Daily Report
Top Stories
· Researchers identified a spam campaign
dubbed “Wolf of Wall Street” that uses botnets to send out emails encouraging
penny stock investors to purchase stocks of Canada-based Confederation Minerals
Ltd., which has resulted in the transaction volume of the company increasing to
1,620,000 shares from 10,000 shares within 3 days. – Softpedia See
item 3 below in the Financial
Services Sector
· Three Texas
schools and two Ohio schools were closed October 16 due to health concerns
after a number of students and staff members traveled on an October 13 flight
with a patient who tested positive for Ebola. – WFAA 8 Dallas; WKYC 3
Cleveland
17.
October 16, WFAA 8 Dallas; WKYC 3 Cleveland –
(Ohio; Texas) Schools in Ohio, Texas close amid Ebola scare. Three
Central Texas schools and two Ohio schools were closed October 16 as a
precaution due to health concerns after a number of students and staff members
traveled on an October 13 flight with a patient who tested positive for Ebola.
The schools and buses are undergoing thorough disinfecting and cleaning while
the students and staff were isolated for monitoring. Source: http://www.wtsp.com/story/news/health/2014/10/16/belton-students-class-canceled-ebola/17344401/
· Two sergeants
and a suspect were injured in a shooting spree that stretched across three
Snohomish County, Washington cities October 15 targeting police officers,
patrol cars, and police stations. – KIRO 7 Seattle
23.
October 16, KIRO 7 Seattle –
(Washington) Snohomish County shooting spree targets police, two sergeants
injured. Two sergeants and a suspect were injured in a shooting spree that
stretched across three Snohomish County cities October 15 targeting police
officers, patrol cars, and police stations. The suspect and a sergeant from the
Marysville Police Department exchanged gunfire before the suspect surrendered
after shooting several rounds into patrol cars, the Granite Falls Police
Station, and the Lake Stevens Police Department. Source: http://www.kirotv.com/news/news/snohomish-county-shooting-spree-targets-police-inj/nhkLk/
· A
group of security and IT firms began a campaign to detect and remediate malware
installations belonging to a cyberespionage campaign targeting governments,
financial services institutions, and the education sector since 2010. – The
Register (See item 26)
26. October 15, The Register – (International) FireEye, Microsoft, Cisco team up to
take down RAT-flinging crew. A group of security and IT firms led by
Novetta began a coordinated campaign to detect and remediate malware
installations belonging to a cyberespionage campaign targeting policy groups,
governments, financial services institutions, the education sector, and think
tanks since 2010. The cyberespionage group uses several tools including
Moudoor, a derivative of the Gh0st RAT remote access trojan, and the Hikiti
malware used to control compromised systems. Source: http://www.theregister.co.uk/2014/10/15/china_cyberespionage_takedown_by_microsoft_cisco/
Financial Services Sector
3. October
16, Softpedia – (International) Botnets used in “Wolf of Wall
Street” spam campaign. Researchers with Bitdefender identified a spam
campaign dubbed “Wolf of Wall Street” that uses botnets to send out promotional
emails encouraging penny stock investors to purchase stocks of Canada-based
Confederation Minerals Ltd., which has resulted in the transaction volume of
the company increasing to 1,620,000 shares from 10,000 shares within 3 days.
The spam campaign is the largest recorded in 2014 and the attackers behind it
stand to profit by selling stocks after inflating the prices. Source: http://news.softpedia.com/news/Botnets-Used-In-Wolf-of-Wall-Street-Spam-Campaign-462308.shtml
4. October
15, U.S. Attorney’s Office, District of New Jersey – (New Jersey) Middlesex,
N.J., woman pleads guilty to conspiring to defraud the U.S. Treasury Department
of nearly $1 million. A Middlesex, New Jersey woman pleaded guilty October
15 to conspiring with others to obtain and cash stolen income tax refund
checks, defrauding the U.S. Department of the Treasury of approximately
$940,000. A co-conspirator who worked as a head teller at a Perth Amboy bank
previously pleaded guilty to her role in the fraud. Source: http://www.justice.gov/usao/nj/Press/files/Valerio,%20Rosemary%20Plea%20PR.html
For additional stories, see items 26 above in Top
Stories and 32 below from the Commercial Facilities
Sector
32. October
15, Softpedia – (International) Cyberswim announces data breach
lasting for more than three months. Cyberswim Inc., notified customers who
made purchases on its Web site between May 12 and August 28 that their personal
information, including payment card data, may have been compromised after
officials confirmed that malicious software was installed on the company’s
network, granting attackers access to the data. Cyberswim updated its Web site
code and issued a password reset command to block the intruders’ access to the
network. Source: http://news.softpedia.com/news/Cyberswim-Announces-Data-Breach-Lasting-For-More-Than-Three-Months-462237.shtml
Information Technology Sector
24. October 16, Securityweek – (International) Attackers abuse UPnP devices in DDoS
attacks, Akamai warns. Researchers at Akamai Technologies reported that
attackers have increasingly used the Simple Service Discovery Protocol (SSDP)
that comes enabled on Universal Plug and Play (UPnP) devices to launch
reflection and amplification distributed denial of service (DDoS) attacks
starting in July. The researchers found that 4.1 million Internet-facing
devices could be used in this type of DDoS attack. Source: http://www.securityweek.com/attackers-abuse-upnp-devices-ddos-attacks-akamai-warns
25. October 16, Help Net Security – (International) New OpenSSL updates fix POODLE, DoS
bugs. The OpenSSL Project released updates to OpenSSL that close four serious
vulnerabilities, including the POODLE issue and two memory leak issues that
could be used to launch denial of service (DoS) attacks against servers.
Source: http://www.net-security.org/secworld.php?id=17503
26. October 15, The Register – (International) FireEye, Microsoft, Cisco team up to
take down RAT-flinging crew. A group of security and IT firms led by
Novetta began a coordinated campaign to detect and remediate malware
installations belonging to a cyberespionage campaign targeting policy groups, governments,
financial services institutions, the education sector, and think tanks since
2010. The cyberespionage group uses several tools including Moudoor, a
derivative of the Gh0st RAT remote access trojan, and the Hikiti malware used
to control compromised systems. Source: http://www.theregister.co.uk/2014/10/15/china_cyberespionage_takedown_by_microsoft_cisco/
27. October 15, Threatpost – (International) Drupal fixes highly critical SQL
injection flaw. Drupal issued a patch for its popular content management
system (CMS) that closes a critical SQL injection vulnerability affecting
version 7.x. The vulnerability could allow an unauthenticated user to perform
arbitrary SQL execution and all users were advised to update their
installations as soon as possible. Source: http://threatpost.com/drupal-fixes-highly-critical-sql-injection-flaw/108861
For another story, see item 3 above in the Financial Services Sector
Communications Sector
28.
October 15, WJAC 6 Johnstown –
(Pennsylvania) Power outage shuts down 911 service in Elk County. A
damaged fiber optic cable disrupted landline service for hundreds of customers
in Elk County for several hours October 15 before crews were able to restore
service. Source: http://www.wjactv.com/news/features/top-stories/stories/power-outage-shuts-down-911-service-elk-county-3965.shtml