Complete DHS Report for February 14, 2014
Daily Report
• A severe ice and snow storm across the
southeast part of the country caused more than 729,000 customers to lose power,
over 4,100 flight cancellations, dozens of school districts to cancel classes,
and government offices to close February 13. – CNN
1.
February 13, CNN – (National) Ice storm wallops southeast, stranding
drivers, cutting power. A severe ice and snow storm across the southeast
part of the country caused more than 729,000 customers to lose power, over
4,100 flight cancellations, dozens of school districts to cancel classes, and
government offices to close February 13. Source: http://www.cnn.com/2014/02/12/us/winter-weather/index.html?hpt=hp_t1&nbd=5_things
• A major natural gas pipeline explosion in
Adair County, Kentucky, February 13 destroyed homes and cars and left at least
one person injured while prompting an evacuation of nearby areas. – Reuters
2.
February 13, Reuters – (Kentucky) Blast rocks Kentucky natural gas
pipeline amid storm. A major natural gas pipeline explosion in Adair
County, Kentucky, February 13 destroyed homes and cars and left at least one
person injured while prompting an evacuation of nearby areas. NiSource Inc.,
announced it shut down part of its Columbia Gulf Transmission interstate
pipeline as a result of the explosion after operating teams detected a drop in
pressure and found the pipeline ruptured. Source: http://kdal610.com/news/articles/2014/feb/13/one-injured-homes-ablaze-after-kentucky-gas-line-explosion/
• General Motors announced a recall of 619,122
model year 2005-2007 Chevrolet Cobalt and model year 2007 Pontiac G5 vehicles
in the U.S. due to an issue with the ignition linked to 22 crashes and 6
fatalities. – USA Today
7.
February 13, USA Today – (National) 6 killed in GM cars with worn
ignition switches. General Motors announced a recall of 619,122 model year
2005-2007 Chevrolet Cobalt and model year 2007 Pontiac G5 vehicles in the U.S.
due to an issue with the ignition where a heavy keyring or jarring can cause
the ignition to switch off. The company is aware of 22 crashes and 6 fatalities
related to the issue which can cause loss of power and a lack of airbag
deployment. Source: http://www.usatoday.com/story/money/cars/2014/02/13/gm-recall/5448319/
• Police arrested 5 individuals February 6 in
connection with operating a pill mill out of a clinic in California's San
Fernando Valley that sold more than $5 million in medication. – Ventura
County Star (See item 18)
18.
February 12, Ventura County Star – (California) Simi Valley tip leads
to 5 arrests in pill mill case. Police arrested 5 individuals, including a
doctor and 2 nurses, February 6 in connection with operating a pill mill out of
the San Fernando Valley. The 5-month investigation determined the individuals
were operating out of Arleta Medical Clinic and selling prescriptions for pain
pills and anti-anxiety drugs without doctors’ visits, valued at more than $5
million in estimated street value. Source: http://www.vcstar.com/news/2014/feb/12/5-arrested-in-connection-with-operating-pill-out/
• The National Institute of Standards and
Technology February 12 released its Framework for Improving Critical
Infrastructure Security, a document which outlines cybersecurity practices and
standards for critical infrastructure. – Threatpost See item 25
below in the Information Technology
Sector
Details
Financial Services Sector
8. February 12,
Kirkland Reporter – (Washington) "Cyborg Bandit" caught,
wanted for bank robberies in two counties, Kirkland. Police in Seattle
arrested a man February 11 whom they believed to be both the 'Cyborg Bandit'
and the 'Elephant Man Bandit' responsible for a combined 30 bank robberies in
King and Snohomish counties. Source: http://www.kirklandreporter.com/news/245276211.html
9. February 12, SC
Magazine – (International) Gameover Zeus most active banking trojan in
2013, researchers report. Dell SecureWorks Counter Threat Unit released a
report covering banking trojans in 2013 and found that the Gameover ZeuS trojan
was the most actively observed trojan during the year, with 38 percent of
activity, followed by the Citadel trojan at 33 percent of activity. Source: http://www.scmagazine.com//gameover-zeus-most-active-banking-trojan-in-2013-researchers-report/article/333795/
Information Technology Sector
21. February 13, Softpedia – (International) Oracle
confirms existence of 30 security holes in Java Cloud Service. Oracle
confirmed the existence of 30 security vulnerabilities in its Java Cloud
Service reported to the company by Security Explorations researchers. The
researchers stated that over half can be exploited to bypass the Java security
sandbox. Source: http://news.softpedia.com/news/Oracle-Confirms-Existence-of-30-Security-Holes-in-Java-Cloud-Service-426666.shtml
22. February 13, V3.co.uk – (International) Android apps
with Trojan SMS malware infect 300,000 devices, net crooks $6m. Researchers
at Panda Labs identified a new Android trojan app campaign that uses fake
permission notifications to get users' devices to send SMS messages to a
premium-rate number owned by the attackers behind the trojan apps. The campaign
has infected at least 300,000 devices and netted the attackers at least $6
million. Source: http://www.v3.co.uk/v3-uk/news/2328691/android-apps-with-trojan-sms-malware-infect-300-000-devices-net-crooks-usd6m
23. February 13, Help Net Security – (International) Linksys
home routers targeted and compromised in active campaign. A security
researcher reported that an unknown vulnerability is allowing Linksys E1000
routers to be targeted and infected with a worm dubbed TheMoon. The
vulnerability is currently being heavily exploited in attacks. Source: http://www.net-ecurity.org/malware_news.php?id=2707
24. February 13, Softpedia – (International) ASUS fixes
vulnerabilities in RT-N66U, RT-N66R and RT-N66W routers. ASUS released
firmware updates for three RT-N66 model routers, closing five security issues.
Source: http://news.softpedia.com/news/ASUS-Fixes-Vulnerabilities-in-RT-N66U-RT-N66R-and-RT-N66W-Routers-426689.shtml
25. February 12, Threatpost – (International) US
government delivers cybersecurity framework for critical infrastructure. The
National Institute of Standards and Technology (NIST) announced February 12
that it has released the Framework for Improving Critical Infrastructure
Security, a document which outlines cybersecurity practices and standards for
industry and government to consider when developing security programs for
critical infrastructure. Source: http://threatpost.com/us-government-delivers-cybersecurity-framework-for-critical-infrastructure/104243
26. February 12, SC Magazine – (International) Pre-installed
security software leaves computers vulnerable to remote hijack, experts reveal.
Kaspersky Lab researchers released a report February 12 warning that the
Absolute Computrace anti-theft software pre-installed on some desktops and
laptops contains vulnerabilities which could allow attackers to remotely hijack
systems. Source: http://www.scmagazine.com/pre-installed-security-software-leaves-computers-vulnerable-to-remote-hijack-experts-reveal/article/333808/
27. February 12, IDG News Service – (International) Denial-of-service
vulnerability puts Apache Tomcat servers at risk. Researchers published a
proof-of-concept exploit for a recently-disclosed vulnerability affecting
Apache Tomcat servers that could allow attackers to execute denial-of-service
(DoS) attacks against Web sites hosted on the servers. Source: http://www.networkworld.com/news/2014/021214-denial-of-service-vulnerability-puts-apache-tomcat-278708.html
For another story, see item 9 above in the Financial Services Sector
Communications Sector
28.
February 13, Pittsburgh Post-Gazette – (Pennsylvania) Verizon fixes
phone outages in parts of 412 area code. Verizon land-line service for
5,000 customers around Allegheny County with various area codes was restored
after an outage that lasted more than 2 hours February 13. Source: http://www.post-gazette.com/local/region/2014/02/13/Verizon-fixes-phone-outages-in-parts-of-412-area-code/stories/201402130276