Wednesday, April 1, 2015



Complete DHS Report for  April 1, 2015

Daily Report

Top Stories

 · Unicold Corp., agreed to pay $197,000 in penalties and to make health and safety improvements at its refrigerated food warehouse in Honolulu as part of a settlement with the U.S. Department of Labor March 30. – Honolulu Star-Advertiser

12. March 30, Honolulu Star-Advertiser – (Hawaii) Food warehouse to pay nearly $200k in fines, fix safety flaws. Unicold Corp., agreed to pay $197,000 in penalties and to make health and safety improvements at its refrigerated food warehouse in Honolulu as part of a settlement with the U.S. Department of Labor that was announced March 30. The settlement was reached following a 2013 inspection that revealed health and safety violations that resulted in 63 citations for Unicold. Source: http://www.staradvertiser.com/news/breaking/20150330_Food_warehouse_to_pay_nearly_200k_in_fines_fix_safety_flaws.html?id=298035621

 · Police captured an escaped prisoner in Washington, D.C., March 31 who had overpowered a guard at Inova Fairfax Hospital in Virginia prompting authorities to lock down the hospital and surrounding streets for several hours. – WRC 4 Washington, D.C

19. March 31, WRC 4 Washington, D.C. – (Virginia; Washington, D.C.) Man who escaped Inova Fairfax Hospital captured after 9-hour manhunt. Police captured an escaped prisoner in Washington, D.C., March 31 who had overpowered a guard at Inova Fairfax Hospital in Virginia prompting the hospital and surrounding streets to be locked down for several hours before carjacking a vehicle. The driver of the vehicle crashed into a home after the suspect kicked out the backseat from inside the truck and fled, stealing another vehicle before he was captured by authorities. Source: http://www.nbcwashington.com/news/local/Active-Shooter-Reported-at-Inova-Fairfax-Hospital-298106511.html

 · A former U.S. Secret Service agent surrendered to authorities March 30 and a U.S. Drug Enforcement Administration agent was arrested March 27 for allegedly stealing over $1.5 million in bitcoins while investigating the Silk Road. – USA Today

23. March 30, USA Today – (International) Former feds charged with stealing Silk Road bitcoin. A former U.S. Secret Service agent surrendered to authorities March 30 and a U.S. Drug Enforcement Administration agent was arrested March 27 in connection to allegedly stealing over $1.5 million in bitcoins while investigating the Silk Road, a shutdown underground site that traded in illegal drugs, counterfeit IDs, and computer hacking software. The pair, based in Maryland, stole proceeds from the site and hid the funds in offshore accounts, often utilizing their positions in the government to obtain the bitcoins. Source: http://www.usatoday.com/story/news/2015/03/30/federal-agents-charged-with-stealing-bitcoin-from-silk-road-case/70672058/

 · Security researchers at Check Point Software Technologies discovered that a cyberespionage group has hacked into hundreds of defense contractor, telecommunications operator, media group, and educational organization networks from at least 10 countries in ongoing attacks that began in late 2012. – Network World See item 35 below in the Information Technology Sector

Financial Services Sector

6. March 30, MarketWatch – (International) AmEx Black Card members are more likely targets for fraud. Forter released results of a year-long study of hundreds of thousands of transactions worldwide March 30, in which they found that holders of American Express Co.’s Centurion Card are nearly twice as likely to be targets of credit card fraud as other basic credit card holders, due to their higher perceived market value. Source: http://www.marketwatch.com/story/amex-black-card-members-are-more-likely-targets-for-fraud-2015-03-30

For another story, see item 23 above in Top Stories

Information Technology Sector

33. March 31, Softpedia – (International) Anonymous proxies used for “Shotgun DDoS” attacks. Security researchers at Incapsula released findings from a one-month study revealing that 20 percent of all Layer 7 application layer distributed denial-of-service (DDoS) attacks from January – February were “Shotgun DDoS” attacks carried out through anonymous proxies to bypass mitigation systems by spreading across multiple internet protocols (IPs) and multiple geo-locations. Approximately 45 percent of the incidents originated from addresses in the Tor anonymity network and 60 percent of them employed Tor’s Hammer denial-of-service (DoS) tool, which carries out low-and-slow power-on self-test (POST) attacks. Source: http://news.softpedia.com/news/Anonymous-Proxies-Used-for-Shotgun-DDoS-Attacks-477193.shtml

34. March 31, Softpedia – (International) Trojan Laziok used for reconnaissance in the energy sector. Security researchers from Symantec identified new malware designed for stealing information, dubbed Laziok that was observed targeting users in the petroleum, gas, and helium industries worldwide, and is delivered via a malicious Microsoft Excel file that exploits a buffer overflow/security glitch that allows remote code execution, and downloads custom variants of Cyberat and Zbot malware from servers in the U.S., United Kingdom, and Bulgaria. Source: http://news.softpedia.com/news/Trojan-Laziok-Used-for-Reconnaissance-in-the-Energy-Sector-477175.shtml

35. March 31, Network World – (International) Lebanese cyberespionage campaign hits defense, telecom, media firms worldwide. Security researchers at Check Point Software Technologies discovered that a cyberespionage group has hacked into hundreds of defense contractor, telecommunications operator, media group, and educational organization networks from at least 10 countries in ongoing attacks that began in late 2012. The attackers detect vulnerabilities and use Web shells to compromise affected servers, including a sophisticated custom-made trojan on servers running Microsoft’s IIS software called Explosive that can infect servers and systems on networks and can spread via USB mass storage devices. Source: http://www.networkworld.com/article/2904293/lebanese-cyberespionage-campaign-hits-defense-telecom-media-firms-worldwide.html#tk.rss_all

36. March 30, Threatpost – (International) eBay fixes file upload and path disclosure bugs. eBay addressed two security vulnerabilities on its Web site that allowed attackers to upload malicious files, including executables, disguised as images that could be used in drive-by download attacks by leveraging poor header check’s and eBay server return messages with exact file paths. Source: https://threatpost.com/ebay-fixes-file-upload-and-patch-disclosure-bugs/111898

For another story, see item 23 above in Top Stories

Communications Sector

See item 35 above in the Information Technology Sector

Tuesday, March 31, 2015



Complete DHS Report for  March 31, 2015

Daily Report

Top Stories

 · JetBlue Airways announced March 30 that a system-wide computer outage was resolved, causing delays for thousands of passengers after the airline had to issue handwritten boarding passes. – Associated Press

6. March 30, Associated Press – (National) JetBlue computer outage causes delays for passengers. JetBlue Airways announced March 30 that a system wide computer outage was resolved, causing delays for thousands of passengers after the airline had to issue handwritten boarding passes. The company stated that customers will likely face delays throughout the day while they worked to get operations back to normal. Source: http://abcnews.go.com/Business/wireStory/jetblue-computer-outage-delays-passengers-30001797

 · A Los Angeles Metro Expo line train slammed into a car at a crossing in front of the University of Southern California March 28 leaving 19 passengers injured as well as the car’s driver and train’s operator. – Associated Press

9. March 28, Associated Press – (California) LA light rail train hits car, partially derails; 21 hurt. A Los Angeles Metro Expo line train slammed into a car at a crossing in front of the University of Southern California March 28 leaving 19 passengers injured as well as the car’s driver and train’s operator. Authorities are investigating the incident and believe the driver was attempting to turn at a grade crossing and did not see the approaching train. Source: http://abcnews.go.com/US/wireStory/hurt-cars-hit-la-commuter-train-29976569

 · An accident involving a semi-truck carrying 15 chemicals in 55-gallon drums on Interstate 39-90 in Janesville, Wisconsin, prompted an estimated 13 hour closure of westbound lanes March 27. – WISC 3 Madison

10. March 28, WISC 3 Madison – (Wisconsin) Chemical spill shuts down I-90 most of Friday. An accident involving a semi-truck carrying 15 chemicals in 55-gallon drums that rear-ended another semi-truck parked on the shoulder of Interstate 39-90 in Janesville, Wisconsin, prompted the nearly 13 hour closure of westbound lanes March 27 while crews removed and cleaned up 4 damaged and leaking barrels found along the roadway. Over a dozen people were evacuated from nearby homes for 10 hours as a precaution. Source: http://www.channel3000.com/news/chemical-spill-shuts-down-interstate-in-janesville/32043946

 · The FBI is conducting an investigation after a U.S. National Security Agency police officer killed one man and seriously injured another while they were attempting to drive into the main gate of the agency’s headquarters at Fort Meade, Maryland, March 30. – CNN

19. March 30, CNN – (Maryland) One shot dead at Fort Meade after trying to ram NSA gate. The FBI is conducting an investigation after a U.S. National Security Agency police officer shot and killed one man and seriously injured another while they were attempting to drive into the main gate of the agency’s headquarters at Fort Meade, Maryland, March 30. Source: http://www.cnn.com/2015/03/30/us/fort-meade-nsa-incident/index.html

Financial Services Sector

5. March 30, U.S. Securities and Exchange Commission – (National) SEC announces fraud charges against investment adviser accused of concealing poor performance of fund assets from investors. The U.S. Securities and Exchange Commission charged an investment adviser and her New York-based Patriarch Partners firms with fraud March 30, for allegedly hiding the poor performance of loan assets in 3 collateralized loan obligation funds and collecting almost $200 million in illegitimate fees from investors. Source: http://www.sec.gov/news/pressrelease/2015-52.html

Information Technology Sector

22. March 30, Help Net Security – (International) Massive DDoS against GitHub continues. Systems engineers at GitHub reported that complex, large-scale distributed denial-of-service (DDoS) attacks against the company’s servers that started March 26 are ongoing but that all of the Web site’s services are available to users. Security researchers from Insight Labs traced the start of the attack to advertising and visitor tracking provided by the Chinese search engine Baidu. Source: http://www.net-security.org/secworld.php?id=18148

Communications Sector

23. March 29, WKYT 27 Lexington – (Kentucky) Timer Warner Cable reports outages for hundreds of Lexington customers. Time Warner Cable reported March 29 that an outage prompted by damage to their fiber network impacted service for less than 700 customers in Lexington. Crews worked to repair the damages and restore services. Source: http://www.wkyt.com/news/headlines/Time-Warner-Cable-reports-outages-for-hundreds-of-Lexington-customers-297929961.html