Complete DHS Report for February 28, 2014
Daily Report
Details
• Thirteen workers of the Waste Isolation
Pilot Plant in New Mexico were notified that preliminary test results came back
positive for exposure to americium-241 after a radiation leak was detected at
the nuclear waste repository. – Las Cruces Sun-News
3.
February 26, Las Cruces Sun-News – (New Mexico) 13 WIPP employees
exposed to radiation. Department of Energy and Nuclear Waste Partnership
officials notified 13 workers of the Waste Isolation Pilot Plant that
preliminary test results came back positive for exposure to americium-241 after
a radiation leak was detected February 14 at the nuclear waste repository.
Source: http://www.lcsun-news.com/las_cruces-news/ci_25232120/breaking-13-wipp-employees-exposed-radiation
• Individual group members began entering
guilty pleas to charges in connection to installing skimming devices and
cameras in New Jersey ATMs in order to retrieve customer account information
and personal identification numbers. – Associated Press See item 7
below in the Financial Services Sector
• Avaya will release a patch for two zero-day
vulnerabilities in its latest one-X 9608 IP telephones that allows bugs to be
exploited remotely and turn the IP phone into a transmitter. – Threatpost See item 30
below in the Information Technology
Sector
• Officials arrested a man suspected of
robbing eight hotels at gunpoint in Oregon and Washington, who is also believed
to be connected to a bank robbery in Oregon. – KPTV 12 Portland
38. February 24, KPTV 12 Portland – (Oregon; Washington) Police:
Serial robber linked to eight cities arrested. A man suspected of robbing
hotels at gunpoint in seven Oregon cities and Woodland, Washington was arrested
February 23 after a crime spree that began in September 2013. Investigators
believe the suspect is also connected to a bank robbery in Lake Oswego, Oregon.
Source: http://www.kptv.com/story/24800881/police-serial-robber-linked-to-eight-cities-arrested
Financial Services Sector
5.
February 27, Associated Press – (Illinois) Georgia man convicted in
investment fraud scheme. A federal jury in Illinois convicted a Georgia man
in an investment fraud scheme after he obtained $5.5 million from others while
offering investors the chance to generate income through overseas financial
transactions. Source: http://onlineathens.com/breaking-news/2014-02-27/georgia-man-convicted-investment-fraud-scheme
6.
February 26, Riverside Press-Enterprise – (California) San Bernardino
County: Seven charged in mortgage loan scam. Seven suspects were arrested
and charged February 26 in a $6.2 million San Bernardino County mortgage fraud
scam that defrauded more than 1,550 homeowners seeking loan modifications from
January 2007 to March 2010. Source: http://blog.pe.com/breaking-news/2014/02/26/san-bernardino-county-seven-charged-in-mortgage-loan-scam/
7.
February 26, Associated Press – (New Jersey) Guilty pleas adding up
for group charged with stealing more than $5 million in ATM 'skimming.’ Individuals
tied to a New Jersey ATM skimming scheme began to enter guilty pleas to charges
after federal authorities said the group of 12 installed devices in ATMs to
retrieve customer account information and installed pinhole cameras in bank
vestibules to record keystrokes in order to gain personal identification
numbers. Source:http://www.dailyjournal.net/view/story/becce09e821c44458a3d378a80aeb0b3/NJ--ATM-Skimming/
For
another story, see item 38 above
in Top Stories
Information Technology Sector
25. February 27, Softpedia – (International) Fake
“payment certificate” notifications used to deliver cross-platform RAT. Symantec
researchers reported a spam campaign designed to distribute the Java remote
access trojan (RAT) dubbed JRAT that is cross-platform, potentially infecting
machines running Windows, OS X, and Linux operating systems. Source: http://news.softpedia.com/news/Fake-Payment-Certificate-Notifications-Used-to-Deliver-Cross-Platform-RAT-429736.shtml
26. February 27, Network World – (International) Security
firm discloses Apple iOS ‘malicious profile’ vulnerability impact on MDM. Apple
will release a patch addressing a vulnerability disclosed by researchers in
Apple iOS devices that can impact mobile-device-management (MDM) systems
running on them by allowing an attacker to create a hard to detect malicious
profile hidden on the device. Source: http://www.networkworld.com/news/2014/022714-rsa-skycure-279094.html
27. February 27, Softpedia – (International) Flaws in
Amazon’s mobile apps could have been exploited to crack passwords. Amazon
patched their server after FireEye researchers reported that a weak password
policy and no limitation or CAPTCHAs for passwords attempts could have been
exploited by attackers to crack the passwords of accounts. Source: http://news.softpedia.com/news/Vulnerabilities-in-Amazon-s-Mobile-Apps-Could-Have-Been-Exploited-to-Crack-Passwords-429664.shtml
28. February 27, Softpedia – (International) Three
alleged hackers arrested in Korea for stealing information from hundreds of
sites. Three individuals from Korea are suspected of hacking into 225 Web
sites and stealing the personal details of 17 million individuals including,
real estate and trading services, Korean medical associations, and online
gambling sites. Source: http://news.softpedia.com/news/Three-Alleged-Hackers-Arrested-in-Korea-for-Stealing-Information-from-Hundreds-of-Sites-429630.shtml
29. February 27, Softpedia – (International) D-Link
fixes persistent SSL certificate vulnerability in DCS IP cameras. Firmware
updates for several D-Link surveillance camera models from the DCS series were
released addressing a SSL certificate vulnerability that could have allowed a
malicious user to potentially gain access to the camera control information.
Source: http://news.softpedia.com/news/D-Link-Fixes-Persistent-SSL-Certificate-Vulnerability-in-DCS-IP-Cameras-429622.shtml
30. February 26, Threatpost – (International) Avaya to
patch zero days that turn IP phone into radio transmitters. Avaya will
release a patch for two zero-day vulnerabilities in its latest one-X 9608 IP
telephones that allow bugs to be exploited remotely, bypassing security
appliances used to scan for malicious outgoing network traffic and allow the IP
phone to turn into a transmitter. Source: http://threatpost.com/avaya-to-patch-zero-days-that-turn-ip-phone-in-radio-transmitters/104506
Communications Sector
31.
February 27, Tampa Bay Business Journal – (Florida) Outage causes
WTSP to go dark. Customers of Comcast and Dish Network could not access
WTSP 10 Tampa Bay for over two hours February 26 due to a power outage affecting
the station’s transmitter. Source: http://www.bizjournals.com/tampabay/blog/morning-edition/2014/02/outage-causes-wtsp-to-go-dark.html
No comments:
Post a Comment