Wednesday, November 20, 2013



Complete DHS Daily Report for November 20, 2013

Daily Report

Top Stories

 • Throughout southeast Michigan, 150,000 people remained without power and over 100 schools remained closed after severe storms. – WWJ-TV 62 Detroit

 4. November 18, WWJ-TV 62 Detroit – (Michigan) 150K still without power, after gusty storms hit Metro Detroit. DTE Energy crews continued work November 18 to restore power to the remaining 150,000 customers that lost service after severe storms November 
17. Over 100 schools throughout southeast Michigan were closed due to the outages. Source: http://detroit.cbslocal.com/2013/11/18/245k-lose-power-when-gusty-storm-hits-metro-detroit/

 • More than 13,000 2013 Tesla Model S vehicles are being investigated by the National Highway Traffic Administration after two incidents with the batteries that led to fires. – Associated Press

6. November 19, Associated Press – (National) Tesla car battery fires probed by U.S. safety agency. The National Highway Traffic Administration opened an investigation into the model year 2013 Tesla Model S after two incidents where metal road debris pierced the vehicles’ batteries and led to thermal reactions and fires. The investigation concerns more than 13,000 vehicles sold in the U.S. Source: http://www.sgvtribune.com/general-news/20131119/tesla-car-battery-fires-probed-by-us-safety-agency

 • A bomb threat at the Port Columbus International Airport in Ohio caused the evacuation of a flight carrying 138 people until a bomb squad and authorizes investigated. – New York Daily News

10. November 18, New York Daily News – (Ohio) Bomb threat at Port Columbus International Airport forces plane evacuation. A bomb threat at the Port Columbus International Airport caused the evacuation of American Airlines Flight 302, carrying 138 people and 5 crew members, for 2 hours November 18 until authorities gave an all clear after finding no suspicious devices. The Columbus bomb squad is investigating Source: http://www.nydailynews.com/news/national/bomb-threat-port-columbus-international-airport-article-1.1520724

 • A carbon monoxide leak at the Montezuma Creek Elementary School in San Juan County, Utah, hospitalized 44 students and adults. – Salt Lake Tribune

22. November 18, Salt Lake Tribune – (Utah) Carbon monoxide leak hospitalizes at least 40 at S. Utah school. Forty-four students and adults from Montezuma Creek Elementary School in San Juan County, Utah, were taken to area hospitals November 18 after a carbon monoxide leak at the school. Officials believe the exhaust system of a propane-fueled water heater was the source of the leak and are continuing to investigate. Source: http://www.sltrib.com/sltrib/news/57146744-78/amp-creek-elementary-montezuma.html.csp

Details

Financial Services Sector

7. November 18, ABC News – (International) 6 more arrested in $45M cyber heist, feds say. Six more suspects were arrested in New York City November 18 as part of an alleged international cybercrime and payment card fraud scheme that stole $45 million. The group allegedly targeted prepaid debit cards issued by two banks in Oman and the United Arab Emirates, and then sent members to various countries to simultaneously withdraw money from the accounts. Source: http://abcnews.go.com/Blotter/arrested-bags-cash-mass-cyber-heist/story?id=20925475

For another story, see item 20 below:

20. November 19, Florence Times Daily – (Alabama) Indicted ex-CEO to return to Shoals. The chairman and CEO of Canadian company National Steel Car Limited, and former CEO of National Alabama, was arrested in Chicago November 11 and will be sent to Tuscumbia where he is accused of running a scheme to defraud the Retirement Systems of Alabama of a $350 million loan by supplying false information about the cost to build a railcar factory. Source: http://www.timesdaily.com/news/local/article_29d201a6-50d1-11e3-b251-10604b9f6eda.html

Information Technology Sector

29. November 19, Softpedia – (International) Cybercriminals use automated attacks to hack GitHub accounts. GitHub confirmed that its authentication service was targeted by an automated brute force attack starting November 17 and continuing through November 19. Users have reported failed login attempts coming from several countries within a short span of time. Source: http://news.softpedia.com/news/Cybercriminals-Use-Automated-Attacks-to-Hack-GitHub-Accounts-401542.shtml

30. November 19, Help Net Security – (International) 1.2% of apps on Google Play are repackaged to deliver ads, collect info. Researchers at BitDefender found that around 1.2 percent of apps in the Google Play app store are repackaged versions of legitimate apps, and that around 2,140 copycat developers were present in the store at the time of the company’s survey. Source: http://www.net-security.org/secworld.php?id=15976

31. November 18, Help Net Security – (International) vBulletin.com hacked, hackers trying to sell info on 0-day used. The developers of vBulletin confirmed that their network was breached, exposing customer IDs and encrypted passwords. A hacker group claimed responsibility in a Facebook post. Source: http://www.net-security.org/secworld.php?id=15968

32. November 18, SC Magazine – (International) Facebook URL redirection vulnerability patched. Facebook patched a URL redirection vulnerability after a researcher published a blog post outlining the issue. Source: http://www.scmagazine.com//facebook-url-redirection-vulnerability-patched/article/321528/

33. November 18, Threatpost – (International) Google completes upgrade of its SSL certificates to 2048-bit RSA. Google announced that it completed its upgrade of all SSL certificates used by the company and its services to 2048-bit RSA or better ahead of schedule in an effort to improve security. Source: http://threatpost.com/google-completes-upgrade-of-its-ssl-certificates-to-2048-bit-rsa/102959

34. November 18, SC Magazine – (International) More than 12k Cryptolocker victims in less than a week. Researchers at BitDefender Labs used sinkholing to count connection attempts to a Cryptolocker command and control server and found more than 12,000 victims were infected in less than a week, among other findings. Source: http://www.scmagazine.com/more-than-12k-cryptolocker-victims-in-less-than-a-week/article/321514/

35. November 18, SC Magazine – (International) Battlefield 4 PC servers experience DDoS attack. The servers of PC game Battlefield 4 experienced a distributed denial of service (DDoS) attack November 16 that left many users unable to play the game. Source: http://www.scmagazine.com/battlefield-4-pc-servers-experience-ddos-attack/article/321506/

Communications Sector

36. November 19, Pittsburgh Tribune-Review – (Pennsylvania) Verizon offers $50K reward in copper thefts. Recent incidents of copper theft from telephone cables in Pittsburgh and certain suburbs have led Verizon to offer up to $50,000 for any information that would lead to the arrest and prosecution of the responsible parties involved. The thefts have cost Verizon hundreds of thousands of dollars in damages. Source: http://triblive.com/neighborhoods/yourmckeesport/yourmckeesportmore/5095242-74/verizon-copper-gierczynski