Monday, November 3, 2014



Complete DHS Report for November 3, 2014

Daily Report

Top Stories
 
 · Officials are investigating after a 120,000-pound crane overturned on northbound Interstate 5 at Avenida Pico in San Clemente, California, October 30 and blocked all northbound lanes for 13 hours. – San Diego Union-Tribune

8. October 31, San Diego Union-Tribune – (California) N I-5 reopens after toppled crane causes shutdown. Officials are investigating after a 120,000-pound crane overturned on northbound Interstate 5 at Avenida Pico in San Clemente October 30 and blocked all northbound lanes for 13 hours. Source: http://www.utsandiego.com/news/2014/oct/30/major-traffic-backup-interstate-5-san-clemente/
 
 · A small twin-engine plane crashed into a building shortly after takeoff from Mid-Continent Airport in Wichita, Kansas, October 30 and burst into flames, killing four people and injuring five who were sent to nearby hospitals for treatment. – CNN

9. October 31, CNN – (Kansas) 4 killed after plane hits building near Wichita airport. A small twin-engine plane crashed into a building shortly after takeoff from Mid-Continent Airport in Wichita October 30 and burst into flames, killing four people and injuring five who were sent to nearby hospitals for treatment. The FlightSafety International building was evacuated and deemed unsafe due to the fire and damage. Source: http://www.cnn.com/2014/10/30/us/kansas-wichita-airport-crash/index.html
  
 · All Oakland, California public schools were dismissed October 30 after a strong odor of natural gas spread through the city as a result of an incident at a Pacific Gas and Electric Company facility. – KPIX 5 San Francisco; San Francisco Bay City News

16. October 30, KPIX 5 San Francisco; San Francisco Bay City News – (California) Oakland schools, city hall, federal building evacuated because of gas odor. All Oakland, California public schools were dismissed October 30 after a strong odor of natural gas spread through the city as a result of an incident at a Pacific Gas and Electric Company facility. Crews worked to determine where the smell originated. Source: http://sanfrancisco.cbslocal.com/2014/10/30/oakland-federal-building-other-office-buildings-evacuated-after-gas-odor/

 · Pennsylvania police captured a suspect October 30 in an abandoned airplane hangar in Blooming Grove after he surrendered following a September 12 targeted attack where the suspect allegedly opened fire killing a trooper and seriously injuring another. – Associated Press

21. October 31, Associated Press – (Pennsylvania) Captured: manhunt ends for trooper ambush suspect. Pennsylvania police captured a suspect October 30 in an abandoned airplane hangar in Blooming Grove after he surrendered following a September 12 targeted attack where the suspect allegedly opened fire killing a trooper and seriously injuring another. Source: http://www.msn.com/en-us/news/crime/captured-manhunt-ends-for-trooper-ambush-suspect/ar-BBc6H2f

Financial Services Sector

4. October 31, Softpedia – (National) Capital One employee accesses customer info without authorization. Capital One stated in a letter to affected customers that a former employee at the bank gained unauthorized access to an undisclosed amount of customer data that included names, account numbers, and Social Security numbers. The company has increased security measures and law enforcement agencies are investigating. Source: http://news.softpedia.com/news/Capital-One-Employee-Accesses-Customer-Info-without-Authorization-463624.shtml

5. October 30, BankInfoSecurity – (National) Phishing attack leads to title firm breach. Fidelity National Financial notified an unspecified number of customers that personal and financial information including payment card, driver’s license, and Social Security numbers may have been compromised when attackers gained access to employees’ email accounts via a phishing attack. The company stated that an investigation showed that the attackers’ goal was to obtain information in order to redirect scheduled money transfers. Source: http://www.bankinfosecurity.com/phishing-attack-leads-to-bank-breach-a-7502

6. October 30, Associated Press – (Texas) 2 women charged in $800k south Texas bank scam. Two Zapata women were arrested October 30 and charged with allegedly issuing and cashing around $800,000 in fraudulent checks from a construction company. One of the accused worked at the construction company while the other was employed by Zapata National Bank. Source: http://houston.cbslocal.com/2014/10/30/2-women-charged-in-800k-south-texas-bank-scam/
 
Information Technology Sector

22. October 31, Softpedia – (International) RIG Exploit Kit used in Drupal CMS exploit incidents. RiskIQ researchers observed the RIG Exploit Kit being used in attacks that exploit a critical SQL injection vulnerability in the Drupal content management system (CMS) to redirect users to the exploit kit. The researchers found that all instances of the exploit kit are hosted on a machine at a Selectel datacenter in Russia. Source: http://news.softpedia.com/news/RIG-Exploit-Kit-Used-in-Drupal-CMS-Exploit-Incidents-463685.shtml

23. October 31, Securityweek – (International) iOS app vulnerability exposed GroupMe accounts. A researcher identified and reported a vulnerability in the GroupMe app for iOS that could have allowed an attacker to hijack the account of another user due to the sign-up process for new accounts lacking rate limiting or a security lockout mechanism on a phone number verification process. The issue was reported August 28 and patched September 17, and the researcher stated that there was no evidence it was exploited before being fixed. Source: http://www.securityweek.com/ios-app-vulnerability-exposed-groupme-accounts

24. October 31, Help Net Security – (International) Android dialer hides, resists attempts to remove it. Researchers with Dr. Web identified a malicious dialer for Android dubbed Android.Dialer.7.origin that places calls to a paid service at regular intervals after infecting devices disguised as an app. The malware attempts to hide itself by deleting its shortcut, disabling the device earpiece during calls, and removing evidence of the calls from the call and system logs. Source: http://www.net-security.org/malware_news.php?id=2903

25. October 30, The Register – (International) Danish court finds Pirate Bay cofounder guilty of hacking CSC servers. A court in Denmark found a cofounder of the Pirate Bay Web site guilty of working with an anonymous accomplice to compromise servers belonging to U.S. company CSC that contained data for European governments between February and August 2012. Source: http://www.theregister.co.uk/2014/10/30/danish_court_finds_pirate_bay_cofounder_guilty_of_hacking_csc_servers/
 
Communications Sector
 
26. October 30, Bristol Herald Courier – (Tennessee; Virginia) Phone and Internet outage affects area CenturyLink customers Phone and Internet services as well as 9-1-1 service were disrupted for CenturyLink customers in parts of Tennessee and southwestern Virginia for nearly 8 hours October 30 due to a damaged fiber optic cable. Source: http://www.tricities.com/news/article_57d434ca-607a-11e4-b637-001a4bcf6878.html