Daily Report
Top Stories
· A 6-mile
stretch of Interstate 90 from the Liberty Lake exit in Washington to the
Pleasant View Road exit in Idaho reopened September 15 after closing for 19
hours while crews cleaned about a 1 gallon spill of anhydrous trimethylamine. –
KHQ 6 Spokane
9. September
15, KHQ 6 Spokane – (Idaho; Washington) After 19 hour shutdown
I-90 is back open. A 6-mile stretch of Interstate 90 from the Liberty Lake
exit in Washington to the Pleasant View Road exit in Idaho reopened September
15 after closing for 19 hours while crews cleaned about a 1 gallon spill of
anhydrous trimethylamine September 14. Source: http://www.khq.com/story/26529182/update-i-90-remains-closed-after-chemical-spill-detours-in-place
· Valesco
Ventures informed 82,601 Aventura Hospital and Medical Center patients in
Florida September 9 that an employee may have accessed their personal
information from September 2012 to June 2014. – WPLG 10 Miami
17. September
16, WPLG 10 Miami – (Florida) Aventura Hospital and Medical
Center reports data breach. Valesco Ventures informed 82,601 Aventura
Hospital and Medical Center patients in Florida September 9 that an employee
may have accessed their personal information, including Social Security numbers,
from September 2012 to June 2014. Authorities are investigating the breach.
Source: http://www.local10.com/news/aventura-hospital-medical-center-reports-data-breach/28082920
· A carbon
monoxide leak at North Mac Campus in Macoupin County, Illinois, September 15
caused about 145 people to be hospitalized for treatment and closed the school
September 16. – KMOV 4 St. Louis; Macoupin County Enquirer-Democrat
19. September
16, KMOV 4 St. Louis; Macoupin County Enquirer-Democrat – (Illinois)
145 taken to hospitals after carbon monoxide leak in Macoupin Co. school. A
carbon monoxide leak at North Mac Campus in Macoupin County, Illinois,
September 15 caused about 145 people to be transported to area hospitals for
treatment and the closure of the school September 16. Source: http://www.kmov.com/news/local/Students-transported-to-hospital-after-carbon-monoxide-leak-at-Macoupin-County-School-275139261.html
· Fire crews
worked September 16 to contain at least 11 wildfires which combined, have
burned over 170,000 acres across California, prompted evacuation orders for
hundreds of residents, and burned over 100 structures and vehicles. – USA
Today; KXTV 10 Sacramento
20.
September 16, USA Today; KXTV 10 Sacramento –
(California) California’s King Fire doubles as wildfires spread. Fire
crews worked September 16 to contain at least 11 wildfires which combined, have
burned over 170,000 acres across California, prompted evacuation orders for
hundreds of residents, and burned over 100 structures and vehicles. Source: http://www.usatoday.com/story/news/nation/2014/09/15/california-wildfires/15685257
Financial Services Sector
4. September
15, IDG News Service – (International) ‘Tiny banker’ malware
targets US financial institutions. Researchers at Avast analyzed an updated
variant of the Tiny Banker (also known as Tinba) financial malware and found
that it is now able to target new financial institutions including ones in the
U.S. The malware can inject HTML fields into banking Web sites when a user
visits them in order to collect personal and login information. Source: http://www.networkworld.com/article/2684113/tiny-banker-malware-targets-us-financial-institutions.html
5. September
15, U.S. Securities and Exchange Commission – (Tennessee) Tennessee-based
animal feed company agrees to pay $18 million to settle accounting fraud case. Tennessee-based
animal feed company AgFeed Industries agreed to pay back $18 million to
investors as part of an agreement with the U.S. Securities and Exchange
Commission over the company’s fraudulent accounting that artificially inflated
its stock price. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370542938017
For another story, see item 30 below
from the Commercial Facilities Sector
30. September 15, eSecurity Planet – (New York) Insider credit card breach leads to
$400,000 Saks shopping spree. Authorities arrested six former employees of
a New York City Saks Fifth Avenue store September 5 for allegedly stealing the
payment card information of at least 22 customers from store computers and
using the data to purchase $400,000 in merchandise, some of which was returned to
the store for refunds that were delivered to accounts in the suspects’ control.
Information Technology Sector
24. September 16, Softpedia – (International) Malicious Kindle eBooks can give
hackers access to your Amazon account. A security researcher identified a
security issue in Amazon’s “Manage your Kindle page” that can be exploited
using a malicious eBook file to take over a user’s Amazon account. The same
vulnerability was reported and fixed in November 2013 but was reintroduced in a
new version of the page. Source: http://news.softpedia.com/news/Malicious-Kindle-Ebooks-Can-Give-Hackers-Access-to-Your-Amazon-Account-458983.shtml
25. September 16, The Register – (International) THREE QUARTERS of Android mobes open
to web page spy bug. A Metasploit developer released a Metasploit module
for a vulnerability in Android versions 4.2.1 and below that was discovered
September 1, which could automate an exploitation of the vulnerability and
allow attackers behind a malicious Web page to see users’ other open pages and
hijack sessions. Source: http://www.theregister.co.uk/2014/09/16/three_quarters_of_droid_phones_open_to_web_page_spy_bug/
26. September 15, KrebsOnSecurity – (International) LinkedIn feature exposes email addresses.
Researchers with Rhino Security Labs demonstrated how an attacker could use
a ‘find connections’ feature in LinkedIn and a large number of email contacts
generated with likely email addresses to identify the email address of specific
individuals for possible use in spear-phishing or other malicious activities.
LinkedIn stated that it was planning at least two changes to the way the
professional network handles user email addresses to counteract the issue. Source: http://krebsonsecurity.com/2014/09/linkedin-feature-exposes-email-addresses/
27. September 15, Threatpost – (International) SNMP DDoS scans spoof Google public
DNS server. The SANS Internet Storm Center reported September 15 that
large-scale scans of Simple Network Management Protocol (SNMP) spoofing
Google’s public DNS server traffic were taking place, indicating a scan being
used to identify routers and devices using default SNMP passwords. Vulnerable
routers and devices could have their configuration variables changed, creating a
denial of service (DoS) situation on the affected devices. Source: http://threatpost.com/snmp-based-ddos-attack-spoofs-google-public-dns-server
Communications Sector
28.
September 16, Manchester Enterprise –
(Michigan) Comcast customers lose Internet service in Manchester. Comcast
Internet service was restored to residents and businesses in the Manchester
area of Michigan following an outage that lasted several days due to a storm
that caused power lines to fall on fiber optic cables September 5. Source: http://www.heritage.com/articles/2014/09/16/manchester_enterprise/news/doc541799f450193415553140.txt?viewmode=fullstory
29.
September 15, Park Hills Daily Journal Online –
(Missouri) Cut cable cause of communication outage. Approximately
100,000 AT&T, Charter, and Big River customers in Missouri lost Internet
and/or telephone service for nearly 7 hours due to a damaged fiber optic cable
September 15. Source: http://dailyjournalonline.com/news/local/cut-fiber-optic-cable-cause-of-internet-telephone-outage/article_bd745974-7886-5f45-a9fa-2156b37a6160.html