Tuesday, September 23, 2014



Complete DHS Report for September 23, 2014

Daily Report

Top Stories

 · Two women were killed and several others were injured after a tour bus overturned on Delaware Route 1 in New Castle as it was going through a curve on an off-ramp September 21. – Associated Press

11. September 22, Associated Press – (Delaware) Del. authorities: Bus overturns, 2 dead, injuries. Two women were killed and several others were injured after a bus on a 3-day sightseeing tour from New York to Washington, D.C., overturned on Delaware Route 1 in New Castle as it was going through a curve on an off-ramp September 21. No other vehicles were involved and authorities are investigating the accident. Source: http://news.msn.com/us/del-authorities-bus-overturns-2-dead-injuries

 · One man was killed and 2 others were injured in a shooting September 20 between 2 rival motorcycle gangs that prompted the 15-hour closure of the 15 Freeway near Corona, California, while authorities investigated. – KTLA 5 Los Angeles

12. September 21, KTLA 5 Los Angeles – (California) 1 dead, 2 injured in 15 Freeway shooting reportedly involving motorcycle gangs. One man was killed and 2 others were injured in a shooting September 20 between 2 rival motorcycle gangs that prompted the 15-hour closure of the 15 Freeway near Corona while authorities investigated. Source: http://ktla.com/2014/09/21/1-dead-2-injured-in-shooting-on-15-freeway-near-corona/

 · Approximately 460,000 gallons of sewage leaked into White Oak Creek near Clayton in North Carolina after a private contractor allegedly damaged the municipal sewer line. – Raleigh News & Observer

26. September 18, Raleigh News & Observer – (North Carolina) Broken pipe leaks 460,000 gallons of sewage into creek near Clayton. Approximately 460,000 gallons of sewage leaked into White Oak Creek near Clayton in Johnston County after a private contractor allegedly damaged the municipal sewer line. County officials learned of the spill September 17 and repaired the damaged line while they continue to monitor the water levels. Source: http://www.newsobserver.com/2014/09/18/4161297_broken-pipe-leaks-460000-gallons.html

 · Viator representatives confirmed September 19 that its network was breached and the encrypted personal and financial information of about 1.4 million customers may have been compromised. – Help Net Security

36. September 22, Help Net Security – (International) Payment card info of 880k Viator customers compromised. Viator representatives confirmed September 19 that the company was made aware September 2 that its network was breached and the encrypted personal and financial information of about 1.4 million customers may have been compromised. Customers were advised to update their Viator online account information, including passwords. Source: http://www.net-security.org/secworld.php?id=17391

Financial Services Sector

8. September 20, San Gabriel Valley Tribune – (California) ‘Cold Blooded Bandit’ is responsible for Whittier bank heist, FBI says. The FBI asked for the public’s help in identifying a suspect known as the “Cold Blooded Bandit” after determining that the suspect was responsible for the September 17 robbery of a Whittier Union Bank branch located in a Ralphs grocery store, the third bank robbery linked to the suspect. Source: http://www.whittierdailynews.com/general-news/20140919/cold-blooded-bandit-is-responsible-for-whittier-bank-heist-fbi-says

9. September 19, Reuters – (National) U.S judge awards $40.7 million in SEC case over bitcoin Ponzi scheme. A federal judge ruled September 18 that a Texas man who operated Bitcoin Savings and Trust operated a Ponzi scheme that defrauded investors and ordered the man to pay $40.7 million following U.S. Securities and Exchange Commission charges of investment fraud. The scheme raised investments using the Bitcoin virtual currency between February 2011 and August 2012 on the promise of weekly returns but the funds were instead used for the owner’s personal expenses. Source: http://www.reuters.com/article/2014/09/19/us-sec-bitcoin-fraud-idUSKBN0HE1Z820140919

10. September 19, U.S. Securities and Exchange Commission – (New York) SEC charges Brooklyn man for facilitating insider trading scheme via post-it notes at Grand Central Terminal. The U.S. Securities and Exchange Commission charged a Brooklyn man September 19 for allegedly serving as a middleman to facilitate a $5.6 million insider trading scheme. The man allegedly conveyed information between a law firm managing clerk and a stockbroker in order to trade on nonpublic information for the benefit of the three parties. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370542993471

For another story, see item 36 below from the Commercial Facilities Sector

36. September 22, Help Net Security – (International) Payment card info of 880k Viator customers compromised. Viator representatives confirmed September 19 that the company was made aware September 2 that its network was breached and the encrypted personal and financial information of about 1.4 million customers may have been compromised. Customers were advised to update their Viator online account information, including passwords. Source: http://www.net-security.org/secworld.php?id=17391

Information Technology Sector

32. September 22, Softpedia – (International) Hackers target Destiny and Call of Duty servers with DDoS attack. Several servers for online games Destiny and Call of Duty: Ghost went down during the weekend of September 20 due to a distributed denial of service (DDoS) attack that affected PlayStation and Xbox users. Attackers claiming affiliation with the Lizard Squad group claimed responsibility for the attacks. Source: http://news.softpedia.com/news/Hackers-Target-Destiny-and-Call-of-Duty-Servers-with-DDoS-Attack-459494.shtml

33. September 22, The Register – (International) Exercise-tracking app not QUITE fit for purpose. A researcher identified and reported a direct object reference vulnerability in the MyFitnessPal app that allowed users’ personal information, including location and dates of birth, to be accessed by any user. The vulnerability was closed 2 days after being reported. Source: http://www.theregister.co.uk/2014/09/22/exercise_tracking_app_not_quite_fit_for_purpose/

34. September 22, Securityweek – (International) Yahoo fixes RCE flaw leading to root server access. A researcher identified and reported a series of vulnerabilities in a Yahoo domain which led to a remote code execution vulnerability that was leveraged to gain root access to a Yahoo server. The vulnerability was reported September 5 and closed September 7. Source: http://www.securityweek.com/yahoo-fixes-rce-flaw-leading-root-server-access

Communications Sector

35. September 22, Tulsa World – (Oklahoma) Phone, fax service at Tulsa World disrupted Sunday. Telephone and fax services were restored at the Tulsa World after a 5-hour September 21 due to a fault breaker. Source: http://www.tulsaworld.com/homepagelatest/phone-fax-service-at-tulsa-world-disrupted-sunday/article_2e6c6dce-f901-5e35-b0d1-eada23b5478e.html

Monday, September 22, 2014



Complete DHS Report for September 22, 2014

Daily Report

Top Stories

 · Phoenix Sky Harbor International Airport in Arizona reopened Terminal 4 after authorities locked it down for over 3 hours and grounded its flights September 18 while searching for three suspects connected to a shooting at a nearby gas station. – Associated Press 

9. September 19, Associated Press – (Arizona) Shooting suspect captured at Sky Harbor. Phoenix Sky Harbor International Airport in Arizona reopened Terminal 4 after authorities locked it down for over 3 hours and grounded its flights September 18 in search of three suspects connected to a shooting at a nearby Tempe gasoline station. Police located and arrested all three suspects. Source: http://www.azfamily.com/news/Police-search-for-Tempe-shooting-suspects-at-Sky-Harbor-275669941.html

 · A JetBlue flight that was forced to return to Long Beach Airport in California shortly after takeoff September 18 landed safely and closed the airport’s main runway for approximately 2 hours while the airplane was towed. – Associated Press

10. September 18, Associated Press – (California) Passenger says JetBlue plane filled with smoke. An Austin, Texas-bound JetBlue flight that was forced to return to Long Beach Airport shortly after takeoff September 18 landed safely when the pilot declared an emergency after smoke was seen coming from the engine and filled the cabin, prompting passengers to evacuate onto the runway using the plane’s emergency slides. Four people sought medical attention and the airport’s main runway was closed for approximately 2 hours while the airplane was towed. Source: http://abcnews.go.com/Sports/wireStory/airliner-returns-long-beach-emergency-25599587

 · Police arrested a man September 18 and charged him with arson in connection to starting the 73,184-acre King Fire in El Dorado County, California, that is 10 percent contained and threatens over 12,000 residences. – CNN 

21. September 19, CNN – (California; Oregon) Arson arrest made at 10 wildfires scorch California; state emergency declared. Police arrested a man September 18 and charged him with arson in connection to starting the 73,184-acre King Fire in El Dorado County, California, that is 10 percent contained and threatens over 12,000 residences. Fire crews in California worked to contain 9 other fires that have burned over 125,000 acres and destroyed dozens of structures, including near the Oregon border. Source: http://www.cnn.com/2014/09/18/us/california-fires/

 · Home Depot officials reported September 18 that 56 million payment cards were likely compromised when attackers used custom-built malware to breach the networks of stores in the U.S. and Canada. – Reuters 

33. September 18, Reuters – (International) Home Depot breach bigger than Target at 56 million cards. Home Depot officials reported September 18 that 56 million payment cards were likely compromised when attackers used custom-built malware to breach the networks of stores in the U.S. and Canada between April and September 8 when the breach was detected. Costs associated with the breach are estimated to total $62 million to date. Source: http://www.reuters.com/article/2014/09/18/us-home-depot-dataprotection-idUSKBN0HD2J420140918

Financial Services Sector

6. September 18, Threatpost – (International) Dyre trojan caught in the cookie jar. An analysis by Adallom researchers found that a new variant of the Dyre banking trojan is targeting login credentials for large banks and corporate accounts. The new variant is capable of stealing client certificates and browser cookies, potentially acquiring the same account persistence for attackers as that held by legitimate users. Source: http://threatpost.com/dyre-trojan-caught-in-the-cookie-jar/108373

7. September 18, Southern California City News Service – (California) Four charged with making credit cards with ‘skimmed’ info. Four men from the Los Angeles area were arrested September 18 for allegedly using skimming devices to obtain payment card information, creating fraudulent payment cards, and stealing over $2 million from around 10,000 accounts. Source: http://www.encinitasadvocate.com/news/2014/sep/18/credit-card-skimming-encinitas/

8. September 18, Federal Bureau of Investigation – (California) Penny stock fraud nets millions. The FBI announced the arrest of two Los Angeles men September 18 for allegedly running a penny stock manipulation scheme that used shell companies to create the illusion of demand for stocks in several companies in order to defraud investors of several million dollars. The alleged scheme also used kickbacks paid to brokers in order to make the penny stocks appear to have value. Source: http://www.fbi.gov/cleveland/press-releases/2014/penny-stock-fraud-nets-millions

For another story, see item 33 below from the Commercial Facilities Sector

33. September 18, Reuters – (International) Home Depot breach bigger than Target at 56 million cards. Home Depot officials reported September 18 that 56 million payment cards were likely compromised when attackers used custom-built malware to breach the networks of stores in the U.S. and Canada between April and September 8 when the breach was detected. Costs associated with the breach are estimated to total $62 million to date. Source: http://www.reuters.com/article/2014/09/18/us-home-depot-dataprotection-idUSKBN0HD2J420140918

Information Technology Sector

27. September 19, Securityweek – (International) Apple fixes numerous vulnerabilities with release of Mac OS X 10.9.5. Apple released the latest version of its OS X operating system September 18, which addresses over 40 vulnerabilities that could lead to information disclosure, arbitrary code execution, privilege escalation, and other issues. Apple also released security updates for its OS X Server, Apple TV, Xcode development platform, and Safari Web browser. Source: http://www.securityweek.com/apple-fixes-numerous-vulnerabilities-release-mac-os-x-1095

28. September 18, IDG News Service – (International) Malicious advertisements distributed by DoubleClick, Zedo networks. Researchers at Malwarebytes found that the DoubleClick and Zedo advertisement networks have been delivering malicious ads to several popular Web sites including Last.fm, The Times of Israel, and The Jerusalem Post. The malicious ads redirect users to a page hosting the Nuclear exploit kit which then attempts to drop the Zemot malware used by attackers to download additional malicious components. Source: http://www.networkworld.com/article/2686393/malicious-advertisements-distributed-by-doubleclick-zedo-networks.html

For another story, see item 6 above in the Financial Services Sector

Communications Sector

29. September 19, Natchez Democrat – (Mississippi) Cable ONE fiber optic cable cut. Nearly 4,000 Cable ONE customers in Natchez and Yazoo City lost Internet and other services for nearly 3 hours September 18 when a fiber cable was cut. Source: http://www.natchezdemocrat.com/2014/09/19/cable-one-fiber-optic-cable-cut/

30. September 18, Fluvanna Review – (Virginia) Communication outage could affect 911 calls. Internet, land line, and some cellular phone service was disrupted for CenturyLink customers around the Lake Monticello area in Fluvanna County September 18 due to a cut fiber optic line. Officials warned the public that 9-1-1 calls may also be impacted as well. Source: http://www.fluvannareview.com/index.php?option=com_content&view=article&id=5983:outage