Complete DHS Report for May 31, 2016
Daily Report
Top Stories
• Eight automakers announced a recall May 27 for over 12 million
model years 2002 – 2011 vehicles sold in the U.S. due to defective Takata
Corp., passenger-side air bag inflators. – Reuters
2. May 27,
Reuters – (International) Automakers recall 12 million U.S. vehicles
over Takata air bags. Eight automakers announced a recall May 27 for over
12 million model years 2002 – 2011 vehicles sold in the U.S. due to defective
Takata Corp., passenger-side air bag inflators that can explode with too much
force and spray metal shrapnel into vehicle passenger compartments. The
defective inflators have been linked to over 100 injuries and at least 13
deaths globally.
• Washington, D.C. officials announced that track work May 28 –
May 30 will take all Orange Line trains out of service, close three stations,
and force single-tracking between certain stations on four lines. – WTOP
103.5 FM Washington, D.C.
8. May 26,
WTOP 103.5 FM Washington, D.C. – (Maryland; Virginia; Washington,
D.C.) Metro: 3 stations closed, work on all lines Memorial Day weekend. The
Washington Metropolitan Area Transit Authority announced May 26 that track work
May 28 – May 30 on the Metro will take all Orange Line trains out of service,
close the Vienna, Dunn Loring, and West Falls Church stations, and force
single-tracking between certain stations on the Red, Silver, Blue, and Green
lines. Source: http://wtop.com/sprawl-crawl/2016/05/metro-close-orange-line-work-lines-memorial-day-weekend/
• The use of Probuphine, an implant that slowly releases a low
dose of buprenorphine over 6 months, was approved May 26 to help individuals
struggling with addiction to heroin and painkillers. – Associated Press
15. May 26,
Associated Press – (National) FDA approves first drug-oozing implant to control
addiction. The U.S. Food and Drug Administration approved May 26 the use of
Probuphine, an implant that slowly releases a low dose of buprenorphine over 6
months, in order to help individuals struggling with addiction to heroin and
painkillers. The implant is expected to be used as part of a multipronged
addiction treatment program, and doctors who implant the device are required to
receive special training on the implantation and removal of the device. Source: http://www.cbsnews.com/news/fda-approves-first-drug-oozing-implant-to-control-addiction/
• A U.S. Government Accountability Office report found that some
business systems run by U.S. government agencies are written in mainframe
assembler code or COBOL, are outdated, and consume larger portions of agencies’
budgets just for operation and maintenance. – Ars Technica
17. May 26,
Ars Technica – (National) Government agencies keep sacrificing cash to
zombie IT systems, GAO finds. A U.S. Government Accountability Office (GAO)
report on business systems run by U.S government agencies found that some of
the systems used are written in mainframe assembler code or COBOL, are
outdated, and are consuming larger portions of agencies’ IT budgets just for
operation and maintenance. Some of the agencies included in the top ten oldest
systems cited by GAO include the U.S. Department of the Treasury, the U.S.
Department of Defense, the U.S. Department of Veterans Affairs, and the U.S.
Department of Commerce, among others. Source: http://arstechnica.com/information-technology/2016/05/government-agencies-keep-sacrificing-cash-to-zombie-it-systems-gao-finds/
Financial Services Sector
4. May 26,
SecurityWeek – (Texas) PayPal settles with Texas over Venmo app security
claims. The State of Texas and PayPal entered into an Assurance of
Voluntary Complance agreement May 26 after Venmo, a company acquired by PayPal,
violated the Texas Deceptive Trade Practices – Consumer Protection Act by
allegedly providing confusing and deficient privacy and security disclosures,
and failing to provide clarification over access to the user’s contact list.
PayPal agreed make “behavioral” changes regarding interactions between Venmo
and its users.
5. May 26,
East Oregonian – (Oregon) Nearly 100 reports of missing money in Hermiston
bank fraud. Authorities are searching May 26 for a man suspected of
installing a skimming device on a Portland area ATM beginning the week of May 8
and using the stolen data to manufacture fraudulent debit cards in order to
withdraw cash from other area ATMs after officials received approximately 100 reports
of fraudulent bank account activity. Authorities stated that the scheme has
caused thousands of dollars in losses, and believe the man is part of an
organized group. Source: http://www.eastoregonian.com/eo/local-news/20160526/nearly-100-reports-of-missing-money-in-hermiston-bank-fraud
Information Technology Sector
21. May 26,
SecurityWeek – (International) Angler EK malvertising campaign abuses recent
Flash zero-day. Security researchers from Malwarebytes reported that a
previously patched zero-day flaw in Adobe Flash Player was being exploited in a
new malvertising campaign targeting ad networks through a conditional malicious
code which redirects users to the Angler exploit kit (EK) after executing
fingerprinting checks. Attackers exploit the vulnerability via specially
crafted Microsoft Office documents. Source: http://www.securityweek.com/angler-ek-malvertising-campaign-abuses-recent-flash-zero-day
22. May 26,
Softpedia – (International) Windows trojan uses TeamViewer to turn your
PC into a web proxy. Security researchers from Dr. Web and Yandex reported
that the backdoor trojan dubbed, BackDoor.TeamViewer.49 was using a malware
dropper called Trojan.MulDrop6.39120 and a malicious Adobe Flash Player update
package to secretly distribute the TeamViewer trojan. Once the TeamViewer
trojan is installed, the trojan connects via an encrypted channel to the attackers’
command and control (C&C) server, where it relays Web traffic to other
servers on the Internet and uses the affected device as a proxy server. Source: http://news.softpedia.com/news/windows-trojan-uses-teamviewer-to-turn-your-pc-into-a-web-proxy-504540.shtml
23. May 26,
SecurityWeek – (International) “SandJacking” attack allows hackers to
install evil iOS apps. A security researcher from Mi3 Security discovered
that attackers could exploit a new Apple feature, which allows developers to
create mobile operating system (iOS) apps using certificates easily obtained by
providing an Apple ID, to quickly replace a legitimate app on an iOS device
with a rogue version that contains malicious capabilities to give attackers
complete control and access to the application. The security researcher
released a proof-of-concept (PoC) titled, “Su-A-Cyder” that can replace
legitimate apps for malicious apps when the targeted phone is connected to a
computer.
For another story, see item 4
above in the Financial Services Sector
Communications Sector
See item 23 above
in the Information Technology Sector