Tuesday, November 25, 2014



Complete DHS Report for November 25, 2014

Daily Report

Top Stories

 • XPLOR Energy SPV-1, Inc., agreed to pay a $3.1 million fine and serve a 3-year probation term after pleading guilty to knowingly violating the Clean Water Act by discharging oily wastewater into the Breton Sound and the Gulf of Mexico off Louisiana. – Associated Press
1.     November 21, Associated Press – (Louisiana) XPLOR Energy pleads to Clean Water Act Violation. XPLOR Energy SPV-1, Inc., an Oklahoma-based oil company agreed to pay a $3.1 million fine and serve a 3-year probation term after pleading guilty for knowingly violating the federal Clean Water Act by discharging oily wastewater into the Breton Sound and the Gulf of Mexico from an offshore facility off Louisiana. Source: http://www.washingtontimes.com/news/2014/nov/21/xplor-energy-pleads-to-clean-water-act-violation/

 • A tour bus traveling from Los Angeles to Pasco, Washington, crashed in northern California November 23 killing 1 passenger and injuring 28 others when the bus drifted off Interstate 5 and overturned into an embankment. – Los Angeles Times
4. November 23, Los Angeles Times – (California) One dead, dozens hurt in Northern California bus crash. A tour bus traveling from Los Angeles to Pasco, Washington, crashed in northern California November 23 killing 1 passenger and injuring 28 others, with 11 in serious or critical conditions when the bus drifted off Interstate 5 and overturned into an embankment. The same bus was reportedly involved in an earlier minor crash at a Denny’s restaurant in Red Bluff, California, but no injuries were reported. Source: http://www.latimes.com/local/lanow/la-me-ln-bus-crash-story.html

 • Symantec researchers reported the discovery of a piece of sophisticated cyber espionage malware that works as a backdoor to steal information from compromised systems and appears to have been created by a nation-state actor. – Securityweek See item 21 below in the Information Technology Sector

 • The former general manager of the Sleep Inn hotel in Allendale, Michigan, was charged November 21 for allegedly stealing more than $872,929 by directing credit card payments to personal accounts. – Grand Rapids Press
29. November 22, Grand Rapids Press – (Michigan) Hotel general manager accused of stealing nearly $900,000 in credit card scheme. The former general manager of the Sleep Inn hotel in Allendale was charged with wire fraud and money laundering according to an indictment unsealed November 21 for allegedly stealing more than $872,929 by directing credit card payments to personal accounts through the form of fraudulent customer refunds between October 2006 and April 2013. Source: http://www.mlive.com/news/grand-rapids/index.ssf/2014/11/hotel_general_manager_accused.html

Financial Services Sector

2. November 24, Securityweek – (International) Fraud service uses charity websites to validate stolen credit card data. Researchers with PhishLabs reported November 21 that it had found online fraudsters using a bot and an IRC channel to conduct transactions on the Web sites of charity or non-profit organizations in order to test the validity of stolen payment card information and related personal information. Source: http://www.securityweek.com/fraud-service-uses-charity-websites-validate-stolen-credit-card-data

3.     November 21, U.S. Securities and Exchange Commission – (New York) SEC charges CEO and close friend with insider trading ahead of company sale. Two New York City men, including one who served as CEO and a member of the board directors for GenTek Inc., agreed to pay a total of $324,000 to resolve U.S. Securities and Exchange Commission charges that the former CEO passed on nonpublic information to the second man, who used it to engage in insider trading and make $164,260 in illicit profits ahead of GenTek’s sale to American Securities. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370543516329

For another story, see item 29 above in Top Stories

Information Technology Sector

21. November 24, Securityweek – (International) Symantec uncovers stealthy nation-state cyber attack platform. Symantec researchers reported the discovery of a piece of sophisticated cyber espionage malware dubbed Regin that works as a backdoor to steal information from compromised systems and appears to have been created by a nation-state actor. The malware is modular in design and has predominantly targeted small businesses, individuals, and telecoms companies, as well as the hospitality, energy, and airline industries and research organizations. Source: http://www.securityweek.com/symantec-uncovers-stealthy-nation-state-cyber-attack-platform

22. November 24, The Register – (International) Sony quietly POODLE-proofs Playstations. Sony released a patch for its Playstation 3 and Playstation 4 gaming consoles that adds Transport Layer Security to the consoles’ apps and browsers and removes the use of SSL 3.0 to protect against POODLE attacks. Source: http://www.theregister.co.uk/2014/11/24/sony_playstation_update_spells_death_knell_for_poodle/

23. November 21, Softpedia – (International) Facebook bug remains unpatched, risk is partially mitigated. A researcher who reported a flaw in Facebook that could allow posting to a user’s timeline without permission in 2013 reported that the proof-of-concept for the attack still works in some cases where certain third-party Facebook apps do not implement the new content share model Facebook developed to address the issue. Source: http://news.softpedia.com/news/Facebook-Bug-Remains-Unpatched-Risk-Is-Partially-Mitigated-465611.shtml

Communications Sector 

See item 21 above in the Information Technology Sector

Monday, November 24, 2014



Complete DHS Report for November 24, 2014

Daily Report

Top Stories

 • An oil platform explosion at Fieldwood Energy’s Echo Platform, West Delta 105, off the coast of Louisiana left 1 person dead and 3 others injured November 20. – WWL 4 New Orleans

1. November 21, WWL 4 New Orleans – (International) 1 dead, 3 hurt in oil platform explosion off La. coast. An oil platform explosion at Fieldwood Energy’s Echo Platform, West Delta 105, off the coast of Louisiana left 1 person dead and 3 others injured November 20. Authorities contained the explosion and continue to investigate the incident. Source: http://www.usatoday.com/story/news/nation/2014/11/20/1-dead-3-hurt-in-oil-platform-explosion-off-la-coast/70039166/

 • The California Public Utilities Commission imposed a $1.05 million fine to Pacific Gas and Electric Company following the exchange of inappropriate email communications between the utility and State regulators regarding alleged negotiations of appointing a judge to a hearing on utility rates in the San Bruno pipeline explosion case. – KPIX 5 San Francisco

3. November 20, KPIX 5 San Francisco – (California) PG&E fined $1.05 million over backroom negotiations; utility to appeal decision. Pacific Gas and Electric Company was issued a $1.05 million fine by the California Public Utilities Commission following the exchange of inappropriate email communications between the utility and State regulators regarding alleged negotiations of appointing a judge to a hearing on utility rates in the San Bruno pipeline explosion case. Source: http://sanfrancisco.cbslocal.com/2014/11/20/pge-fined-more-than-1-million-over-backroom-negotiations/

 • All schools in the cities of Buffalo and Lackawanna, including suburban districts in 7 other towns as well as 7 additional colleges and universities remain closed November 20 for the third consecutive day after a winter storm dumped over 5 feet of snow in western New York. – Associated Press

17. November 20, Associated Press – (New York) Some Buffalo-area schools closed for 3 days in row. All Buffalo and Lackawanna-area schools as well as schools in 7 other towns, and 7 additional colleges and universities were closed November 20 for the third consecutive day after a winter storm dumped over 5 feet of snow in western New York. Source: http://newsok.com/some-buffalo-area-schools-closed-for-3-days-in-row/article/feed/762393

 • Structural damage of rooftops due to the accumulation of heavy snow prompted an evacuation of more than 50 residents from mobile home parks in Cheektowaga and West Seneca, New York, and 180 from a Cheektowaga assisted living facility November 20. – Associated Press

32. November 20, Associated Press – (New York) Roofs collapse as Buffalo clobbered by more snow. More than 50 residents were evacuated from mobile home parks in Cheektowaga and West Seneca and about 180 residents were evacuated from a Cheektowaga assisted living facility November 20 due to heavy snows that caused the structures’ roofs to buckle. The Buffalo Bills rescheduled and relocated its November 24 football game and schools in the Buffalo area canceled classes November 20 while driving bans were in effect and a portion of the New York State Thruway remained closed. Source: http://abcnews.go.com/US/wireStory/round-buffalo-braces-wintry-wallop-27044077

Financial Services Sector

5. November 21, Associated Press – (New Jersey) Man admits $20 million Ponzi scheme in New Jersey. A Colts Neck man pleaded guilty November 20 to running a $20 million Ponzi scheme involving 36 investors that caused investor losses of around $12.7 million. Source: http://www.msn.com/en-us/news/crime/man-admits-dollar20-million-ponzi-scheme-in-new-jersey/ar-BBeVA1y

6. November 20, U.S. Attorney’s Office, Southern District of New York – (International) Former corporate executives charged with securities fraud and tax offenses for wide-ranging commercial bribery scheme. Federal authorities charged two Coral Gables, Florida men who worked as senior executives at Systemax Inc., and its subsidiary computer and electronics vendor TigerDirect for allegedly engaging in a kickback scheme with an Asia-based group of suppliers that netted the men over $9 million in kickbacks and benefits. The men were also charged for allegedly concealing the illicit income from the Internal Revenue Service. Source: http://www.fbi.gov/newyork/press-releases/2014/former-corporate-executives-charged-with-securities-fraud-and-tax-offenses-for-wide-ranging-commercial-bribery-scheme

7. November 19, Consumer Financial Protection Bureau – (National) CFPB takes first action against ‘buy-here, pay-here’ auto dealer. The Consumer Financial Protection Bureau issued a consent order November 19 against Arizona-based used car dealer network DriveTime Automotive Group Inc., and its finance company DT Acceptance Corporation seeking $8 million in penalties and the reform of several practices for allegedly providing inaccurate credit information to credit reporting agencies, engaging in excessive or prohibited calls, and other actions that constituted harassment of customers. Source: http://www.consumerfinance.gov/newsroom/cfpb-takes-first-action-against-buy-here-pay-here-auto-dealer/

For another story, see item 25 below in the Information Technology Sector

Information Technology Sector

20. November 21, Securityweek – (International) Siemens fixes critical vulnerabilities in WinCC SCADA products. Siemens issued patches for two vulnerabilities in its SIMATIC WinCC supervisory control and data acquisition (SCADA) systems, one of which could be remotely exploited by an unauthorized attacker. The SIMATIC WinCC system is used to monitor and control industrial and infrastructure systems in chemical, food and beverage, oil and gas, and water and wastewater applications. Source: http://www.securityweek.com/siemens-fixes-critical-vulnerabilities-wincc-scada-products

21. November 21, Softpedia – (International) Persistent XSS flaw fixed in WP Statistics plug-in for WordPress. The developers of the WP Statistics plug-in for WordPress released version 8.3.1 in order to close a stored cross-site scripting (XSS) vulnerability that could allow attackers to execute commands in the administration panel. Source: http://news.softpedia.com/news/Persistent-XSS-Flaw-Fixed-in-WP-Statistics-Plug-In-for-WordPress-465587.shtml

22. November 21, The Register – (International) DoubleDirect hackers snaffle fandroid and iPhone-strokers’ secrets. Researchers with Zimperium identified a man-in-the-middle (MitM) attack technique targeting Android and iOS devices dubbed DoubleDirect that can be used by attackers to intercept devices’ traffic to steal credentials or deliver malicious payloads that can go on to infect a larger network. The researchers have observed the attack being used in the wild and provided a proof of concept for the attack method. Source: http://www.theregister.co.uk/2014/11/21/hackers_snaffling_smartphone_secrets_with_redirection_attack/

23. November 21, Securityweek – (International) WordPress 4.0.1 released to address critical XSS, other vulnerabilities. The developers of WordPress released version 4.0.1 of the content management system, closing a cross-site scripting (XSS) vulnerability and eight other security issues. Source: http://www.securityweek.com/wordpress-401-released-address-critical-xss-other-vulnerabilities

24. November 20, Securityweek – (International) Multiple vulnerabilities found in Hikvision DVR devices. Researchers with Rapid7 identified and reported three remotely exploitable vulnerabilities in Hikvision DVR devices that could be used by unauthenticated attackers to execute arbitrary code. Source: http://www.securityweek.com/multiple-vulnerabilities-found-hikvision-dvr-devices

25. November 20, Securityweek – (International) DDoS attacks over 10 Gbps jump in Q3: Verisign. Verisign released their report on distributed denial of service (DDoS) attacks for the third quarter (Q3) of 2014 and found that attacks exceeding 10 Gpbs grew by 38 percent compared to the second quarter (Q2), representing over 20 percent of all DDoS attacks in Q3, among other findings. Source: http://www.securityweek.com/ddos-attacks-over-10-gbps-jump-q3-verisign

26. November 20, IDG News Service – (International) Governments act against webcam-snooping websites. Authorities in the U.S. and U.K. warned users of Internet-connected webcams and other video devices to secure their devices by adding passwords and changing default passwords after Web sites broadcasting unsecured video feeds were identified online. One of the major unsecured feed sites went offline November 20 while at least one other was still available. Source: http://www.networkworld.com/article/2850833/governments-act-against-webcamsnooping-websites.html
For another story, see item 6 above in the Financial Services Sector

Communications Sector

Nothing to report