Friday, January 31, 2014




Complete DHS Report for January 31, 2014

Daily Report

 • Schools, government offices, and most roads in six outlying counties north of Mobile, Alabama, remained closed January 30 after a severe winter storm left people stranded on highways or involved in automobile accidents. – Mobile Press-Register

24. January 29, Mobile Press-Register – (Alabama) Schools, roads and some offices to remain closed until Thursday in Clarke, Conecuh, Covington, Escambia, Monroe and Washington counties. Emergency management officials reported that schools, government offices, and most roads in six outlying counties north of Mobile would remain closed January 30 after a severe winter storm left people stranded on highways or involved in automobile accidents. Source: http://blog.al.com/live/2014/01/schools_roads_and_some_offices.html

 • A 4-alarm fire broke out January 30 at a strip mall in Elizabeth, New Jersey, destroying eight stores and prompting officials to order the evacuation and demolition of surrounding stores and a church. – WNBC 4 New York City

33. January 30, WNBC 4 New York City – (New Jersey) 8 New Jersey stores, church to be demolished after 4-alarm blaze. A 4-alarm fire broke out January 30 at a strip mall in Elizabeth, New Jersey, destroying eight stores and prompting officials to order the evacuation and demolition of surrounding stores and a church. Authorities are investigating the cause of the fire. Source: http://www.nbcnewyork.com/news/local/Elizabeth-New-Jersey-4-Alarm-Fire-Stores-242732211.html

 • A fire destroyed the Geraghty Street Building in Fairbanks, Alaska, which contained apartment units, a second-hand furniture store, and offices January 29, and left several people injured while  displacing more than 50 residents. – Fairbanks Daily News-Miner

34. January 30, Fairbanks Daily News-Miner – (Alaska) Geraghty Street apartment fire leaves 50 homeless. A fire destroyed the Geraghty Street Building in Fairbanks which contained apartment units, a second-hand furniture store, and offices January 29, and left several people injured while displacing more than 50 residents. Officials are investigating the incident. Source: http://www.newsminer.com/news/local_news/fire-destroys-geraghty-street-apartment-building-several-people-injured/article_e5dc0c02-8916-11e3-8722-0017a43b2370.html

 • One person was injured and 40 residents were displaced in a January 29 fire at the Turner Plaza Apartments in Baton Rouge, Louisiana, which caused an estimated $1.25 million in damage at the  complex. – New Orleans Times-Picayune

37. January 29, New Orleans Times-Picayune – (Louisiana) Turner Plaza apartment fire began in area of heater, caused $1.25 million in damage. The Baton Rouge Fire Department responded to a fire at the Turner Plaza Apartments January 29, which caused an estimated $1.25 million in damage at the complex. One person was injured and 40 residents were displaced. Source: http://www.nola.com/traffic/baton-rouge/index.ssf/2014/01/turner_plaza_apartment_fire_be.html

Details

Financial Services Sector

3. January 30, KGW 8 Portland – (Oregon) 3 arrested in Beaverton for ID theft ring. Three individuals were arrested in Beaverton January 26 after their car was stopped on suspicion of shoplifting and were found in possession of 100 counterfeit credit cards as well as thousands of dollars’ worth of gift cards and stolen property. Source: http://www.kgw.com/news/3-arrested-in-Beaverton-for-ID-theft-ring-242625221.html

4. January 29, Newark Star-Ledger – (New Jersey) U.S. regulator accuses NJ mortgage lender PHH of kickback scheme. The Consumer Financial Protection Bureau announced charges January 29 against Mount Laurel-based mortgage lender PHH Corp., and several of its subsidiaries for allegedly collecting hundreds of millions of dollars through a 15-year kickback scheme by referring business to mortgage insurance companies in exchange for payments, causing customers to pay higher borrowing costs. Source: http://www.nj.com/business/index.ssf/2014/01/cfpb_accuses_nj_mortgage_lender_phh_of_mortgage_insurance_kickback_scheme.html

5. January 29, U.S. Attorney’s Office, Northern District of Illinois – (Illinois) U.S. indicts corporate audit director on securities fraud charges for allegedly profiting $286,000 from insider trading. A certified public accountant in Chicago was indicted on federal fraud charges for allegedly engaging in insider trading and making over $286,000 in illicit profits in 2012. The accountant was the director of corporate audit for Allscripts Healthcare Solutions Inc., and used nonpublic information he obtained in that position. Source: http://www.fbi.gov/chicago/press-releases/2014/u.s.-indicts-corporate-audit-director-on-securities-fraud-charges-for-allegedly-profiting-286-000-from-insider-trading

6. January 29, Reuters – (National) Target: Hackers attacked with stolen credentials. Target Corp., reported January 29 that the attackers who perpetrated a massive breach of customer payment card data used stolen vendor credentials to access the company’s systems. Source: http://news.msn.com/us/target-hackers-attacked-with-stolen-credentials

7. January 29, SC Magazine – (National) Neiman Marcus hack involved two pieces of malware. Neiman Marcus reported that two pieces of malware were used to compromise its systems in a recent data breach, with the first inserted before July 2013 which allowed the payment card scraping malware to be uploaded later in the year. Source: http://www.scmagazine.com//neiman-marcus-hack-involved-two-pieces-of-malware/article/331669/

Information Technology Sector

27. January 30, Softpedia – (International) Remote code execution vulnerability impacts Wikipedia and other MediaWiki sites. Researchers at Check Point identified a critical vulnerability affecting Web sites created with the MediaWiki platform that could be exploited for remote code execution. The MediaWiki Foundation issued a patch to close the vulnerability and advised users to update their installations. Source: http://news.softpedia.com/news/Remote-Code-Execution-Vulnerability-Impacts-Wikipedia-and-Other-MediaWiki-Sites-422079.shtml

28. January 30, The Register – (International) Security 101 fail: 3G/4G modems expose control panels to hackers. A researcher found that several 3G and 4G USB modems are vulnerable to cross-site request forgery (CSRF) attacks that could allow attackers to access the modem’s control panel Web page and tamper with the device. The vulnerabilities could be exploited to send messages to premium-rate numbers and steal user credentials. Source: http://www.theregister.co.uk/2014/01/30/3gmodem_security_peril/

29. January 30, Softpedia – (International) Barracuda Networks identifies rogue SignNow version in App Store. Barracuda Labs researchers identified a rogue version of their SignNow app in Apple’s App Store, and found that developers listed as GameStruct and Tektrify are uploading rogue versions of other apps as well. Source: http://news.softpedia.com/news/Barracuda-Networks-Identifies-Rogue-SignNow-Version-in-the-App-Store-422306.shtml

30. January 29, SC Magazine – (International) Before shutdown, ransomware op spreading “Icepol” caused 42,000 U.S. infections. Bitdefender and Romanian authorities analyzed servers seized in relation to the Icepol ransomware and found that the ransomware was installed around 42,400 times in the U.S. between May and September 2013. An estimated $32,000 was stolen from U.S. victims. Source: http://www.scmagazine.com//before-shutdown-ransomware-op-spreading-icepol-caused-42000-us-infections/article/331677/

31. January 29, Threatpost – (International) High-volume DDoS attacks top operational threat to businesses, service providers. Arbor Networks released its Worldwide Infrastructure Security Report and found that distributed denial of service (DDoS) attacks were the largest operational threat to service providers and enterprises, reaching unprecedented levels in 2013, among other findings. Source: http://threatpost.com/high-volume-ddos-attacks-top-operational-threat-to-businesses-service-providers/103933

For additional stories, see items 6 and 7 above in the Financial Services Sector

Communications Sector

32. January 28, Baltimore-Sun – (Maryland) Some Harford AT&T landline customers faced blackout Tuesday. Some businesses utilizing AT&T communications in the Bel Air area experienced problems with their landlines for several hours January 28 due to a third-party cable cut. Source: http://www.baltimoresun.com/news/maryland/harford/belair/ph-ag-att-outage-0129-20140128,0,1503659.story