrolet Cruze vehicles sold in the U.S. due to potentially
improperly manufactured headlamps after the manufacturer’s etching software
failed to mark the lamps with an identifier code used to properly aim the
headlights, thereby causing reduced nighttime visibility and increasing the
risk of an accident. Source: http://www.thecarconnection.com/news/1105293_2016-chevrolet-cruze-recalled-to-fix-headlight-problem
• Severe storms that moved through Ellicott City, Maryland, July
31 caused flash floods that damaged at least 25 buildings, killed 2 people, and
prompted State officials to declare a state of emergency in Howard County. – CNN
17. August 1,
CNN – (Maryland) Maryland county official: ‘Never seen such
devastation’. Severe storms that moved through Ellicott City, Maryland,
July 31 caused flash floods that damaged or destroyed at least 25 buildings, killed
2 people, damaged more than 170 vehicles, and prompted State officials to
declare a state of emergency in Howard County. Authorities estimated the flood
caused millions of dollars in damages. Source: http://www.cnn.com/2016/07/31/us/maryland-flooding/
• Maryland officials issued an emergency closing of the Patuxent
River from the Howard County line to the Baltimore Washington Parkway in Laurel
after a blocked sewer line caused approximately 2 million gallons of sewage to
overflow into the Patuxent River July 29. – Baltimore Sun
19. July 30,
Baltimore Sun – (Maryland) Estimated 2 million gallons of sewage spill into
Patuxent River. Maryland officials issued an emergency closing of the
Patuxent River from the Howard County line to the Baltimore Washington Parkway
in Laurel after a blocked sewer line caused approximately 2 million gallons of
sewage to overflow into the Patuxent River July 29. Officials closed Riverfront
Park in Laurel and urged residents to avoid the area. Source: http://www.baltimoresun.com/news/maryland/howard/laurel/ph-ho-cf-glances-sewage-overflow-0804-20160729-story.html
• Florida health officials reported July 29 that 4 individuals in
Miami-Dade and Broward counties have been infected with the Zika virus by local
mosquitoes, marking the first cases of mosquito-borne transmissions in the U.S.
– CNN
21. July 29,
CNN – (Florida) Florida health officials confirm Zika transmission.
Officials from the Florida Department of Health reported July 29 that 4
individuals in Miami-Dade and Broward counties have been infected with the Zika
virus transmitted through infected mosquitoes in the area, marking the first
cases of mosquito-borne transmissions in the U.S. Health officials are
collecting information and urine samples from residents in the area as part of
an effort to determine how many people have been infected. Source: http://www.cnn.com/2016/07/29/health/florida-health-officials-confirm-local-zika-transmission/
Financial Services Sector
Nothing
to report
Information Technology Sector
26. July 30,
Softpedia – (International) Major cyber-crime campaign switches from
CryptXXX to Locky ransomware. Researchers from Palo Alto Networks reported
that Afraidgate, the largest source of ransomware infections via exploit kits
(EK), stopped delivering the CryptXXX ransomware and began distributing the
Locky Zepto variant after switching from Angler to the Neutrino EK. Researchers
stated that Afraidgate relies on malicious actors hacking Websites and adding
malicious code to the site to redirect users to the Neutrino EK, which are easy
to discover due to the “.top” domain extensions. Source: http://news.softpedia.com/news/major-cyber-crime-campaign-switches-from-cryptxxx-to-locky-ransomware-506801.shtml
27. July 30,
Softpedia – (International) IP of ancient Conficker C&C domains
resurfaces in new website hacking scheme. Sucuri’s forensic team discovered
hacked Websites were redirecting their own traffic to one of their subdomains
hosted on another server, prompting an investigation into the Websites which
revealed the sites had been registered through NameCheap and were abusing the
company’s FreeDNS service to hijack legitimate sites by redirecting domain name
queries to the server’s IP address, which had been previously used to host
command and control (C&C) servers for the Conficker malware. Source: http://news.softpedia.com/news/ip-of-ancient-conficker-c-c-domains-resurface-in-new-website-hijacking-scheme-506797.shtml
28. July 29,
SecurityWeek – (International) New “QRLJacking” attack targets QR code
logins. An independent researcher discovered that the Quick Response (QR)
Login process is susceptible to a RLJacking attack after finding a hacker could
access the login QR code from the target Website and place it into a phishing
page in order to trick the user into visiting the page and logging into the QR
login process, thereby sending the secret login token to the hacker instead of
the authenticated Website and allowing the hacker to hijack the session.
Researchers stated that the attack can be avoided by opting out of the QR Login
feature and using a regular password for sites and apps that offer QR logins. Source:
http://www.securityweek.com/new-qrljacking-attack-targets-qr-code-logins
29. July 29,
IDG News Service – (International) Android trojan SpyNote leaks on underground
forums. Researchers from Palo Alto Networks reported a new Android trojan
dubbed SpyNote has been leaked on several underground forums and allows hackers
to steal users’ messages and contacts, record audio using the devices built-in
microphone, listen in on an user’s calls, and control the device’s camera,
among other illicit actions. Researchers stated the trojan, which prompts users
for a long list of permissions on installation, is capable of updating itself
and installing other rogue applications on the device. Source: http://www.computerworld.com/article/3102107/security/android-trojan-spynote-leaks-on-underground-forums.html#tk.rss_security
Communications Sector
Nothing to report