Complete DHS Report for August 29, 2016
Daily Report
Top Stories
• More than 20,000 Indianapolis Power & Light customers in
Marion County, Indiana, lost power August 26 following severe storms that moved
through the area. – WRTV 6 Indianapolis
1. August 26,
WRTV 6 Indianapolis – (Indiana) More than 20,000 without power after strong, sudden
storms plow through Marion Co. More than 20,000 Indianapolis Power &
Light customers in Marion County, Indiana, lost power August 26 following severe
storms that prompted authorities to issue tornado warnings for the area and
forced the closure of Eastwood Middle School. Source: http://www.theindychannel.com/news/local-news/more-than-20000-without-power-after-strong-sudden-storms-plow-through-marion-co
• Sentry Foods issued a recall August 25 for approximately 21,570
pounds of its frozen chicken entrees products sold in 3 variations due to
potential contamination with glass or hard plastic fragments. – U.S.
Department of Agriculture
11. August 26,
U.S. Department of Agriculture– (Indiana, Pennsylvania, Texas) Sentry
Foods recalls frozen chicken entrées due to possible foreign matter
contamination. Sentry Foods issued a recall August 25 for approximately
21,570 pounds of its frozen chicken entrees products sold in 3 variations due
to potential contamination with glass or hard plastic after the firm received
consumer complaints stating extraneous materials were found in the products.
There have been no confirmed reports of adverse reactions and the products were
shipped to retail locations in Indiana, Texas, and Pennsylvania. Source:
• Apple released an emergency security update for its iOS devices
after discovering three zero-day vulnerabilities plaguing iPhones, iPads, and
iPod touches that could allow an attacker to compromise a targeted device. – SecurityWeek
See item 17 below in
the Information Technology Sector
• A Russian cyber-criminal was convicted August 25 after he stole
more than 1.7 million credit card numbers from the point-of-sale systems of
various businesses, causing 3,700 financial institutions more than $169 million
in losses. – U.S. Department of Justice
21. August 25,
U.S. Department of Justice – (International) Russian cyber-criminal
convicted of 38 counts related to hacking businesses and stealing more than two
million credit card numbers. A Russian cyber-criminal was convicted August
25 after he stole than 1.7 million credit card numbers from various businesses
from a server he operated in Russia by hacking retail point-of-sale (PoS)
systems and installing malware on the servers in order to make fraudulent
purchases, causing 3,700 financial institutions more than $169 million in
losses. Source: https://www.justice.gov/opa/pr/russian-cyber-criminal-convicted-38-counts-related-hacking-businesses-and-stealing-more-two
Financial Services Sector
See item 21 above in Top Stories
Information Technology Sector
16. August 26,
Softpedia – (International) New Locky ransomware version delivered as DLL
file. Cyren security researchers discovered that a variant of the Locky
ransomware, Zepto received updates and is now installed on infected devices as
dynamic-link library (DLL) files, instead of executable (EXE) files.
Researchers also found that the DLL file uses a custom packer in order to
prevent detection from anti-malware scanners. Source: http://news.softpedia.com/news/new-locky-ransomware-version-delivered-as-dll-file-507646.shtml
17. August 26,
SecurityWeek – (International) Apple issues emergency fix for iOS zero-days:
What you need to know. Apple released an emergency security update for its
iOS devices after discovering its iPhone 4s and later, iPad 2 and later, and
iPod touch fifth generation and later versions were plagued with three zero-day
vulnerabilities, dubbed Trident, including an information leak in the Kernel, a
memory corruption bug that could allow an attacker to jailbreak the device and
install surveillance software without user knowledge, and a memory corruption
bug in the Safari WebKit, which could allow an attacker to execute arbitrary
code and compromise the device when a user clicks a link on a specially crafted
Website. Researchers found the vulnerabilities were exploited by Pegasus, a
high-end surveillance software, and were leveraged in attacks against human
rights activists and journalists via a text message phishing campaign. Source: http://www.securityweek.com/apple-issues-emergency-fix-ios-zero-days-what-you-need-know
18. August 25,
Softpedia – (International) PowerShell script steals credentials from IIS
config files. SecureWorks researchers discovered attackers were exploiting
already compromised devices to upload and execute a malicious PowerShell script
that searchers for Microsoft Internet Information Server (IIS) configuration
files on the infected machine, which store credentials for other connection
services as connectionStrings in order to steal the access credentials and copy
the content to the local /TEMP folder. Source: http://news.softpedia.com/news/powershell-script-steals-credentials-from-iis-config-file-507638.shtml
19. August 25,
Softpedia – (International) Security firm releases decrypter for Alma
Locker ransomware. PhishLabs malware analysts released a decrypter for the
Alma Locker ransomware family that allows victims to recover their files
without paying the ransom after finding the malware’s decrypter was susceptible
to a Man-in-the-Middle attack, which allowed the researchers to spoof
communications from the attackers’ command and control (C&C) server in
order to gain insight into how the ransomware’s decrypter operates. Source: http://news.softpedia.com/news/security-firm-releases-free-decrypter-for-alma-locker-ransomware-507613.shtml
Communications Sector
Nothing to report