Wednesday, February 19, 2014




Complete DHS Report for February 19, 2014

Daily Report

Details

 • A Fort Worth man believed to be the “ZZ Top Bandit” was arrested February 4 during a sting operation set up by authorities who believe he could also be responsible for an additional 23 bank robberies throughout Texas. – KWTX 10 Waco See item 4 below in the Financial Services Sector

 • A large water main break just outside the City of Galesburg’s water treatment plant in Illinois caused the plant to lose more than 1 million gallons of water and caused safe, but rusty water for residents. – Galesburg Register-Mail

15. February 17, Galesburg Register-Mail – (Illinois) Main break affects Galesburg water. A large water main break just outside the City of Galesburg’s water treatment plant caused the plant to lose more than 1 million gallons of water and forced several other water mains to reverse direction, causing rusty water for residents. Authorities assured residents that water was safe for consumption but advised them to let the water run several minutes until its clears. Source: http://www.galesburg.com/article/20140217/NEWS/140219709/10180/NEWS

 • The Syrian Electronic Army is believed to be behind a digital attack of the Forbes Web site and its registered users after more than 1 million user and staff records were obtained. – Help Net Security See item 30 below in the Information Technical Sector

 • Las Vegas Sands Corp., restored its casino Web sites after a security breach forced the company to shut down its online operations for several days. The hacker group, Anti WMB Team, published a video demonstrating that 828 gigabytes of files were stolen. – Softpedia

32. February 18, Softpedia – (International) Hackers show they’ve stolen 828 Gb of data from systems of Las Vegas Sands. Las Vegas Sands Corp., restored its casino Web sites after a security breach forced the company to shut down its online operations for several days. The hacker group, Anti WMB Team, published a video demonstrating that 828 gigabytes of files including budget information, IT department and network information, and user data was stolen during the breach. Source: http://news.softpedia.com/news/Hackers-Show-They-ve-Stolen-828-Gb-of-Data-from-Systems-of-Las-Vegas-Sands-427506.shtml

Financial Services Sector

4. February 18, KWTX 10 Waco – (Texas) Texas man believed to be “ZZ Top Bandit” in custody. A Fort Worth man believed to be the “ZZ Top Bandit” and “The Interstate Bandit” was arrested February 4 during a sting operation set up by the FBI and Williamson County officials. The FBI believes he may also be responsible for 23 bank robberies throughout Texas between January 2004 and October 2013. Source: http://www.kwtx.com/home/headlines/Texas-Man-Believed-To-Be-ZZ-Top-Bandit-In-Custody-245977411.html

Information Technology Sector

28. February 18, Help Net Security – (International) Linksys announces firmware fix to neutralize “The Moon” worm. Linksys announced that they were aware of “TheMoon” malware targeting its older routers and are working on a firmware fix, but advised administrators and users to Disable Remote Administration of their devices in order to protect themselves from the attack. Source: http://www.net-security.org/malware_news.php?id=2711

29. February 17, Help Net Security – (International) Kickstarter suffers data breach. Kickstarter notified users that their user information was accessed following a data breach. The company closed the security vulnerability and began strengthening security measures on their systems, but recommended users change their passwords. Source: http://www.net-security.org/secworld.php?id=16366

30. February 17, Help Net Security – (International) SEA hacks Forbes, steals and leaks 1M user records. The Syrian Electronic Army hacking group is believed to be behind a digital attack of the Forbes Web site and its registered users after more than 1 million user and staff records were obtained. The information was made available for public download and Sophos researchers discovered that passwords could potentially be cracked after learning they were salted and hashed, not encrypted. Source: http://www.net-security.org/secworld.php?id=16367

31. February 15, Softpedia – (International) GitHub fixes RCE and 2FA brute-force vulnerabilities. GitHub fixed an SSH Git remote command execution (RCE), a two-factor authentication (2FA) brute-force, and a MySQL typecasting authentication bypass vulnerabilities after a researcher from Phonoelit identified and reported them to the company. Source: http://news.softpedia.com/news/GitHub-Fixes-RCE-and-2FA-Brute-Force-Vulnerabilities-427078.shtml

For another story, see item 32 above in Top Stories

Communications Sector

Nothing to report