· The U.S.
Postal Service announced November 10 that the personal information of more than
800,000 employees and customers were potentially accessed in a cyberattack. – Reuters
8. November 10, Reuters – (National) U.S. Postal Service says
data breach hits employees, call center. The U.S. Postal Service (USPS)
announced November 10 that the personal information, including Social Security
numbers, of more than 800,000 employees and customers who called the Postal
Service Customer Care Center between January and August 16 was potentially
accessed in a cyberattack. The USPS is investigating and reported that the
intrusion is limited in scope and operations are functioning normally. Source: http://www.reuters.com/article/2014/11/10/us-cybersecurity-usps-idUSKCN0IU1P420141110
· Thousands
of food products worth more than $3 million were scattered all over the roadway
following an accident on Interstate 24 east near Monteagle, Tennessee, shutting
down the interstate for more than 4 hours November 9. – Chattanooga Times
Free Press
9. November 10, Chattanooga
Times Free Press –
(Tennessee) Meat, eggs and cheese only casualties of I-24 pileup on
Monteagle. Thousands of eggs, cheese, and boxes of meat worth more than $3
million collectively were scattered all over the roadway following an accident
between 3 semi-trucks and 2 cars on Interstate 24 east near Monteagle, shutting
down the interstate for more than 4 hours November 9 while crews cleared the
scene. One driver was injured in the incident. Source: http://www.timesfreepress.com/news/2014/nov/10/meat-eggs-and-cheese-only-casualties-of-i-24/
· Researchers
identified an advanced persistent threat (APT) group dubbed Darkhotel APT that
has targeted travelers in the Asia-Pacific region using malicious hotel WiFi
networks, spear phishing, and malicious torrent files. – Securityweek See item 26 below in the Information Technology Sector
· About
5,000 people were evacuated from office buildings or told to shelter-in-place
in San Jose, California, November 7 – November 8 while crews worked to repair a
4 inch natural gas pipeline that was inadvertently struck. – San Jose
Mercury News
35. November
8, San Jose Mercury News – (California) San Jose: All-clear given
after downtown natural-gas leak. About 2,500 people were evacuated from
office buildings in downtown San Jose and around 2,500 additional people were
ordered to shelter-in-place
November 7 while crews worked to repair a 4 inch natural gas pipeline that was
inadvertently struck by a construction crew working in the area. The scene was
cleared November 8 after HAZMAT crews tested buildings for possible pockets of
gas that could be trapped inside, and service was expected to be restored to
the 40 affected businesses by November 10. Source: http://www.mercurynews.com/bay-area-news/ci_26898555/san-jose-bus-lines-resume-normal-service-after
Financial Services Sector
4. November
7, WSB 750 AM Atlanta – (Georgia) Massive credit card scam found
in Paulding Co. Authorities in Paulding County arrested a Kennesaw man for
allegedly operating a payment card forgery operation after police were
contacted by the owner of an office building who had discovered suspicious
items while cleaning out the office space of an evicted tenant. Police found
1,154 payment cards as well as card embossing devices and several fraudulent
driver’s licenses from various States. Source: http://www.wsbradio.com/news/news/local/massive-credit-card-scam-found-paulding-co/nh3C3/
5. November
7, Amarillo Globe-News – (Texas) Troopers seize nearly $200k in
fake credit cards, cash. Texas Department of Public Safety troopers
arrested two Romanian nationals after they found 69 fraudulent payment cards
valued at $172,000 and 29 fraudulent ID cards from Iowa during a traffic stop
in Carson County November 4. Troopers stated that they believed the contraband
and $18,000 in cash was being transported from California to Tennessee. Source:
http://amarillo.com/news/local-news/2014-11-07/troopers-seize-nearly-200k-fake-credit-cards-cash
6. November
7, KIRO 7 Seattle – (Washington) ‘Roscoe Bandit’ strikes Olympia
bank. A suspect known as the “Roscoe Bandit” linked to two bank robberies
in Seattle was also linked to an October 30 robbery of Timberland Bank in
Olympia. The previous Seattle robberies occurred July 29 at a Wells Fargo Bank
branch and July 28 at a HomeStreet Bank branch. Source: http://www.kirotv.com/news/news/roscoe-bandit-strikes-olympia-bank/nh3SQ/
7. November
7, Chicago Sun-Times – (Illinois) ‘Bully Bandit’ suspected of
three more bank robberies. The FBI is offering a reward for information on
the “Bully Bandit” after the suspect was linked to 3 additional robberies in
the Chicago area, bringing the suspect’s total to 15 bank robberies since 2012.
The most recent bank robbery occurred November 5 at a Chase Bank branch in
Chicago. Source: http://www.myfoxchicago.com/story/27326638/bully-bandit-suspected-of-three-more-bank-robberies
Information Technology Sector
26. November
10, Securityweek – (International) Darkhotel attackers target business travelers
via hotel networks. Kaspersky Lab researchers identified an advanced
persistent threat (APT) group dubbed Darkhotel APT that has targeted travelers
in the Asia-Pacific region in addition to the U.S. using malicious hotel WiFi
networks, spear phishing, and malicious torrent files. The group’s hotel
attacks involve prompting users with a software update notice that installs a
backdoor, and the group has targeted guests associated with industries and
sectors including government organizations, the defense industry, energy
industry, pharmaceutical industry, electronics manufacturers, medical
providers, and non-governmental organizations. Source: http://www.securityweek.com/darkhotel-attackers-target-business-travelers-hotel-networks
27. November
10, The Register – (International) BrowserStack HACK ATTACK: Service still
suspended after rogue email. Browser testing service BrowserStack stated
that it was temporarily suspending service to recover after an attacker managed
to gain access to a list of email addresses and the company’s official email
account, using it to send out a fake message to developers. Source: http://www.theregister.co.uk/2014/11/10/browserstack_hack_attack_service_still_suspended_after_rogue_email/
28. November
10, The Register – (International) Emoticons blast three security holes in
Pidgin :-(. Researchers at Cisco reported that the instant messaging client
Pidgin contained three security vulnerabilities that could have allowed
attackers to overwrite files or cause a denial of service (DoS) situation. The
vulnerabilities have since been patched. Source: http://www.theregister.co.uk/2014/11/10/cisco_security_bods_hunt_pidgin/
Communications Sector
29. November
10, Lancaster Online – (Pennsylvania) 579 people in Lancaster County lose phone
service after vehicle crash. Approximately 579 Frontier Communications
customers from Quarryville to Caernarvon Township in Lancaster County were
without phone service for several hours November 9 after a vehicle struck and
damaged a pole at the intersection of Routes 340 and 772. Source: http://lancasteronline.com/news/local/people-in-lancaster-county-lose-phone-service-after-vehicle-crash/article_d50be6ba-6834-11e4-8ea5-338b6a11f59f.html
30. November
8, Honolulu Star-Advertiser – (Hawaii) 140 Hawaiian Telecom
customers now without service in Kaimuki. A phone and high-speed Internet
service disruption October 21 continued for 140 Hawaiian Telecom customers in
the Kaimuki and Maunalani Heights areas of east Honolulu November 8 following a
break in a 12 inch water main that pushed several feet of asphalt, debris, and
rocks into an open manhole covering underground cables. Crews continued work to
remove the debris in order to restore service. Source: http://www.staradvertiser.com/news/breaking/20141108_140_Hawaiian_Telcom_customers_now_without_service_in_Kaimuki.html?id=282056391