Monday, December 1, 2014



Complete DHS Report for December 1, 2014

Daily Report

Top Stories

 • Around 131,000 homes in New Hampshire were without power November 28 following a snowstorm the caused outages to over 200,000 customers late November 26. – Associated Press
1. November 28, Associated Press – (New Hampshire) N.H. hit hard by storm-related power outages. Around 131,000 customers in New Hampshire were without power November 28 following a snowstorm the caused outages to over 200,000 customers late November 26. Crews were continuing work to restore power to affected customers. Source: https://www.bostonglobe.com/metro/2014/11/27/thanksgiving-storm-winding-down/NGqMzbQY8y8GSfzWRqgdMO/story.html

 • The Madison Metropolitan Sewerage District in Wisconsin reported November 26 that approximately 500,000 gallons of untreated wastewater was discharged over a 25-hour period when three pumps failed November 16. – Wisconsin State Journal
14. November 27, Wisconsin State Journal – (Wisconsin) Madison Metropolitan Sewage District reports 500,000-gallon spill in mid-November. The Madison Metropolitan Sewerage District reported November 26 that approximately 500,000 gallons of untreated wastewater was intermittently discharged over a 25-hour period on Madison’s north side November 16 when the primary pump and 2 backup pumps failed while a contractor was in the process of relining the interceptor sewer and diverting the wastewater. Source: http://host.madison.com/wsj/news/local/govt-and-politics/madison-metropolitan-sewage-district-reports--gallon-spill-in-mid/article_2a54a1c8-bed2-5d87-9b9e-c877f73c72b5.html

 • A gunman was fatally shot November 28 after he fired more than 100 shots at government buildings in downtown Austin, Texas, including the federal courthouse and the police department’s headquarters as well as attempting to set fire to the Mexican consulate. – NBC News
16. November 28, NBC News – (Texas) Gunman dead after shots fired at police HQ, Mexican consulate in Austin. A gunman fired more than 100 shots in downtown Austin November 28 targeting a federal courthouse, the Mexican consulate, and the police department’s headquarters, and then attempted to set fire to the consulate. Authorities shut down Interstate 35 for more than 3 hours while they investigated the death of the gunman and suspicious devices that were found in the suspect’s vehicle and attached to the suspect’s body. Source: http://www.nbcnews.com/news/us-news/gunman-dead-after-shots-fired-police-hq-mexican-consulate-austin-n257626

 • Researchers identified a new point of sale (PoS) malware dubbed DareDevil, designed to steal payment card information from multiple PoS systems. – Softpedia
26. November 27, Softpedia – (International) New DareDevil PoS malware also infects ticket machines and electronic kiosks. Researchers with IntelCrawler identified a new piece of point of sale (PoS) malware dubbed DareDevil that has been found affecting several PoS products including Figure Gemini PoS, Harmony WinPOS, OSIPOS Retail Management System, and QuickBooks Point of Sale Multi-Store and includes features such as backdoor access, keylogging, and RAM scraping. The malware was also found to be targeting PoS systems on mass transit system ticket kiosks. Source: http://news.softpedia.com/news/New-DareDevil-PoS-Malware-Also-Infects-Ticket-Machines-and-Electronic-Kiosks-465985.shtml

Financial Services Sector

See item 26 above in Top Stories

Information Technology Sector

20. November 28, Softpedia – (International) Syrian Electronic Army Thanksgiving hack of Microsoft, NBC, Dell, Forbes used Gigya comment platform. The creators of the Gigya comment platform announced that they closed a vulnerability in the product that allowed attackers claiming affiliation with the Syrian Electronic Army hacktivist group to place pop-up messages on the Web sites of several major technology, news, and other entities November 27. The attackers took advantage of GoDaddy to alter Gigya’s Domain Name System (DNS) in order to place the messages. Source: http://news.softpedia.com/news/Syrian-Electronic-Army-Thanksgiving-Hack-of-Microsoft-NBC-Dell-Forbes-Used-Gigya-Comment-Platform-466106.shtml

21. November 27, IDG News Service – (International) Weather.com fixes web application vulnerabilities. The Weather Channel fixed a Web application security issue on its Web site after a student researcher identified and reported the issue which made most links from the Web site vulnerable to cross-site scripting (XSS) attacks. Source: http://www.networkworld.com/article/2853293/weathercom-fixes-web-application-vulnerabilities.html

22. November 26, Securityweek – (International) Man pleads guilty to selling StealthGenie spyware. A Danish citizen pleaded guilty in federal court November 25 and was ordered to pay a $500,000 fine for advertising and selling the StealthGenie mobile device spyware. Source: http://www.securityweek.com/man-pleads-guilty-selling-stealthgenie-spyware

For another story, see item 26 above in Top Stories

Communications Sector

See item 21 above in the Information Technology Sector