Thursday, March 6, 2014




Complete DHS Report for March 6, 2014

Daily Report

Details

 • Ohio-based Smucker’s fruit spread company shut down its online store after it discovered that attackers breached the company’s systems and may have obtained customers’ payment card and personal information. – Softpedia See item 6 below in the Financial Services Sector

 • Rainstorms in Los Angeles County, California, over the February 28 weekend added about 6 billion gallons of water to the county’s dams and reservoirs, with about 11 inches of rainfall in the water-starved region. – Los Angeles Times

19. March 4, Los Angeles Times – (California) L.A. County reservoirs get 6-billion-gallon infusion from storms. Rainstorms in Los Angeles County over the February 28 weekend added about 6 billion gallons of water to the county’s dams and reservoirs, with about 11 inches of rainfall in the water-starved region. Officials say the county is still far short of its usual water levels for the rainy season. Source: http://www.latimes.com/local/la-me-water-tally-20140305,0,3776729.story

 • One person died and 7 utility workers were injured March 4 after a suspected gas-related explosion that destroyed 12 homes and left the occupants of 55 other units at the South Fork Housing Community in Ewing Township, New Jersey, temporarily displaced. – KYW 3 Philadelphia

31. March 5, KYW 3 Philadelphia – (New Jersey) Probe continues into deadly blast in New Jersey. One person died and 7 utility workers were injured March 4 after a suspected gas-related explosion that destroyed 12 homes and left the occupants of 55 other units at the South Fork Housing Community in Ewing Township temporarily displaced. Officials are investigating the incident, but believe a utility contractor working at the complex may have struck and damaged a gas line shortly before the explosion. Source: http://philadelphia.cbslocal.com/2014/03/05/probe-continues-into-deadly-blast-in-new-jersey/

 • Firefighters responded to a 3-alarm fire that burned 2 buildings of the Corona Village Condominiums complex in Adams County, Colorado, March 4 and displaced residents of 96 units. – KDVR 31 Denver 

32. March 5, KDVR 31 Denver – (Colorado) 2 injured in 3-alarm condo fire in Adams County near 88th and Corona. Firefighters responded to a 3-alarm fire that burned 2 buildings of the Corona Village Condominiums complex in Adams County March 4. Two contractors working on the property were injured by the blaze, and the residents of up to 96 units were displaced. Source: http://www.thedenverchannel.com/news/local-news/flames-engulf-apartment-building-in-thornton-near-88th-and-corona

Financial Services Sector

6. March 5, Softpedia – (International) Smucker’s shuts down online store after hackers access payment card data. Ohio-based Smucker’s fruit spread company shut down its online store after it discovered that attackers breached the company’s systems and may have obtained customers’ payment card and personal information. A security researcher also reported that the group behind the attack also targeted payment processor SecurePay. Source: http://news.softpedia.com/news/Smucker-s-Shuts-Down-Online-Store-After-Hackers-Access-Payment-Card-Data-430522.shtml

7. March 5, Associated Press – (California) California student arrested in fraud scheme. A Los Angeles woman was arrested March 4 and charged with fraud following a 9-month investigation into the defrauding of hundreds of alleged victims. The woman was found in possession of over 200 payment card numbers and more than 400 identity profiles. Source: http://www.washingtontimes.com/news/2014/mar/5/california-student-arrested-in-fraud-scheme/

For another story, see item 28 below in the Information Technology Sector

Information Technology Sector

27. March 5, Help Net Security – (International) New Android devices sold with pre-installed malware. The founder of Marble Security reported finding data-stealing malware disguised as Netflix apps pre-installed on several customers’ new Android devices. Several Samsung, Asus, LG, and Motorola phones and tablets were found with the pre-installed malware. Source: http://www.net-security.org/malware_news.php?id=2724

28. March 5, The Register – (International) New design flaw found in crypto’s TLS: Pretend to be a victim online. Researchers with the French National Institute for Research in Computer Science and Control developed a new man-in-the-middle (MitM) attack against the Transport Level Security (TLS) protocol that can under certain conditions allow an attacker to intercept a user’s login credentials and disguise themselves as the user on servers that accept the same credential. Source: http://www.theregister.co.uk/2014/03/05/tls_authentication_broken_again/

29. March 5, The Register – (International) GNU security library GnuTLS fails on cert checks: Patch now. An issue in the GnuTLS security library was identified that could allow any certificate to be accepted as legitimate, affecting hundreds of applications that use the library. Red Hat and GnuTLS issued patches for users and advised them to apply the patch promptly. Source: http://www.theregister.co.uk/2014/03/05/gnu_security_library_gnutls_fails_on_cert_checks_patch_now/

Communications Sector

30. March 5, NorthEscambia.com – (Florida) Phone service restored in Byrnevile after 4 day outage. AT&T customers in Byrneville had landline service restored March 4 after a water-damaged cable caused a service outage starting February 27. Source: http://www.northescambia.com/2014/03/phone-service-restored-in-byrneville