Daily Report
Top Stories
· A
former Liberty Reserve executive pleaded guilty in New York September 23 for
his role in running an unlicensed Web-based company that laundered over $6
billion from more than a million individuals worldwide between 2006 and 2013. –
SecurityWeek See item 7 below in the Financial
Services Sector
· Two
employees were shot and killed by a recently-terminated UPS worker who opened
fire at a facility in Inglenook, Alabama, September 23 prior to taking his own
life. – CNN
12.
September 23, CNN – (Alabama) 3
people dead in Alabama UPS shooting. Two employees were shot and killed by
a recently-terminated UPS worker who opened fire at a facility in Inglenook,
Alabama, September 23 prior to taking his own life. Authorities are
investigating the incident. Source: http://www.cnn.com/2014/09/23/justice/alabama-ups-shooting-deaths/index.html
· Fire
crews reached 35 percent containment September 23 of the 89,574-acre King Fire
burning in El Dorado and Placer counties in California, while 21,000 structures
remained threatened and about 2,800 residents were still under evacuation
orders. – KXTV 10 Sacramento
20.
September 24, KXTV 10 Sacramento –
(California) King Fire containment nearly doubles. Fire crews reached 35
percent containment September 23 of the 89,574-acre King Fire burning in El
Dorado and Placer counties, while 21,000 structures remained threatened and
about 2,800 residents were still under evacuation orders. Source: http://www.news10.net/story/news/local/eldorado-hills/2014/09/23/king-fire-containment-nearly-doubles/16093399
· A
September 24 restaurant fire in Apollo Beach, Florida, prompted the evacuation
of nearby homes, a shelter-in-place order for an elementary school, and a
5-hour closure of U.S. Highway 41. – WTSP 10 St. Petersburg
31.
September 24, WTSP 10 St. Petersburg –
(Florida) U.S. 41 reopens after huge restaurant fire. Officials are
investigating the cause of a September 24 fire that destroyed the Shenaniganz
Grill and Chill restaurant in Apollo Beach and prompted the evacuation of area
homes and a shelter-in-place order for a nearby elementary school. U.S. Highway
41 was closed for over 5 hours while firefighters battled the blaze. Source: http://www.wtsp.com/story/news/local/2014/09/24/fire-crews-battle-fire-at-shennanigaz-grill-and-chill-in-apollo-beach/16141031/
Financial Services Sector
6. September 24, Softpedia – (International) New Tinba banking trojan variant is
stealthier, uses public key signing. Researchers from Trusteer analyzed an
updated variant of the Tiny Banker (also known as Tinba) financial malware and
discovered that the authors added a domain generation algorithm (DGA) and
fitted it with user-mode rootkit capabilities and a verification process to
make sure that messages are sent from an authentic bot master. Source: http://news.softpedia.com/news/New-Tinba-Banking-Trojan-Variant-Is-Stealthier-Uses-Public-Key-Signing-459834.shtml
7. September 23, SecurityWeek – (International) Digital currency tech chief pleads
guilty in fraud. A former Liberty Reserve executive pleaded guilty in a New
York federal court September 23 for his role in running an unlicensed online
banking company that laundered over $6 billion from more than 1 million
individuals from 17 countries, including more than 200,000 people in the U.S,
between 2006 and 2013. The executive was one of seven individuals charged in
what is believed to be the largest money laundering prosecution in history.
Source: http://www.securityweek.com/digital-currency-tech-chief-pleads-guilty-fraud
8. September 23, National Journal – (International) Federal regulators force shutdown of
fake bitcoin-mining operation. A federal court in Missouri ordered
Kansas-based Butterfly Labs to temporarily cease operations after the Federal
Trade Commission alleged that the company marketed its computers as able to
generate the Bitcoin virtual currency, but failed to deliver the equipment,
bilking more than 20,000 customers out of tens of millions of dollars. Source: http://www.nextgov.com/mobile/2014/09/federal-regulators-force-shutdown-fake-bitcoin-mining-operation/94871/
9. September 23, Bloomberg News – (International) Barclays fined twice in one day for
compliance failures. Barclays Plc, agreed September 23 to pay $15 million
in penalties to resolve charges by the U.S. Securities and Exchange Commission
that the company failed to maintain an adequate internal compliance system
related to the firm acquiring Lehman Brothers in 2008 and made trades and
charged commissions without customer approval. Barclays also agreed September
23 to pay regulators in the U.K. about $62 million in fines to settle
allegations that the company failed to protect 16.5 pounds of client assets
between 2007 and 2012. Source: http://www.businessweek.com/news/2014-09-23/barclays-fined-twice-in-one-day-for-compliance-failures
Information Technology Sector
27. September
24, Threatpost – (International) Mozilla to part ways to SHA-1. Mozilla
asked Certificate Authorities and Web sites to upgrade certificates to SHA-256,
SHA-384, or SHA-512 after experts reported that SHA-1 will be practical for
collision attacks by 2018. Mozilla will release warnings to update certificates
on versions of Firefox in early 2015. Source: http://threatpost.com/mozilla-latest-to-part-ways-with-sha-1/108495
28. September
24, Computerworld – (International) Fiberlink wipes one
smartphone or tablet every three minutes. Researchers at Fiberlink examined
130,000 devices managed by MaaS360 and found that one mobile device is wiped
every 3 minutes. The study also determined that in 2013 businesses, on average,
cleared 10 percent to 20 percent of their entire device populations yearly.
Source: http://www.networkworld.com/article/2687065/mdm-mam/fiberlink-wipes-one-smartphone-or-tablet-every-three-minutes.html
29. September
24, Help Net Security – (International) Mitigations for Spike
DDoS toolkit-powered attacks. Akamai Technologies released an advisory
alerting enterprises of the Spike distributed denial of service (DDoS) toolkit
that runs on a Windows system and can launch infrastructure-based and
application-based DDoS payloads including SYN flood, UDP flood, GET flood, and
Domain Name system (DNS) query floods. The toolkit can be mitigated be
implementing access control lists (ACLs). Source: http://www.net-security.org/secworld.php?id=17406
30. September
23, The Register – (International) Apple’s new iPhone 6
vulnerable to last year’s TouchID fingerprint hack. Lookout researchers
found that a vulnerability that could allow access into Apple’s iPhone 6 and 6
Plus models through their TouchID fingerprint sensors remained unpatched.
Scammers can unlock the devices by creating a fake fingerprint, the same flaw
that was found in the iPhone 5S model in 2013. Source: http://www.theregister.co.uk/2014/09/23/iphone_6_still_vulnerable_to_touchid_fingerprint_hack/
Communications Sector
See
item 24 below from the Emergency Services Sector
24.
September 23, Ruidoso News – (New
Mexico) Lincoln, Otero county 911 system rerouted during outage. Crews
worked to repair a damaged CenturyLink fiber optic cable September 23 after the
line broke September 22 causing 9-1-1 service in Otero and Lincoln counties to
go down. Emergency calls were temporarily being rerouted through Pecos Valley,
Roswell. Source: http://www.ruidosonews.com/ruidoso-news/ci_26591670/lincoln-otero-county-911-system-rerouted-during-outage
No comments:
Post a Comment