Complete DHS Report for
April 22, 2015
Daily Report
Top Stories
· Check
Point Software researchers identified a security hole in unpatched versions of
eBay’s Magento e-commerce platform that can be exploited to gain access to
databases containing customers’ financial and personal information. – Securityweek
See
item 2 below in the Financial Services Sector
· The U.S.
Department of Agriculture announced April 20 that about 5.3 million hens at a
commercial egg-laying facility in Osceola County, Iowa, must be culled as a
precaution after a strain of bird flu was detected in the flock. – Des
Moines Register
6. April
21, Des Moines Register – (Iowa) 5.3 million Iowa laying hens to
be destroyed in bird flu outbreak. The U.S. Department of Agriculture
announced April 20 that about 5.3 million laying hens at an Osceola County
commercial egg-laying facility must be culled as a precaution after a strain of
bird flu was detected in the flock. More than 2.6 million additional birds have
been killed as a result of the bird flu, which has been confirmed at more than
50 sites across at least 8 States, including Wisconsin where a state of
emergency was declared over the outbreak. Source: http://www.desmoinesregister.com/story/money/agriculture/2015/04/20/avian-flu-chicken-eggs/26094811/
· Blue
Bell Creameries recalled April 20 all of its products currently on the market
in 23 U.S. States and abroad due to an ongoing Listeria outbreak that has
sickened at least 10 individuals, including 3 people who died from infection. –
Food Safety News
7. April
21, Food Safety News – (International) CDC Reports Two More Cases
in Listeria Outbreak. Texas-based Blue Bell Creameries issued a voluntary
recall April 20 for all of its products currently on the market in 23 U.S.
States and abroad due to an ongoing Listeria outbreak that has been connected
to several of the company’s plants. The U.S. Centers for Disease Control and
Prevention reported 2 new cases that are linked to Blue Bell products April 21,
increasing the case count to 10, including 3 cases that resulted in death.
Source: http://www.foodsafetynews.com/2015/04/blue-bell-recalls-all-products-made-in-all-company-facilities
·
An underground cable issue sparked a transformer explosion that damaged the Suburban
Building and nearby businesses in Radnor Township, Pennsylvania, April 20, and
prompted Philadelphia Electric Company crews to cut power to about 80 customers
including 14 businesses. – Norristown Times Herald
25. April 21, Norristown Times Herald –
(Pennsylvania) Transformer explosion in Radnor Township shatters, closes
storefronts. An underground cable issue sparked a transformer explosion
that shattered windows at the Suburban Building and nearby businesses in Radnor
Township April 20, and prompted Philadelphia Electric Company crews to cut power
to about 80 customers including 14 businesses. Some businesses remained closed
April 21, while crews expected to restore service to all customers later that
day. Source: http://www.timesherald.com/general-news/20150421/transformer-explosion-in-radnor-township-shatters-closes-storefronts
Financial Services Sector
2. April 20,
Securityweek – (International) Malicious hackers can exploit a vulnerability
in Magento to access credit card data. Security researchers at Check Point
Software identified a security hole in unpatched versions of eBay’s Magento
e-commerce platform that contain remote code execution (RCE) vulnerabilities
that could allow attackers to execute hypertext preprocessor (PHP) code on Web
servers containing online stores in order to gain access to databases
containing customers’ credit card, financial, and personal information. Source:
http://www.securityweek.com/critical-flaw-magento-ecommerce-platform-exposes-online-shops
For another story, see item 24 below in the Information Technology Sector
Information Technology Sector
19. April 21,
Softpedia – (International) Highly popular WordPress plugins vulnerable
to XSS attacks. A security researcher from Scrutinizer discovered an issue
with two coding functions used in many content management system (CMS) plugins
created by WordPress developers that could allow attackers to run cross-site
scripting (XSS) attacks and access sensitive areas of affected Web sites. The
vulnerability was a result of improper documentation regarding external users’
ability to run commands via the functions. Source: http://news.softpedia.com/news/At-Least-17-Popular-WordPress-Plugins-Vulnerable-to-XSS-Attacks-478968.shtml
20. April 21,
Softpedia – (International) iOS apps from developers vulnerable to HTTPS
data decryption. Research from SourceDNA revealed that almost 1,000 iOS
apps are vulnerable to a security flaw in build 2.5.1 of open source
AFNetworking that disables secure sockets layer (SSL) certificate validation,
which could allow attackers to carry out man-in-the-middle (MitM) attacks and
read encrypted information in plain text. The flaw was patched in late March,
but many developers have not yet integrated the updated code. Source: http://news.softpedia.com/news/iOS-Apps-from-Developers-Vulnerable-to-HTTPS-Data-Decryption-478951.shtml
21. April 21,
Softpedia – (International) Fake antivirus delivered to users in the US
via Fiesta exploit kit. Security researchers at Trend Micro discovered that
cybercriminals have switched the payload delivered via the Fiesta exploit kit
(EK) from crypto-malware such as TeslaCrypt to a fake antivirus program called
“Antivirus Pro 2015” that disables Windows tools and software that could
deactivate it, before requiring users to pay to remove the infection.
Researchers reported that Fiesta EK distributors targeted the U.S. more than
any other country in March. Source: http://news.softpedia.com/news/Fake-Antivirus-Delivered-to-Users-in-the-US-via-Fiesta-Exploit-Kit-478933.shtml
22. April 21,
Help Net Security – (International) New fileless malware found in the wild. Security
researchers at Trend Micro discovered that a new fileless malware, dubbed
Phasebot, uses Microsoft Windows PowerShell to evade detection and run
components hidden in the Windows registry, contains an external module loader
to add and remove functionalities on infected systems, and can execute numerous
routines per the instruction of the bot administrator. Source: http://www.net-security.org/malware_news.php?id=3021
23. April 20,
Softpedia – (International) New ransomware “Threat Finder” delivered by
Angler exploit kit. Security researchers at Rackspace discovered that a new
piece of crypto-malware called Threat Finder has been distributed in drive-by
attacks via Bedep malware downloaded by the Angler exploit kit (EK). The
crypto-malware encrypts important file types including documents, media files,
and database formats before asking affected users for bitcoin in exchange for
the decryption key. Source: http://news.softpedia.com/news/New-Ransomware-Threat-Finder-Delivered-by-Angler-Exploit-Kit-478881.shtml
24. April 20,
IDG News Service – (International) Pushdo spamming botnet gains strength again. Security
researchers at Fidelis Cybersecurity reported that an updated version of the
Pushdo botnet has infected systems in over 50 countries with the Fareit and
Cutwail malware as well as the Dyre and Zeus banking trojans. The spamming
botnet has been in operation since 2007 due to its frequently changing command
and control (C&C) system that generates 30 domain names a day that infected
computers can contact. Source: http://www.networkworld.com/article/2912533/pushdo-spamming-botnet-gains-strength-again.html#tk.rss_all
For another
story, see item 2 above in the Financial Services Sector
Communications Sector
See item 18 below from the Emergency Services
Sector
18. April 20,
Iroquois County’s Times-Republic – (Illinois) Cut
cable wreaks havoc on 911, routine calls. A cut AT&T fiber optic cable
line near Papineau knocked out emergency service calls in Iroquois County April
20. Emergency calls were temporarily rerouted to Kankakee County’s Kan-Com
while crews spent several houworking to restore services. Source: http://www.newsbug.info/iroquois_countys_times-republic/cut-cable-wreakshavoc-on-routine-calls/article_5ce763da-e7a5-11e4-86c7-cf94e200e821.html