Monday, November 24, 2014



Complete DHS Report for November 24, 2014

Daily Report

Top Stories

 • An oil platform explosion at Fieldwood Energy’s Echo Platform, West Delta 105, off the coast of Louisiana left 1 person dead and 3 others injured November 20. – WWL 4 New Orleans

1. November 21, WWL 4 New Orleans – (International) 1 dead, 3 hurt in oil platform explosion off La. coast. An oil platform explosion at Fieldwood Energy’s Echo Platform, West Delta 105, off the coast of Louisiana left 1 person dead and 3 others injured November 20. Authorities contained the explosion and continue to investigate the incident. Source: http://www.usatoday.com/story/news/nation/2014/11/20/1-dead-3-hurt-in-oil-platform-explosion-off-la-coast/70039166/

 • The California Public Utilities Commission imposed a $1.05 million fine to Pacific Gas and Electric Company following the exchange of inappropriate email communications between the utility and State regulators regarding alleged negotiations of appointing a judge to a hearing on utility rates in the San Bruno pipeline explosion case. – KPIX 5 San Francisco

3. November 20, KPIX 5 San Francisco – (California) PG&E fined $1.05 million over backroom negotiations; utility to appeal decision. Pacific Gas and Electric Company was issued a $1.05 million fine by the California Public Utilities Commission following the exchange of inappropriate email communications between the utility and State regulators regarding alleged negotiations of appointing a judge to a hearing on utility rates in the San Bruno pipeline explosion case. Source: http://sanfrancisco.cbslocal.com/2014/11/20/pge-fined-more-than-1-million-over-backroom-negotiations/

 • All schools in the cities of Buffalo and Lackawanna, including suburban districts in 7 other towns as well as 7 additional colleges and universities remain closed November 20 for the third consecutive day after a winter storm dumped over 5 feet of snow in western New York. – Associated Press

17. November 20, Associated Press – (New York) Some Buffalo-area schools closed for 3 days in row. All Buffalo and Lackawanna-area schools as well as schools in 7 other towns, and 7 additional colleges and universities were closed November 20 for the third consecutive day after a winter storm dumped over 5 feet of snow in western New York. Source: http://newsok.com/some-buffalo-area-schools-closed-for-3-days-in-row/article/feed/762393

 • Structural damage of rooftops due to the accumulation of heavy snow prompted an evacuation of more than 50 residents from mobile home parks in Cheektowaga and West Seneca, New York, and 180 from a Cheektowaga assisted living facility November 20. – Associated Press

32. November 20, Associated Press – (New York) Roofs collapse as Buffalo clobbered by more snow. More than 50 residents were evacuated from mobile home parks in Cheektowaga and West Seneca and about 180 residents were evacuated from a Cheektowaga assisted living facility November 20 due to heavy snows that caused the structures’ roofs to buckle. The Buffalo Bills rescheduled and relocated its November 24 football game and schools in the Buffalo area canceled classes November 20 while driving bans were in effect and a portion of the New York State Thruway remained closed. Source: http://abcnews.go.com/US/wireStory/round-buffalo-braces-wintry-wallop-27044077

Financial Services Sector

5. November 21, Associated Press – (New Jersey) Man admits $20 million Ponzi scheme in New Jersey. A Colts Neck man pleaded guilty November 20 to running a $20 million Ponzi scheme involving 36 investors that caused investor losses of around $12.7 million. Source: http://www.msn.com/en-us/news/crime/man-admits-dollar20-million-ponzi-scheme-in-new-jersey/ar-BBeVA1y

6. November 20, U.S. Attorney’s Office, Southern District of New York – (International) Former corporate executives charged with securities fraud and tax offenses for wide-ranging commercial bribery scheme. Federal authorities charged two Coral Gables, Florida men who worked as senior executives at Systemax Inc., and its subsidiary computer and electronics vendor TigerDirect for allegedly engaging in a kickback scheme with an Asia-based group of suppliers that netted the men over $9 million in kickbacks and benefits. The men were also charged for allegedly concealing the illicit income from the Internal Revenue Service. Source: http://www.fbi.gov/newyork/press-releases/2014/former-corporate-executives-charged-with-securities-fraud-and-tax-offenses-for-wide-ranging-commercial-bribery-scheme

7. November 19, Consumer Financial Protection Bureau – (National) CFPB takes first action against ‘buy-here, pay-here’ auto dealer. The Consumer Financial Protection Bureau issued a consent order November 19 against Arizona-based used car dealer network DriveTime Automotive Group Inc., and its finance company DT Acceptance Corporation seeking $8 million in penalties and the reform of several practices for allegedly providing inaccurate credit information to credit reporting agencies, engaging in excessive or prohibited calls, and other actions that constituted harassment of customers. Source: http://www.consumerfinance.gov/newsroom/cfpb-takes-first-action-against-buy-here-pay-here-auto-dealer/

For another story, see item 25 below in the Information Technology Sector

Information Technology Sector

20. November 21, Securityweek – (International) Siemens fixes critical vulnerabilities in WinCC SCADA products. Siemens issued patches for two vulnerabilities in its SIMATIC WinCC supervisory control and data acquisition (SCADA) systems, one of which could be remotely exploited by an unauthorized attacker. The SIMATIC WinCC system is used to monitor and control industrial and infrastructure systems in chemical, food and beverage, oil and gas, and water and wastewater applications. Source: http://www.securityweek.com/siemens-fixes-critical-vulnerabilities-wincc-scada-products

21. November 21, Softpedia – (International) Persistent XSS flaw fixed in WP Statistics plug-in for WordPress. The developers of the WP Statistics plug-in for WordPress released version 8.3.1 in order to close a stored cross-site scripting (XSS) vulnerability that could allow attackers to execute commands in the administration panel. Source: http://news.softpedia.com/news/Persistent-XSS-Flaw-Fixed-in-WP-Statistics-Plug-In-for-WordPress-465587.shtml

22. November 21, The Register – (International) DoubleDirect hackers snaffle fandroid and iPhone-strokers’ secrets. Researchers with Zimperium identified a man-in-the-middle (MitM) attack technique targeting Android and iOS devices dubbed DoubleDirect that can be used by attackers to intercept devices’ traffic to steal credentials or deliver malicious payloads that can go on to infect a larger network. The researchers have observed the attack being used in the wild and provided a proof of concept for the attack method. Source: http://www.theregister.co.uk/2014/11/21/hackers_snaffling_smartphone_secrets_with_redirection_attack/

23. November 21, Securityweek – (International) WordPress 4.0.1 released to address critical XSS, other vulnerabilities. The developers of WordPress released version 4.0.1 of the content management system, closing a cross-site scripting (XSS) vulnerability and eight other security issues. Source: http://www.securityweek.com/wordpress-401-released-address-critical-xss-other-vulnerabilities

24. November 20, Securityweek – (International) Multiple vulnerabilities found in Hikvision DVR devices. Researchers with Rapid7 identified and reported three remotely exploitable vulnerabilities in Hikvision DVR devices that could be used by unauthenticated attackers to execute arbitrary code. Source: http://www.securityweek.com/multiple-vulnerabilities-found-hikvision-dvr-devices

25. November 20, Securityweek – (International) DDoS attacks over 10 Gbps jump in Q3: Verisign. Verisign released their report on distributed denial of service (DDoS) attacks for the third quarter (Q3) of 2014 and found that attacks exceeding 10 Gpbs grew by 38 percent compared to the second quarter (Q2), representing over 20 percent of all DDoS attacks in Q3, among other findings. Source: http://www.securityweek.com/ddos-attacks-over-10-gbps-jump-q3-verisign

26. November 20, IDG News Service – (International) Governments act against webcam-snooping websites. Authorities in the U.S. and U.K. warned users of Internet-connected webcams and other video devices to secure their devices by adding passwords and changing default passwords after Web sites broadcasting unsecured video feeds were identified online. One of the major unsecured feed sites went offline November 20 while at least one other was still available. Source: http://www.networkworld.com/article/2850833/governments-act-against-webcamsnooping-websites.html
For another story, see item 6 above in the Financial Services Sector

Communications Sector

Nothing to report

Friday, November 21, 2014



Complete DHS Report for November 21, 2014

Daily Report

Top Stories
 
 • Nearly 100,000 gallons of water was allegedly released by vandals following several reports of open fire hydrants in Dickinson, North Dakota, November 16. – Dickinson Press
23. November 18, Dickinson Press – (North Dakota) Dickinson Police investigating fire hydrant vandalism that released 100,000 gallons of water. Nearly 100,000 gallons of water was allegedly released following several reports of open fire hydrants in Dickinson, North Dakota, November 16. Authorities are searching for the suspects involved and are investigating leads. Source: http://www.thedickinsonpress.com/content/dickinson-police-investigating-fire-hydrant-vandalism-released-100000-gallons-water

 • Police shot and killed a gunman on Florida State University campus after he opened fire at the university’s Strozier Library November 20 injuring three students. – WCTV 6 Thomasville
24. November 20, WCTV 6 Thomasville – (Florida) Three students shot at FSU library, gunman killed by police. Police killed a gunman who shot at officers after opening fire at the Strozier Library at Florida State University in Tallahassee November 20 injuring three students. Authorities cleared the scene after several hours and continue to investigate the incident. Source: http://www.wctv.tv/home/headlines/Dangerous-Situation-Reported-at-FSU-283300801.html

 • An accident involving two George County school buses November 19 sent 21 students to area hospitals for minor injuries when the two busses collided on Mississippi Highway 26 in Lucedale, Mississippi. – WALA 10 Mobile
26. November 19, WALA 10 Mobile – (Mississippi) 21 students sent to hospital in school bus accident. An accident involving a George County school bus that was rear-ended by another county bus along Mississippi Highway 26 in Lucedale November 19 caused 21 students to be transported to area hospitals due to injuries. Source: http://fox10tv.com/2014/11/19/21-students-sent-to-hospital-in-school-bus-accident/

 • Heavy snow caused a roof to collapse at a christmascentral.com warehouse in Cheektowaga, New York, November 19 that also resulted in a natural gas leak, prompting the evacuation of the neighboring Garden Gate Health Care Facility. – Buffalo News (See item 41)
41. November 19, Buffalo News – (New York) Cheektowaga warehouse roof collapse forces evacuation of nearby nursing facility. Heavy snow caused a roof collapse at a christmascentral.com warehouse in Cheektowaga November 19 resulting in millions of dollars in damage to the structure and its contents. The collapse also caused a natural gas leak that prompted the evacuation of Garden Gate Health Care Facility. Source: http://www.buffalonews.com/city-region/cheektowaga-warehouse-roof-collapse-forces-evacuation-of-nearby-nursing-facility-20141119

Financial Services Sector

9. November 19, WXII 12 Winston-Salem – (North Carolina) ‘Striped hoodie bandit’ still wanted after High Point, Asheboro bank robberies. The FBI asked for the public’s help in providing information on a suspect known as the “Striped Hoodie Bandit” responsible for three bank robberies in North Carolina, with the most recent occurring November 18 at a Sun Trust Bank branch in Huntersville. Source: http://www.wxii12.com/news/striped-hoodie-bandit-still-wanted-after-high-point-asheboro-bank-robberies/29825564

For another story, see item 39 below in the Information Technology Sector

Information Technology Sector

32. November 20, Threatpost – (International) Attackers using compromised Web plug-ins in CryptoPHP blackhat SEO campaign. Researchers with Fox-IT identified a group of attackers using compromised WordPress themes and plugins to deliver a piece of malware dubbed CryptoPHP that engages in fraudulent search engine optimization (SEO) operations. The malware can also inject content into sites using the compromised plugins and themes, update itself, and perform other tasks. Source: http://threatpost.com/attackers-using-compromised-web-plug-ins-in-cryptophp-blackhat-seo-campaign/109505

33. November 20, Securityweek – (International) Developers fix XSS vulnerability in jQuery Validation Plugin script. The developers of the jQuery Validation Plugin issued a fix for a vulnerability present in the plugin’s demo code that could have allowed an attacker to engage in session hijacking using a reflected cross-site scripting (XSS) attack. The code appeared to be first reported in 2007. Source: http://www.securityweek.com/developers-fix-xss-vulnerability-jquery-validation-plugin-script

34. November 20, Threatpost – (International) Angler exploit kit adds new Flash exploit for CVE-2014-8440. A security researcher reported that the Angler exploit kit has been equipped with an exploit for the CVE-2014-8440 vulnerability in Adobe Flash that can be used to take control of target systems. The vulnerability was patched by Adobe November 11 but unpatched systems remain vulnerable. Source: http://threatpost.com/angler-exploit-kit-adds-new-flash-exploit-for-cve-2014-8440/109498

35. November 20, Threatpost – (International) Drupal patches denial of service vulnerability; details disclosed. Researchers who identified a denial of service (DoS) vulnerability in the Drupal content management system published details of the vulnerability that could also expose user names following the release of a patch by Drupal November 19 to close the vulnerability. Source: http://threatpost.com/drupal-patches-denial-of-service-vulnerability-details-disclosed/109502

36. November 19, Securityweek – (International) Chrome 39 includes 42 security fixes, disables fallback to SSL 3.0. Google released version 39 of its Chrome browser, closing 42 security issues, 11 of which were rated as high-severity, adding features, and disabling fallback to SSL 3.0 which could be exploited in POODLE attacks. Source: http://www.securityweek.com/chrome-39-includes-42-security-fixes-disables-fallback-ssl-30

37. November 19, Network World – (International) FTC gets federal court to shut down $120M tech support scam. The Federal Trade Commission (FTC) announced November 19 that a federal court granted its request to temporarily shut down two telemarketing operations that allegedly defrauded consumers out of more than $120 million by convincing them to grant the marketers remote access and deceiving them into paying for services and products to solve nonexistent computer problems. The companies involved include PC Cleaner, Boost Software, and Inbound Call Experts, and the defendants are the targets of separate cases filed by the FTC and the State of Florida. Source: http://www.networkworld.com/article/2849636/security0/ftc-gets-federal-court-to-shut-down-120m-tech-support-scam.html

38. November 19, Softpedia – (International) Privilege escalation risk fixed in Android Lollipop, lower versions vulnerable. A researcher who identified and reported a flaw in the Android operating system that could allow an attacker to execute arbitrary code released a proof-of-concept for the vulnerability following the November 3 release of a patch that closes the vulnerability in Android Lollipop (also known as Android 5.0). The vulnerability is still present on previous Android versions. Source: http://news.softpedia.com/news/Privilege-Escalation-Risk-Fixed-in-Android-Lollipop-Lower-Versions-Vulnerable-465407.shtml

39. November 19, Threatpost – (International) Citadel variant targets password managers. Researchers with IBM Trusteer notified the makers of the nexus Personal Security Client, KeePass, and Password Safe password managers that a new variant of the Citadel malware is targeting the three services in an attempt to steal users’ logins and passwords. Source: http://threatpost.com/citadel-variant-targets-password-managers/109493

Communications Sector

40. November 19, WINK 11 Fort Myers – (Florida) Police search for cell phone tower copper thieves Officials are searching for the suspects responsible for stealing more than $100,000 worth of copper from Lee County cell phone towers over the course of three months dating back to August. Source: http://www.winknews.com/Local-Florida/2014-11-19/Police-search-for-cell-phone-tower-copper-thieves