Complete DHS Report for December 15, 2014
Daily Report
Top Stories
• Two contractors and a crew member were
killed while two other crew members suffered injuries in an engine room fire
aboard the Miami-based Oceania Cruises’ Insignia cruise ship docked in St.
Lucia December 11. – South Florida Sun Sentinel
9. December
12, South Florida Sun Sentinel – (International) Oceania cruise
ship fire kills 3. Two contractors and a crew member were killed while two
other crew members suffered injuries in an engine room fire aboard the
Miami-based Oceania Cruises’ Insignia cruise ship docked in St. Lucia December
11. The fire was contained to the engine room and extinguished and the
remainder of the cruise was cancelled while officials worked to transport all
684 passengers to Miami. Source: http://www.msn.com/en-us/news/us/oceania-cruise-ship-fire-kills-3/ar-BBgFH50
• A December 11 storm caused over 100,000
customers in San Francisco to lose power, prompted major sections of Bay Area
freeways to close, forced school closures across several counties, and caused
more than 240 flight cancellations. – Los Angeles Times
12. December
11, Los Angeles Times – (California) California storm: 113,000
still without power, travel disrupted. A December 11 storm that caused
severe flooding forced major sections of Bay Area freeways to close, caused
more than 240 flight cancellations and travel delays, and forced the Bay Area
Rapid Transit to close 2 stations due to a power outage, in addition to school
closures across several counties. More than 100,000 customers in San Francisco
lost power as crews worked to restore service. Source: http://www.latimes.com/local/lanow/la-me-ln-winter-storm-california-winds-20141211-story.html
• Officials are investigating after more than
100 students from Centennial High School in Roswell, Georgia, and their family
members became sick following a football banquet December 8. – WSB 2 Atlanta
20. December
11, WSB 2 Atlanta – (Georgia) 100+ sickened after high schools
sports banquet. The Fulton County Health Department and school officials
are investigating after more than 100 students from Centennial High School in
Roswell, Georgia, and their family members became sick, experiencing symptoms
which included nausea, vomiting, and abdominal cramps following a football
banquet December 8. Source: http://www.wsbtv.com/news/news/local/100-sickened-after-high-schools-sports-banquet/njQyL/
• A 3-alarm fire at the Thanksgiving Tower
commercial high rise in Dallas December 11 killed 3 subcontractors, injured 3
additional individuals, and prompted the evacuation of 2,800 employees inside
the building. – KXAS 5 Fort Worth
30. December
12, KXAS 5 Fort Worth – (Texas) Thousands evacuated after fatal
fire breaks out at Dallas' Thanksgiving Tower. A 3-alarm fire at the
Thanksgiving Tower commercial high rise in Dallas December 11 killed 3
subcontractors that were working in a thermal storage tank inside the
building’s basement heating and cooling unit, injured 3 additional individuals,
and prompted the evacuation of 2,800 employees inside the building. Crews cut
off power to the building before they could battle the blaze that was believed
to be electrical in nature. Source: http://www.nbcdfw.com/news/local/Fire-Reported-at-Thanksgiving-Tower-High-Rise-285502401.html
Financial Services Sector
7. December
12, Threatpost – (International) Upatre downloader spreading
Dyreza banking trojan. Microsoft warned December 11 that the Upatre
downloader is being used in a wire-transfer spam campaign to spread the Dyreza
banking malware, mainly targeting victims in the U.S. and Canada. The malware
is able to bypass encryption in order to steal online banking credentials and
other data. Source: http://threatpost.com/upatre-downloader-spreading-dyreza-banking-trojan/109858
Information Technology Sector
26. December 12, The Register – (International) Hackable
intercom lets you SPY on fellow apartment-dwellers. A researcher presenting
at the Kiwicon security conference detailed how he was able to use several
vulnerabilities in the GrandStream GXV3175 video intercom, including directory
traversal and command injection flaws, to potentially spy on any resident in an
apartment building equipped with the devices. The issues were patched by the
manufacturer after the researcher reported them. Source: http://www.theregister.co.uk/2014/12/12/hackable_intercom_becomes_neighbour_spy_box/
27. December 12, The Register – (International) Microsoft
pulls a patch and offers PHANTOM FIX for the mess. Microsoft took down an
update included in its monthly Patch Tuesday release due to the patch causing
issues on systems running Windows 7 Service Pack (SP1) and Windows Server 2008
R2 SP1. A second patch was then published to address the issue. Source: http://www.theregister.co.uk/2014/12/12/microsoft_pulls_a_patch_and_offers_phantom_fix_for_the_mess/
28. December 12, Securityweek – (International) Malwarebytes
anti-exploit upgrade mechanism vulnerable to MitM attacks. A Fox-IT researcher
identified and reported vulnerabilities in consumer versions of Malwarebytes
Anti-Malware 2.0.2 and earlier, and Malwarebytes Anti-Exploit 1.03 and earlier
that could have left the security products vulnerable to man-in-the-middle
(MitM) attacks and allowed the download of malicious content. The
vulnerabilities were reported in July and August and patched in September and
October. Source: http://www.securityweek.com/malwarebytes-anti-exploit-upgrade-mechanism-vulnerable-mitm-attacks
Communications Sector
29. December
11, Burlington Free Press – (New Hampshire; Vermont) Statewide
FairPoint Internet outage alleviated. Internet service for FairPoint
Communications customers in Vermont and parts of New Hampshire was restored
after being disrupted for nearly 12 hours December 11 due to a hardware issue
during routine maintenance work. Source: http://www.burlingtonfreepress.com/story/news/local/2014/12/11/fairpoint-internet-disruption-alleviated/20254613/