Daily Report
Top Stories
· The California Public
Utilities Commission agreed August 14 to penalize Southern California Edison
$24.5 million for safety violations in a 2011 windstorm that knocked out power
to 440,000 customers and caused a power line failure that electrocuted three individuals.
– Associated Press
1. August
14, Associated Press – (California) California regulators approve
$24.5M penalty against Edison for 2011 outages, electrocutions. The
California Public Utilities Commission agreed August 14 to penalize Southern
California Edison $24.5 million for safety violations in a 2011 windstorm that
knocked out power to 440,000 customers and caused a power line failure that
electrocuted three individuals. The utility agreed to the penalty in March
after an investigation determined they gave inaccurate information on power
restoration and safety standards. Source: http://www.foxbusiness.com/markets/2014/08/14/california-regulators-approve-245m-penalty-against-edison-for-2011-outages/
· Authorities
closed both directions of Interstate 65 in Franklin, Tennessee, for 3 hours
August 15 after a tanker truck ran into an overpass bridge support column and
burst into flames, killing the driver and damaging two bridges and requiring
them to be closed for months. – Nashville The Tennessean
9. August
15, Nashville The Tennessean – (Tennessee) I-65 bridge closed for
months after Franklin tanker explosion kills truck driver. Authorities
closed both directions of Interstate 65 from State Route 840 to Highway 96 in
Franklin for 3 hours August 15 after a tanker truck carrying unleaded gasoline
ran into an overpass bridge support column and burst into flames, killing the
driver. Officials stated that the Peytonsville Road bridge and a new bridge
under construction alongside the existing bridge will be closed and
construction set on the new bridge delayed for months due to the damage.
Source: http://www.tennessean.com/story/news/local/williamson/2014/08/15/franklin-tanker-explosion-65/14097717
· A
state of emergency for residents in the city of New London, Connecticut, was
lifted 11 hours after a water main break that leaked approximately 8,000 to 10,000
gallons of water per minute was repaired August 14. – WTIC 61 Hartford
18. August
14, WTIC 61 Hartford – (Connecticut) New London water restored. A
state of emergency for residents in the city of New London was lifted 11 hours
after a water main break was repaired August 14, that caused the water pressure
to drop and leaked approximately 8,000 to 10,000 gallons of water per minute.
Source: http://foxct.com/2014/08/14/massive-water-leak-in-new-london-could-impact-thousands/
· A
man admitted August 14 to stealing over 500 pounds of explosives from a U.S.
Forest Service bunker near Red Lodge, Montana, in April 2013. – Billings
Gazette
21. August 14, Billings Gazette – (Montana) Wyoming man admits stealing Forest Service’s
explosives. A Wyoming man admitted August 14 to stealing over 500 pounds of
explosives from a U.S. Forest Service bunker near Red Lodge, Montana, while
looking for a campground in April 2013. Source: http://billingsgazette.com/news/state-and-regional/montana/wyoming-man-admits-stealing-forest-service-s-explosives/article_f3473ed2-8bf8-59c4-a0bc-e1328288ebbc.html
Financial Services Sector
3. August 15, Securityweek – (International) New Bugat malware uses HTML injections
taken from Gameover Zeus. A researcher from IBM Security reported August 14
that a new variant of the Bugat financial malware (also known as Cridex or
Geodo) was spotted infecting computers in the U.K. and the Middle East region.
The new variant uses HTML injections and scripts and an attack structure
similar to that used by the Gameover Zeus malware and attempts to redirect
victims to fake financial institution Web sites in order to steal login
information. Source: http://www.securityweek.com/new-bugat-malware-uses-html-injections-taken-gameover-zeus
4. August 15, IDG News Service – (International) Official at digital currency service
pleads guilty to money laundering. A Costa Rican national pleaded guilty in
U.S. District Court on charges related to his role in the operation of digital
currency service Liberty Reserve that was shut down by the U.S. Department of
Justice for allegedly laundering $6 billion in funds from various illicit
activities. A Liberty Reserve co-founded previously pleaded guilty and charges
are being pursued against others involved in the service. Source: http://www.networkworld.com/article/2465882/official-at-digital-currency-service-pleads-guilty-to-money-laundering.html
5. August 14, Reuters – (National) SEC charges Linkbrokers in $18 million
securities fraud scheme. New York-based brokerage firm Linkbrokers
Derivatives LLC agreed August 14 to pay $14 million to settle U.S. Securities
and Exchange Commission charges that the firm defrauded customers of over $18
million by charging fees much larger than represented in over 36,000
transactions between 2005 and 2009. Four brokers at the firm were previously
charged, with three agreeing to settle the charges for around $4 million.
Source: http://www.reuters.com/article/2014/08/14/us-sec-linkbrokers-idUSKBN0GE21J20140814
6. August 14, Softpedia – (International) New Gameover Zeus botnet forming, the
US sees most infections. Arbor Networks researchers observed two new
variants of the Gameover Zeus financial malware using 8,494 IP addresses to
attempt to connect to command and control (C&C) servers in July in order to
build a new botnet after a law enforcement and industry takedown of the
original botnet. The new variants no longer use the peer-to-peer (P2P) command
and control architecture of the original and instead utilize a domain
generation algorithm (DGA) to contact C&C servers. Source: http://news.softpedia.com/news/New-Gameover-Zeus-Botnet-Forming-the-US-Sees-Most-Infections-455112.shtml
7. August 14, Memphis Flyer – (Tennessee) Huge credit card fraud lab uncovered. The
Shelby County Sheriff’s Office, U.S. Secret Service, and U.S. Marshals Service
executed search and arrest warrants on an alleged payment card fraud lab in
Millington August 13 and seized 84 credit and gift cards and several skimming
devices, blank cards, and documents containing personal information. Two
suspects were also arrested during the search and an investigation is ongoing.
Source: http://www.memphisflyer.com/NewsBlog/archives/2014/08/14/huge-credit-card-fraud-lab-uncovered
8. August 14, SC Magazine – (National) Vitamin seller website attacked, payment
cards and other info compromised. Vitamin seller TheNaturalOnline.com
reported August 12 that an undisclosed number of their customers may have had
their payment and personal information compromised during a breach of the
company’s systems that was identified July 15. The information included names,
addresses, email addresses, account passwords, phone numbers, and payment card
numbers, expiration dates, and CVV codes. Source: http://www.scmagazine.com/vitamin-seller-website-attacked-payment-cards-and-other-info-compromised/article/366314/
Information Technology Sector
25. August 15, The Register – (International) Don’t think you’re SAFE from Windows
zombies just ‘cos you have an iPhone - research. Researchers at the Georgia
Institute of Technology reported finding that Apple iOS devices can be
compromised with iOS malware after being connected to a Windows computer by
exploiting weaknesses in the iTunes syncing process, allowing attackers to
steal data, install malicious apps, and replace existing apps. The researchers
plan to demonstrate their findings August 20 at the Usenix Security Symposium.
Source: http://www.theregister.co.uk/2014/08/15/infecting_ipads_new_how_to/
26. August 15, SC Magazine – (International) 50% of corporate passwords crackable
within a few minutes. Trustwave released the results of research that
analyzed 620,000 passwords compiled over 2 years and found that around 50
percent of U.S. corporate passwords could be cracked using a brute force method
within a few minutes, while 92 percent could be cracked within 31 days. The
research found that a longer password containing only letters took much longer
to brute force compared to a shorter password that also includes numbers and
special characters. Source: http://www.scmagazineuk.com/50-of-corporate-passwords-crackable-within-a-few-minutes/article/366470/
27. August 14, ZDnet – (International) Microsoft’s Visual Studio Online
outage hits users worldwide. Microsoft’s Visual Studio Online service
experienced a service interruption across multiple regions for around 9 hours
August 14. Source: http://www.zdnet.com/microsofts-visual-studio-online-outage-hits-users-worldwide-7000032641/
For additional stories, see items 3 and 6 above in the Financial
Services Sector
Communications Sector
28.
August 15, KUSA 9 Denver – (Colorado) Colorado
Sprint customers affected by outage. Sprint customers around Colorado
reported issues with service including data or voice outages and complete blackouts
August 15. Source: http://www.9news.com/story/tech/2014/08/15/sprint-outage-affecting-colorado/14098241/