Monday, November 10, 2014



Complete DHS Report for November 10, 2014

Daily Report

Top Stories

  · Three subsidiaries of Potash Corporation of Saskatchewan agreed to pay a $1.3 million civil penalty to resolve allegations that the companies violated the Clean Air Act when they modified eight U.S. fertilizer production facilities in ways that released excess sulfur dioxide. – U.S. Environmental Protection Agency

9. November 6, U.S. Environmental Protection Agency – (Florida; North Carolina; Louisiana) Three subsidiaries of the world’s largest fertilizer producer to reduce harmful air emissions at eight production plants. Three subsidiaries of Potash Corporation of Saskatchewan (PCS) agreed to pay a $1.3 million civil penalty to resolve allegations brought forth by the U.S. Environmental Protection Agency and the U.S. Department of Justice that the companies violated the Clean Air Act when they modified eight U.S. fertilizer production facilities in ways that released excess sulfur dioxide. The companies will also spend an estimated $50 million to reduce air emissions at production plants in White Springs, Florida; Aurora, North Carolina; and Geismar, Louisiana. Source: http://yosemite.epa.gov/opa/admpress.nsf/596e17d7cac720848525781f0043629e/4e642eb4c6e0535f85257d880049c0f8
 
 · Authorities charged a man who operated pain clinics in south Florida and Georgia, and a co-conspirator, for allegedly taking part in a scheme to distribute over 1 million prescription pain pills in southeastern Kentucky. – Lexington Herald-Leader

15. November 6, Lexington Herald-Leader – (Kentucky; Florida; Georgia) Court records: Pain clinic operator distributed more than 1 million pills in southeastern Kentucky. Authorities charged a man who operated pain clinics in south Florida and Georgia, and a co-conspirator, for allegedly taking part in a scheme to distribute over 1 million prescription pain pills in southeastern Kentucky, amassing $15 million from June 2008 to May 2014. The pair was allegedly part of the plot which involved individuals from Kentucky visiting clinics in Florida and Georgia to get prescriptions without undergoing real examinations. Source: http://www.kentucky.com/2014/11/06/3525239_court-records-pain-clinic-operator.html
 
 · U.S. and European law enforcement agencies undertook joint action against several underweb marketplaces resulting in 17 arrests and the takedown of over 410 hidden services. – Help Net Security See item 29 below in the Information Technology Sector

 · Home Depot officials disclosed November 6 that an investigation into a previous breach of the company’s payment data systems revealed that 53 million email addresses of customers in the U.S. and Canada were also compromised. – Help Net Security

35. November 7, Help Net Security – (International) 53M customer email addresses were also stolen in Home Depot breach. Home Depot officials disclosed November 6 that an investigation into a previously reported breach of the company’s payment data systems revealed that 53 million email addresses of customers in the U.S. and Canada were also compromised during the attack and officials urged consumers to be on guard against phishing scams. The company also reported that hackers used the stolen credentials of a third-party vendor to access the company’s point-of-sale (PoS) devices, then acquired administrator rights that enabled them to deploy custom-built malware on self-checkout systems at the company’s stores in the U.S. and Canada. Source: http://www.net-security.org/secworld.php?id=17606
 
Financial Services Sector

 6. November 6, U-T San Diego – (California) Bearded Bandit has new beardless look. The FBI stated that a suspect known as the Bearded Bandit is suspected in the November 6 robbery of a Chase Bank branch in Vista, the third bank robbery in the San Diego area linked to the suspect. The suspect acquired the Bearded Bandit moniker in previous robberies but appeared in images of the November 6 robbery without a beard. Source: http://www.utsandiego.com/news/2014/nov/06/bearded-bandit-robbery-bank-fbi/

For additional stories, see item 29 below in the Information Technology Sector and item 35 above in Top Stories
  
Information Technology Sector
 
26. November 7, The Register – (International) Belkin flings out patch after Metasploit module turns guests to admins. Belkin recently released a patch for its N750 dual-band router to close a vulnerability demonstrated in a Metasploit module that could allow attackers on guest networks to gain root access. Users were advised to update their firmware to close the vulnerability. Source: http://www.theregister.co.uk/2014/11/07/belkin_flings_patch_after_metasploit_module_turns_guests_to_admins/

27. November 7, Help Net Security – (International) WireLurker: Apple blocks Trojanized apps, revokes certificate. Apple stated that it blocked apps identified as containing the WireLurker malware for OS X and iOS and revoked the certificate used to sign the malware. Source: http://www.net-security.org/malware_news.php?id=2911

28. November 7, Securityweek – (International) Metasploit module released for new UXSS vulnerability in Android browser. An independent researcher in coordination with Rapid7 identified and reported a universal cross-site scripting (UXSS) vulnerability in the default Android browser that could allow an attacker to scrape page contents and cookie data. A Metasploit module for the vulnerability was released, and although Google fixed the issue September 30 many Android users may not receive the fix due to lack of Android version updates. Source: http://www.securityweek.com/metasploit-module-released-new-uxss-vulnerability-android-browser

29. November 7, Help Net Security – (International) After Silk Road 2, global law enforcement seizes other dark markets. U.S. and European law enforcement agencies undertook joint action against several other underweb marketplaces following actions against the Silk Road 2.0 marketplace, resulting in 17 arrests and the takedown of over 410 hidden services. Authorities also seized around $1 million in cash, illegal drugs, and precious metals. Source: http://www.net-security.org/secworld.php?id=17605

30. November 6, Softpedia – (International) Cisco patches three out of four buggy small business RV series routers. Cisco posted an advisory November 5 stating that three vulnerabilities in four routers intended for small business use could allow attackers to execute arbitrary commands and upload files to the devices. The company issued patches for the RV120W Wireless-N VPN Firewall, RV180 VPN Router, and RV 180W Wireless-N Multifunction VPN Router, while a patch for the RV220W Wireless Network Security Firewall is expected by the end of November. Source: http://news.softpedia.com/news/Cisco-Patches-Three-Out-Of-Four-Small-Business-RV-Series-Routers-464341.shtml

For additional stories, see item 32 below in the Communications Sector and item 35 above in Top Stories

Communications Sector
 
31. November 6, Philadelphia Inquirer – (National) Multistate Comcast outage darkens TV screens for Xfinity subscribers. Comcast apologized to users of its X1 set-top boxes November 6 after some users experienced an outage due to a software update. Source: http://www.philly.com/philly/business/20141107_Multistate_Comcast_outage_darkens_TV_screens_for_Xfinity_subscribers.html

32. November 5, Lafayette Daily Advertiser – (Louisiana) LUS Fiber victim of Internet attack. The director of Lafayette Utilities System (LUS Fiber) stated that disruptions to customers’ Internet access November 4 and November 5 in Lafayette were the result of an attacker intentionally overwhelming the system. LUS Fiber had also experienced an unrelated email server malfunction the week of October 27 that left customers without email service for several days. Source: http://www.theadvertiser.com/story/news/local/2014/11/05/lus-fiber-victim-internet-attack/18547439/