Tuesday, August 2, 2016



Complete DHS Report for August 2, 2016

Daily Report                                            

Top Stories

• General Motors issued a recall July 30 for 32,913 of its model year 2016 Chevrolet Cruze vehicles sold in the U.S. due to potentially improperly manufactured headlamps which can lead to reduced nighttime visibility. – TheCarConnection.com

4. July 30, TheCarConnection.com – (National) 2016 Chevrolet Cruze recalled to fix headlight problem. General Motors issued a recall July 30 for 32,913 of its model year 2016 Chevrolet Cruze vehicles sold in the U.S. due to potentially improperly manufactured headlamps after the manufacturer’s etching software failed to mark the lamps with an identifier code used to properly aim the headlights, thereby causing reduced nighttime visibility and increasing the risk of an accident. Source: http://www.thecarconnection.com/news/1105293_2016-chevrolet-cruze-recalled-to-fix-headlight-problem

• Severe storms that moved through Ellicott City, Maryland, July 31 caused flash floods that damaged at least 25 buildings, killed 2 people, and prompted State officials to declare a state of emergency in Howard County. – CNN

17. August 1, CNN – (Maryland) Maryland county official: ‘Never seen such devastation’. Severe storms that moved through Ellicott City, Maryland, July 31 caused flash floods that damaged or destroyed at least 25 buildings, killed 2 people, damaged more than 170 vehicles, and prompted State officials to declare a state of emergency in Howard County. Authorities estimated the flood caused millions of dollars in damages. Source: http://www.cnn.com/2016/07/31/us/maryland-flooding/

• Maryland officials issued an emergency closing of the Patuxent River from the Howard County line to the Baltimore Washington Parkway in Laurel after a blocked sewer line caused approximately 2 million gallons of sewage to overflow into the Patuxent River July 29. – Baltimore Sun

19. July 30, Baltimore Sun – (Maryland) Estimated 2 million gallons of sewage spill into Patuxent River. Maryland officials issued an emergency closing of the Patuxent River from the Howard County line to the Baltimore Washington Parkway in Laurel after a blocked sewer line caused approximately 2 million gallons of sewage to overflow into the Patuxent River July 29. Officials closed Riverfront Park in Laurel and urged residents to avoid the area. Source: http://www.baltimoresun.com/news/maryland/howard/laurel/ph-ho-cf-glances-sewage-overflow-0804-20160729-story.html

• Florida health officials reported July 29 that 4 individuals in Miami-Dade and Broward counties have been infected with the Zika virus by local mosquitoes, marking the first cases of mosquito-borne transmissions in the U.S. – CNN

21. July 29, CNN – (Florida) Florida health officials confirm Zika transmission. Officials from the Florida Department of Health reported July 29 that 4 individuals in Miami-Dade and Broward counties have been infected with the Zika virus transmitted through infected mosquitoes in the area, marking the first cases of mosquito-borne transmissions in the U.S. Health officials are collecting information and urine samples from residents in the area as part of an effort to determine how many people have been infected. Source: http://www.cnn.com/2016/07/29/health/florida-health-officials-confirm-local-zika-transmission/

Financial Services Sector

Nothing to report

Information Technology Sector

26. July 30, Softpedia – (International) Major cyber-crime campaign switches from CryptXXX to Locky ransomware. Researchers from Palo Alto Networks reported that Afraidgate, the largest source of ransomware infections via exploit kits (EK), stopped delivering the CryptXXX ransomware and began distributing the Locky Zepto variant after switching from Angler to the Neutrino EK. Researchers stated that Afraidgate relies on malicious actors hacking Websites and adding malicious code to the site to redirect users to the Neutrino EK, which are easy to discover due to the “.top” domain extensions. Source: http://news.softpedia.com/news/major-cyber-crime-campaign-switches-from-cryptxxx-to-locky-ransomware-506801.shtml

27. July 30, Softpedia – (International) IP of ancient Conficker C&C domains resurfaces in new website hacking scheme. Sucuri’s forensic team discovered hacked Websites were redirecting their own traffic to one of their subdomains hosted on another server, prompting an investigation into the Websites which revealed the sites had been registered through NameCheap and were abusing the company’s FreeDNS service to hijack legitimate sites by redirecting domain name queries to the server’s IP address, which had been previously used to host command and control (C&C) servers for the Conficker malware. Source: http://news.softpedia.com/news/ip-of-ancient-conficker-c-c-domains-resurface-in-new-website-hijacking-scheme-506797.shtml

28. July 29, SecurityWeek – (International) New “QRLJacking” attack targets QR code logins. An independent researcher discovered that the Quick Response (QR) Login process is susceptible to a RLJacking attack after finding a hacker could access the login QR code from the target Website and place it into a phishing page in order to trick the user into visiting the page and logging into the QR login process, thereby sending the secret login token to the hacker instead of the authenticated Website and allowing the hacker to hijack the session. Researchers stated that the attack can be avoided by opting out of the QR Login feature and using a regular password for sites and apps that offer QR logins. Source: http://www.securityweek.com/new-qrljacking-attack-targets-qr-code-logins

29. July 29, IDG News Service – (International) Android trojan SpyNote leaks on underground forums. Researchers from Palo Alto Networks reported a new Android trojan dubbed SpyNote has been leaked on several underground forums and allows hackers to steal users’ messages and contacts, record audio using the devices built-in microphone, listen in on an user’s calls, and control the device’s camera, among other illicit actions. Researchers stated the trojan, which prompts users for a long list of permissions on installation, is capable of updating itself and installing other rogue applications on the device. Source: http://www.computerworld.com/article/3102107/security/android-trojan-spynote-leaks-on-underground-forums.html#tk.rss_security

Communications Sector

Nothing to report