Complete DHS Report for August 30, 2016
Daily Report
Top Stories
• Toyota Motor Corporation issued a recall August 29 for 337,449
of its model years 2006 – 2011 Toyota RAV4 crossover vehicles and model year
2010 Lexus HS 250h vehicles due to improperly secured lock nuts on the rear
suspension arms, which can make it difficult for the driver to control the
vehicle. – TheCarConnection.com
4. August 29,
TheCarConnection.com – (National) 2006-2011 Toyota RAV4, 2010 Lexus HS 250h recalled
for suspension issue (again): 337,000 affected. Toyota Motor Corporation
issued a recall August 29 for 337,449 of its model years 2006 – 2011 Toyota
RAV4 crossover vehicles and its model year 2010 Lexus HS 250h vehicles sold in
the U.S. due to lock nuts on the rear suspension arms that may not have been
properly secured, which can allow the threading to rust and the suspension arms
to fail, thereby making it difficult for the driver to control the vehicle and
increasing the risk of a crash. Source: http://www.thecarconnection.com/news/1105830_2006-2011-toyota-rav4-2010-lexus-hs-250h-recalled-for-suspension-issue-again-337000-affected
• Authorities offered a reward August 26 in exchange for
information leading to the arrest and conviction of a man dubbed the “Filter
Bandit” who is suspected of robbing 9 Broward County, Florida banks since 2014.
– WPLG 10 Miami See item 5 below in
the Financial Services Sector
• A former employee at HB Nitkin Group in Greenwich, Connecticut,
pleaded guilty August 26 to embezzling more than $700,000 from the company
between February 2014 and December 2015. – U.S. Attorney’s Office, District
of Connecticut See item 6 below in the Financial Services Sector
• Authorities are investigating the cause of a 4-alarm fire at the
Incca-Carroll Street apartments in Paterson, New Jersey, August 28 that
displaced over 100 residents, damaged up to 20 units, and sent 2 people to an
area hospital. – Newark Star-Ledger
34. August 28,
Newark Star-Ledger – (New Jersey) 4-alarm blaze tears through apartment building
in Paterson. Authorities are investigating the cause of a 4-alarm fire at
the Incca-Carroll Street apartments in Paterson, New Jersey, August 28 that
displaced over 100 residents, damaged up to 20 units, and sent 2 people to an
area hospital. The American Red Cross was assisting those displaced by the
fire. Source: http://www.nj.com/passaic-county/index.ssf/2016/08/4-alarm_blaze_tears_through_apartment_building_in.html
Financial Services Sector
5. August 26,
WPLG 10 Miami – (Florida) FBI offers $5K reward for ‘Filter Bandit.’ Authorities
offered a reward August 26 in exchange for information leading to the arrest
and conviction of a man dubbed the “Filter Bandit” who is suspected of robbing
9 Broward County, Florida banks since 2014, including a SunTrust Bank branch in
Coral Springs August 26. Source: http://www.local10.com/news/florida/broward-county/fbi-offers-5k-reward-for-filter-bandit-
6. August 26,
U.S. Attorney’s Office, District of Connecticut –
(Connecticut) Former Greenwich resident pleads guilty to stealing more than
$700K in fraud scheme. A former employee at HB Nitkin Group in Greenwich,
Connecticut, pleaded guilty August 26 to embezzling more than $700,000 from the
company and related companies and individuals after the employee created
fraudulent invoices for carpentry, plumbing, and electrical services, and used
the company’s checkbook to pay the phony invoices, which she deposited into her
personal bank accounts from February 2014 – December 2015. Officials stated the
former employee also cashed checks that she stole from other employees of the
company, among other fraudulent actions. Source: https://www.justice.gov/usao-ct/pr/former-greenwich-resident-pleads-guilty-stealing-more-700k-fraud-scheme
For another story, see item 36 below from the Commercial Facilities Sector
36. August 26,
Softpedia – (National) US Secret Service notifies two major hotel
chains about possible data breaches. Millennium Hotels & Resorts North
America (MHR) notified customers August 25 that it is investigating a potential
data breach of its point-of-sale (PoS) systems that may have compromised
customer payment card data used at all of its 14 locations nationwide between
March and June 2016 after the U.S. Secret Service and a third-party service
provider notified the company about the breach. Noble House Hotels and Resorts
also announced August 25 it is investigating a potential data breach after U.S.
Secret Service officials notified the company that the PoS systems at its Ocean
Key Resort & Spa in Key West, Florida, were compromised between April 2016
and June 2018. Source: http://news.softpedia.com/news/us-secret-service-notifies-two-major-hotel-chains-about-possible-data-breaches-507658.shtml
Information Technology Sector
27. August 29,
Help Net Security – (International) XSS flaw in D-Link NAS devices allows
attackers to mess with your data. A security researcher discovered seven
D-Link network-attached storage (NAS) devices were plagued with a cross-site
scripting (XSS) flaw in the device’s administrative Web interface that can be
exploited through an authenticated Server Message Block (SMB) login attempt and
could allow attackers to access a targeted device and change the stored
contents after detecting the flaw in the firmware of D-Link DNS-320 rev A. The
researcher stated this XSS flaw does not require the victim to visit a
malicious Website or open an attacker-supplied link, and that the malicious
code can be injected without direct nor indirect access to the vulnerable application.
Source: https://www.helpnetsecurity.com/2016/08/29/xss-flaw-d-link-nas-devices-allows-attackers-mess-data/
28. August 29,
SecurityWeek – (International) Kaspersky patches vulnerabilities in consumer
products. Kaspersky Lab released updated for its KLIF, KLDISK, and KL1
Internet security products resolving several denial-of-service (DoS) and memory
disclosure vulnerabilities after Cisco researchers discovered a flaw in KLIF
drivers that can allow a malicious app to execute an application programming
interface (API) call using invalid parameters and crash the system, a flaw
related to how the KL1 driver handles input/output control (IOCTL) calls, which
could be exploited to cause a memory access violation and crash the system, and
a flaw caused by weak implementation of the KlDiskCtl service in the KLDISK
that can allow attackers to use specially crafted IOCTL calls to leak kernel
memory content and obtain information. Source: http://www.securityweek.com/kaspersky-patches-vulnerabilities-consumer-products
29. August 29,
Softpedia – (International) Tech support scammers find new tricks to
hijack Chrome browser. Malwarebytes researchers discovered a new method to
hijack Google Chrome Web browsers where hidden JavaScript code puts the user’s
browser into full screen mode, hiding the address bar and user interface (UI)
toolbar in order to load a JPEG image at the top of the page that is crafted to
look like Chrome’s original UI bar. The researchers also discovered a second
trick targeting Chrome users where scammers created popups that mimicked
original Chrome alerts, and would continue to display more alerts if a user
clicked the appropriate checkmark. Source: http://news.softpedia.com/news/tech-support-scammers-find-new-trick-to-hijack-chrome-browsers-507715.shtml
30. August 29,
SecurityWeek – (International) User data possibly stolen in Opera Sync
breach. Opera notified 1.7 million Sync customers August 26 of a potential
data breach discovered the week of August 22 after an attacker hacked the
system and potentially accessed user information, including usernames and
passwords. Opera officials advised its customers to change their Sync
passwords, as well as any passwords to third-party Websites synchronized with
the service. Source: http://www.securityweek.com/user-data-possibly-stolen-opera-sync-breach
31. August 26,
Softpedia – (International) Fantom ransomware mimics Windows update
screen. An AVG security researcher discovered a new ransomware variant,
dubbed Fantom was being distributed as a fake Microsoft Windows critical update
screen to trick users into running the malicious file, criticalupdate01.exe,
which encrypts victims’ files and displays a ransom note in Hypertext Markup
Language (HTML) or TXT files after the encryption process ends. Researchers
stated that users must contact the malicious actor via email to get the private
key and unlock their encrypted files, and then the ransomware runs two batch
scripts to delete its installation files. Source: http://news.softpedia.com/news/fantom-ransomware-mimics-windows-update-screen-507668.shtml
Communications Sector
32. August 28,
WUSA 9 Washington, D.C. – (Washington, D.C.) D.C. 911 system
restored after outage. Officials from the Office of Unified Communications
in Washington, D.C. reported August 28 that 9-1-1 services have been restored
after an internal power failure caused a service outage for 2 hours August 27.
Officials set up an alternative emergency phone number during the outage and
the investigation is ongoing. Source: http://www.wusa9.com/news/local/dc/dc-911-system-restored-after-outage/309753694