Thursday, November 6, 2014



Complete DHS Report for November 6, 2014

Daily Report

Top Stories

 · The federal government filed suit against Southwest Airlines November 3 seeking $12 million in penalties following an investigation by the Federal Aviation Administration alleging that repairs on 44 aircraft did not meet safety standards or adhere to proper procedures. – Associated Press

7. November 4, Associated Press – (National) US sues Southwest Airlines over maintenance issues. The federal government filed suit against Dallas-based Southwest Airlines Co. November 3 after a settlement could not be reached following an investigation in July by the Federal Aviation Administration alleging that the company hired a contractor that did not meet safety standards or follow proper procedures while making repairs on 44 aircraft. The U.S. Department of Justice is seeking civil penalties worth $12 million against the company. Source: http://seattletimes.com/html/businesstechnology/2024946254_apxsouthwestairlinesfine.html

 · A November 4 fire at a poultry operation on a North Cornwall Township, Pennsylvania farm killed 20,000 hatchling chickens and caused an estimated $500,000 in damages. – Reuters

9. November 4, Reuters – (Pennsylvania) Barn fire kills 20,000 young chickens near Lebanon, Pennsylvania. A November 4 fire at a poultry operation on a North Cornwall Township farm killed 20,000 hatchling chickens and caused an estimated $500,000 in damages. Officials ruled that the cause of the fire could not be determined due to the severity of the blaze. Source: http://www.reuters.com/article/2014/11/04/us-usa-pennsylvania-chickens-idUSKBN0IO23W20141104

 · California voters approved $7.5 billion November 4 to fund water projects and programs designed to improve water conservation and recycling, groundwater cleanup, and water storage as well as for building two new reservoirs. – Associated Press

13. November 4, Associated Press – (California) California voters approve $7.5 billion water bond. California voters approved $7.5 billion November 4 to fund water projects and programs designed to improve water conservation and recycling, groundwater cleanup, and water storage as well as for building two new reservoirs. Source: http://www.news10.net/story/news/local/california/2014/11/05/california-prop-1-results/18510121/
  
 · Sixty residents were displaced from a Schaumburg, Illinois apartment community following a November 4 fire that rendered each of the complex’s three buildings uninhabitable. – Chicago Sun-Times

27. November 4, Chicago Sun-Times – (Illinois) 60 displaced, one injured in Schaumburg apartment fire. Sixty residents were displaced from a Schaumburg apartment community following a November 4 fire that rendered each of the complex’s three buildings uninhabitable due to fire, smoke, and water damage. One person was transported to an area hospital with non-life-threatening injuries. Source: http://www.myfoxchicago.com/story/27275020/60-displaced-one-injured-in-schaumburg-apartment-fire

Financial Services Sector
 
3. November 5, Softpedia – (California) Palm Springs Federal Credit Union loses hard drive with customer data. An audit at Palm Springs Federal Credit Union in California found that a hard drive containing an undisclosed number of customers’ names, Social Security numbers, account numbers, and addresses was unaccounted for on or about October 20. There was no statement on whether the data was encrypted or unencrypted. Source: http://news.softpedia.com/news/Palm-Springs-Federal-Credit-Union-Loses-Hard-Drive-with-Customer-Data-464078.shtml

4. November 5, Norfolk Virginian-Pilot – (Virginia) Ex-Va. Beach broker admits embezzling from clients. A Virginia Beach man who formerly worked as a financial advisor for Ameriprise Financial pleaded guilty November 4 to embezzling $192,000 from 5 clients through 86 unauthorized transactions. Source: http://hamptonroads.com/2014/11/exva-beach-broker-admits-embezzling-clients#

5. November 4, Orange County Register – (California) Serial bank robber strikes in Costa Mesa. Federal authorities believe that the man who robbed a U.S. Bank branch November 4 in Costa Mesa is the suspect known as the “Gift Bag Bandit” responsible for five other bank robberies in the area in 2011. Source: http://www.ocregister.com/articles/bank-640896-suspect-money.html

6. November 4, Associated Press – (Maryland) Maryland, federal authorities seek ATM skimmer who has netted more than $100,000. Maryland and federal authorities are trying to identify a man seen in surveillance photos believed to be responsible for using skimming devices and pin hole cameras to steal more than $100,000 using stolen ATM card data. Authorities believe the suspect is operating in several Maryland counties and perhaps in one or more neighboring States. Source: http://www.therepublic.com/view/story/685d188bb38a43dcbe49e429daa9f864/MD--ATM-Skimming-Investigation

For another story, see item 24 below in the Information Technology Sector
  
Information Technology Sector
 
22. November 5, Ars Technica – (International) Crypto attack that hijacked Windows Update goes mainstream in Amazon Cloud. A researcher stated that he was able to replicate the MD5 hash collision method used in the Flame cyberespionage attacks using a GPU instance on Amazon Web Service to cause two images to have the same MD5 hash. The method was used in the Flame campaign to cause compromised Windows Update certificates to be recognized as valid on targeted systems, allowing malware to be downloaded undetected. Source: http://arstechnica.com/security/2014/11/crypto-attack-that-hijacked-windows-update-goes-mainstream-in-amazon-cloud/

23. November 5, Help Net Security – (International) New technique makes phishing sites easier to create, more difficult to spot. Trend Micro researchers identified a new phishing site technique targeting an e-commerce site that uses a proxy to relay user traffic to a legitimate site and then redirects users to a phishing site once they make a purchase and enter payment information. The method was observed in an attack on an online store in Japan but could be used for other sites. Source: http://www.net-security.org/secworld.php?id=17592

24. November 4, Softpedia – (International) Compromised EDU domain used to send out ZeuS-laden emails. Researchers with PhishMe detected a spam email campaign distributing the Zeus (also known as Zbot) information-stealing trojan through email addresses belonging to an undisclosed U.S. educational organization with around 25,000-30,000 enrolled students. Source: http://news.softpedia.com/news/Compromised-EDU-Domain-Used-to-Send-Out-ZeuS-Laden-Emails-464072.shtml

25. November 4, SC Magazine – (International) Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes. Symantec researchers stated November 4 that the music news Web site Spin.com was redirecting users to a page hosting the Rig Exploit Kit October 27 and that the issue has been closed. The researchers were unsure of how the compromise occurred but found that the attackers injected an iFrame into the site in order to redirect visitors. Source: http://www.scmagazine.com/the-popular-music-news-site-redirected-visitors-to-the-rig-exploit-kit/article/381364/

Communications Sector 

Nothing to report