Wednesday, March 19, 2014




Complete DHS Report for March 19, 2014

Daily Report

Details

 • A Mid-Valley Pipeline Co. pipeline leaked March 18, spilling 10,000 gallons of crude oil in Colerain Township, Ohio, affecting a mile of intermittent stream and pooling in a wetland in the Oak Glen Nature Preserve. – Cincinnati Enquirer

1. March 18, Cincinnati Enquirer – (Ohio) Water works: Crude oil leak not a threat to drinking water. A Mid-Valley Pipeline Co. pipeline operated by Sunoco Logistics leaked, spilling 10,000 gallons of crude oil in Colerain Township, affecting a mile of intermittent stream and pooling in a wetland in the Oak Glen Nature Preserve, officials confirmed March 


 • General Motors announced recalls for several vehicle models for various issues, covering a total of around 1.5 million vehicles. – CNNMoney

3. March 18, CNNMoney – (National) GM recalls another 1.5 million vehicles. General Motors announced recalls for several vehicle models for various issues, covering a total of around 1.5 million vehicles. Model year 2008-2013 Buick Enclave and GMC Acadia, model year 2009-2013 Chevrolet Traverse, and 2008-2010 Saturn Outlook vehicles made up of the bulk of the recall, while Cadillac XTS, Chevrolet Express, and GMC Savana vehicles were also recalled. Source: http://money.cnn.com/2014/03/17/autos/gm-recall/

 • Cosmetics and beauty retailer Sally Beauty confirmed March 17 that attackers breached the company’s networks and stole credit card data for less than 25,000 records as estimated by the company. – Krebs on Security See item 5 below in the Financial Services Sector

 • Security researchers identified a cybercrime operation dubbed Windigo that has infected around 25,000 UNIX servers over the past 2 years and uses them to send around 35 million spam emails daily. – Softpedia See item 25 below in the Information Technology Sector

Financial Services Sector

4. March 18, Softpedia – (International) Two Ukrainians and one American charged for role in global cybercrime operation. Two Ukrainians and one American were charged by federal authorities with hacking into the systems of several U.S. banks, government agencies, payroll processing companies, and brokerage firms in an attempt to steal at least $15 million between 2012 and 2013. Source: http://news.softpedia.com/news/Two-Ukrainians-and-One-American-Charged-for-Role-in-Global-Cybercrime-Operation-432716.shtml

5. March 17, Krebs on Security – (International) Sally Beauty confirms card data breach. Cosmetics and beauty retailer Sally Beauty confirmed March 17 that attackers breached the company’s networks and stole credit card data for less than 25,000 records as estimated by the company. The breach is still under investigation. Source: http://krebsonsecurity.com/2014/03/sally-beauty-confirms-card-data-breach/

6. March 17, WMAQ 5 Chicago – (Illinois) Former CME clerk convicted of commodities fraud. A former trader at the Chicago Mercantile Exchange was found guilty March 14 of secretly adding her own order tickets when submitting tickets for public customers and entering favorable prices on lean hogs futures trades between 2009 and 2010, making $213,680 via the fraudulent trade cards. Source: http://www.nbcchicago.com/news/local/Chicago-Mercantile-Exchange-trader-clerk-nicole-graziano-250653871.html

7. March 17, Help Net Security – (International) Mt. Gox CEO doxing was a ploy to spread Bitcoin-stealing malware. A researcher at Kaspersky Lab reported that an archive file purporting to contain financial and personal information relating to the Mt. Gox Bitcoin service also contains a Windows and a Mac trojan designed to steal users Bitcoin virtual currency. Source: http://www.net-security.org/malware_news.php?id=2733

Information Technology Sector

25. March 18, Softpedia – (International) ESET uncovers server botnet that infected over 25,000 UNIX machines. Security researchers with ESET, CERT-Bund, and other organizations identified a cybercrime operation dubbed Windigo that has infected around 25,000 UNIX servers over the past 2 years. The infected servers are being used to send around 35 million spam emails daily. Source: http://news.softpedia.com/news/ESET-Uncovers-Server-Botnet-That-Infected-over-25-000-UNIX-Machines-432801.shtml

26. March 17, CNET News – (International) Outage hits Google Talk, Hangouts. Some users of Google’s Talk and Hangouts services experienced outages for around 3 hours March 17. Source: http://news.cnet.com/8301-1023_3-57620423-93/outage-hits-google-talk-hangouts/

For additional stories, see items 4 and 7 above in the Financial Services Sector

Communications Sector

27. March 18, Dallas Business Journal – (National) AT&T experiences U-verse internet outage overnight. Several AT&T U-verse customers across southwestern States experienced an overnight Internet outage March 17-18. Officials stated that the outage occurred during a planned maintenance window and service for many customers was restored. Source: http://www.bizjournals.com/dallas/blog/morning_call/2014/03/at-t-experience-u-verse-internet-outage-overnight.html

28. March 17, Kenai Peninsula Clarion – (Alaska) ACS outage affects Kenai Peninsula residents. Alaska Communications customers on the Kenai Peninsula south of Cooper Landing lost all wireless services for more than 5 hours March 17 due to equipment failure. Source: http://peninsulaclarion.com/news/2014-03-17/acs-outage-affects-kenai-peninsula-residents