Complete DHS Daily Report for October 24, 2013
Daily Report
Top Stories
• Nissan announced a recall of 153,000 Nissan
and Infiniti vehicles due to issues with their antilock braking system
software. – Detroit News
5.
October 23, Detroit News – (National) Nissan
to recall 153,000 vehicles for braking issue. Nissan announced a recall of
153,000 model year 2013-2014 Pathfinder, model year 2013 Infiniti JX35, and
model year Infiniti QX60 vehicles due to an issue with antilock braking system
software that may lead to increased stopping distances. Source: http://www.detroitnews.com/article/20131023/AUTO0104/310230059/1361/Nissan-to-recall-153-000-vehicles-for-braking-issue
• Owners of Jensen Farms cantaloupes farm in
Colorado pleaded guilty to federal misdemeanor charges tied to a 2011 listeria
outbreak that killed 33 people. – Associated Press
13.
October 22, Associated Press –
(Colorado) Colo. farmers plead guilty in tainted melon case. Two owners
of Jensen Farms in Colorado, whose cantaloupes were tied to a 2011 listeria
outbreak that killed 33 people, pleaded guilty to 6 counts of introducing adulterated
food into interstate commerce October 22. Source: http://santamariatimes.com/news/local/colo-farmers-plead-guilty-in-tainted-melon-case/article_7620fbd2-3ba7-11e3-9929-0019bb2963f4.html
• A 14-year old student was charged in the
death of a teacher at a high school in Danvers, Massachusetts, after the
teacher’s body was found in the woods behind the school. – Associated Press
21.
October 23, Associated Press –
(Massachusetts) Mass. teacher slain; 14-year-old student charged. Police
charged a teenage student in connection with the death of a Danvers High School
teacher and closed the school October 23 after the teacher’s body was found in
the woods behind the school. Source: http://www.boston.com/news/local/massachusetts/2013/10/23/danvers-schools-closed-during-homicide-probe/4Ktdgv02XD2JzgEaVybBTO/story.html?rss_id=Top+Stories
• U.S. Air Force officers in charge of
guarding long-range nuclear missiles were caught violating protocols in two
incidents in 2013. – Associated Press
26.
October 22, Associated Press –
(Wyoming; North Dakota; Montana) Nuclear officers napped with blast door
left open. U.S. Air Force officials announced officers in charge of
guarding launch keys to long-range nuclear missiles were caught twice in 2013
leaving open a blast door used to help prevent intruders from entering their
underground command post. In both cases one of the crew members inside was
asleep, violating protocol of never leaving the blast doors open if crew
members are not awake and alert. Source: http://abcnews.go.com/Politics/wireStory/ap-exclusive-nuke-officers-left-blast-door-open-20648966?singlePage=true
Details
Banking and Finance Sector
8. October
22, Fort Worth Star-Telegram – (Texas) ‘Regular Joe Bandit’
suspected in north Texas bank holdups. A suspect known as the “Regular Joe
Bandit” was identified as the man believed responsible for robbing six bank
branches and a credit union in north Texas. The suspect was arrested September
26 following the robbery of a bank branch in Allen, Texas. Source: http://www.star-telegram.com/2013/10/22/5267772/regular-joe-bandit-suspected-in.html
9. October
22, Softpedia – (National) U.S. financial institutions complete Quantum Dawn
2 cybersecurity exercise. The Securities Industry and Financial Markets
Association (SIFMA) published the results of its Quantum Dawn 2 cybersecurity
exercise. The exercise involved over 50 financial organizations, tested
participants against several simulated cyberattacks, and led to a report on the
observed strengths and weaknesses of financial services cybersecurity. Source: http://news.softpedia.com/news/US-Financial-Institutions-Complete-Quantum-Dawn-2-Cybersecurity-Exercise-393236.shtml
Information Technology Sector
32. October
23, Softpedia – (International) Experts warn of critical flaws in Netgear
ReadyNAS storage devices. Researchers at Tripwire identified several
critical vulnerabilities in Netgear ReadyNAS RAIDiator firmware that could
allow attackers to inject their own commands without authentication. Newer
versions of the firmware address the vulnerabilities, but the researchers found
that 73 percent of the appliances connected to the Internet were not patched.
Source: http://news.softpedia.com/news/Experts-Warn-of-Critical-Flaws-in-Netgear-ReadyNAS-Storage-Devices-393679.shtml
33. October
23, Softpedia – (International) Network Solutions apologizes to customers
after DNS incident. Network Solutions informed users experiencing DNS and
email issues October 21 that the problems were caused by spam abuse that
resulted in blacklisting by four organizations. Source: http://news.softpedia.com/news/Network-Solutions-Apologizes-to-Customers-After-DNS-Incident-393738.shtml
34. October
23, Softpedia – (International) Apache Shindig 2.5.0 updated to address XXE
vulnerability. The Apache Software Foundation released Apache Shindig
2.5.0-update 1 which closes an XML external entity (XXE) vulnerability that
could allow a malicious gadget author to perform actions that would display the
content in a gadget iframe. Source: http://news.softpedia.com/news/Apache-Shindig-2-5-0-Updated-to-Address-XXE-Vulnerability-393575.shtml
35. October
22, SC Magazine – (International) U.S. enterprises in path of data-hijacking
Sazoora campaign, firm finds. A researcher at Seculert reported that more
than 1,800 machines in the U.S. were infected by the latest version of the
Sazoora data-hijacking trojan, Sazoora.B. The malware has affected around
23,000 machines globally and the newest variant contains new features to help
it avoid detection and botnet hijacking. Source: http://www.scmagazine.com/us-enterprises-in-path-of-data-hijacking-sazoora-campaign-firm-finds/article/317417/
36. October
22, CNET News – (National) Aaron’s computer rental chain settles FTC spying
charges. Rent-to-own computer chain Aaron’s agreed to settle Federal Trade
Commission charges that the company installed spyware on customers’ computers
that took photos and used keyloggers to steal login credentials. Under the
agreement, the company is prohibited from using monitoring programs and must
obtain customer consent to use location-tracking software on its rental
computers. Source: http://news.cnet.com/8301-1009_3-57608838-83/aarons-computer-rental-chain-settles-ftc-spying-charges/
37. October
22, Network World – (International) Apple quietly releases iOS 7.0.3, with new
fixes and features. Apple released an update for its iOS 7 mobile operating
system which closes a security issue where a ‘supervised’ device could revert
to ‘unsupervised’ status during an update, as well resolving several other
functional issues. Source: http://www.networkworld.com/news/2013/102313-apple-quietly-release-ios-703-275129.html
38. October
21, Threatpost – (International) Simple bug exposed Verizon Wireless users’
SMS history. A researcher found and reported a vulnerability in Verizon
Wireless’s customer portal that enabled anyone to use a subscriber’s phone
number to download that user’s SMS history by modifying the portal URL. Source:
http://threatpost.com/simple-bug-exposed-verizon-wireless-users-sms-history
Communications Sector
39. October
22, Bemidji Pioneer – (Minnesota) Service back on for CenturyLink customers after
cut line. CenturyLink estimated repairs would be completed by October 23
after a local power company accidentally cut its fiber line October 22 causing
phone, Internet, and 9-1-1 service outages in Beltrami County. Source: http://www.bemidjipioneer.com/content/update-service-back-centurylink-customers-after-cut-line
40. October
22, Boston Globe – (Massachusetts) Verizon cable accidentally cut, interrupting
Internet service for some Boston businesses. Verizon announced a fiber
optic cable cut by a worker only impacted the Internet service for a couple
hundred businesses in Boston and is expected to be restored October 22. Source:
http://www.bostonglobe.com/metro/2013/10/22/verizon-cable-accidentally-cut-interrupting-internet-service-for-some-boston-businesses/2BVxfZkjapupwMnUDmxkvM/story.html
41. October
22, Chaffee County Times – (Colorado) Verizon Wireless problems to
be fixed Tuesday. Equipment damage at a Verizon Wireless cell site October
18 was believed to be the cause of some Buena Vista, Colorado customers having
difficulty placing calls or sending text messages. Problems continued to
persist through October 22 after the company worked to fix the issue. Source: http://www.chaffeecountytimes.com/free_content/article_78ccf7d0-3b4f-11e3-8b33-0019bb30f31a.html
42. October
22, Anniston Star – (Alabama) Cable One’s morning Internet outage caused by
router upgrade at Phoenix headquarters. A Cable One spokeswoman reported an
Internet and phone outage for 2,000 Calhoun County area customers October 22
was caused by a glitch during a routine router upgrade. Source: http://www.thepiedmontjournal.com/view/full_story/23899033/article-Cable-One-s-morning-Internet-outage-caused-by-router-upgrade-at-Phoenix-headquarters?instance=news_secondary
For another story, see
item 38 above in the Information Technology Sector