Complete DHS Report for January 2, 2015
Daily Report
Top Stories
· Snowfall
in California December 30 prompted a portion of Ortega Highway to close
indefinitely and the 15 Freeway to close for several hours while fire officials
rescued about 186 drivers that were trapped along Highway 138. – KABC 7 Los
Angeles
5. December 31, KABC 7 Los
Angeles – (California) Southern
California snow: Nearly 200 drivers rescued, Ortega Highway closed. Snowfall
in southern California December 30 prompted Ortega Highway between Riverside
and Orange counties to close until further notice and the 15 Freeway to close
for several hours overnight before reopening December 31. San Bernardino County
fire officials used snowcats to rescue about 186 drivers that were trapped
along Highway 138 near Crestline. Source: http://abc7.com/weather/socal-snow-more-than-130-drivers-stuck-15-fwy-ortega-highway-closed/456192/
· Approximately
319 flights were delayed and 102 additional flights were cancelled at San
Francisco International Airport December 30 due to windy conditions. – KPIX
5 San Francisco
8. December 30, KPIX 5 San
Francisco –
(California) Windy conditions cause 100s of flight cancellations, delays at
SFO; travelers should call ahead. Approximately 319 flights were delayed
and 102 additional flights were cancelled at San Francisco International
Airport in California December 30 due to windy conditions. Source: http://sanfrancisco.cbslocal.com/2014/12/30/windy-conditions-cause-100s-of-flight-cancellations-delays-at-sfo-travelers-call-ahead/
· A
partial wall collapse at a Morton Salt storage facility in Chicago December 30
caused tons of salt to spill into the adjacent McGrath Acura dealership’s
parking lot damaging several cars. – Chicago Sun-Times
13. December 30, Chicago
Sun-Times – (Illinois) Building
collapse at Morton Salt on North Side. A partial wall collapse at a Morton
Salt storage facility in Chicago December 30 caused tons of salt to spill into
the adjacent McGrath Acura dealership’s parking lot damaging several cars.
Authorities reported that the collapse was likely due to salt being stored too
high and that inspectors were assessing the structural integrity of the
building. Source: http://chicago.suntimes.com/business/7/71/247701/building-collapse-reported-morton-salt-north-side
· Researchers
found that 4G USB modems contain exploitable vulnerabilities which could allow
attackers to gain full control of the machines to which the devices are
connected to including smartphones, industrial control systems (ICS), and
supervisory control and data acquisition (SCADA) machines. – Threatpost See item 29 below in the Information Technology Sector
Financial Services Sector
4. December
31, KSNV 3 Las Vegas – (Nevada; Illinois) Seven face federal
indictment in telemarketing scheme. Six individuals from Las Vegas and 1
from Illinois were charged by a federal grand jury in Las Vegas December 30 for
their involvement in a scheme where they allegedly organized and operated 4
telemarketing companies and offered to help small business owners obtain grants
from public and private entities in exchange for fees from about 2007 to 2010.
Source: http://www.mynews3.com/content/news/story/las-vegas-federal-grand-jury-telemarketing-scheme/KKrMBsLApU-FMmdXE7I84A.cspx
For another story, see item 27 below
in the Information Technology Sector
Information Technology Sector
25. December
31, Softpedia – (International) Number of botnet control servers increased in
2014 – report. Spamhaus released a report December 31 claiming that the
number of IP addresses that have served at some point during 2014 as command
and control (C&C) servers increased 7.88 percent to 7,182 addresses
compared to 525 in 2013. The report also found that the Zeus banking trojan was
the most common type of malware followed by Citadel. Source: http://news.softpedia.com/news/Number-of-Botnet-Control-Servers-Increased-in-2014-Report-468721.shtml
26. December
30, Securityweek – (International) Android malware increasingly packaged with
HTML5 apps: Trend Micro. Trend Micro reported that hackers repackaged
legitimate HTML5 applications into Android malware at an increase of 200
percent in 2014 compared to 2013, while the number of potentially unwanted
applications (PUAs) and pieces of malware also increased, with nearly half of
such Android threats being disguised as games. Source: http://www.securityweek.com/android-malware-increasingly-packaged-html5-apps-trend-micro
27. December
30, Softpedia – (International) Fake Apple store purchase notification lures
to phishing page. A researcher with Hoax-Slayer found a malicious email
campaign that delivers messages claiming to be from Apple and informs the user
that TomTom navigation has been purchased from their store, and provides a link
to cancel the purchase which leads to a phishing page in an attempt to steal
banking information. Source: http://news.softpedia.com/news/Fake-Apple-Store-Purchase-Notification-Lures-to-Phishing-Page-468678.shtml
28. December
30, Threatpost – (International) XXE bug patched in Facebook careers
third-party service. Facebook rewarded a researcher who discovered a blind
XXE (XML External Entity) Out of Band bug in its third-party service that
handles resumes on Facebook’s careers page. The vulnerability was patched after
the researcher found that he was able to upload a .docx file with some
additional code that was not vetted by the third-party service, which could
allow an attacker to carry out a number of malicious activities. Source: http://threatpost.com/xxe-bug-patched-in-facebook-careers-third-party-service/110151
29. December
30, Threatpost – (International) Majority of 4G USB modems, SIM cards
exploitable. Positive Technologies’ researchers found that 4G USB modems
contain exploitable vulnerabilities which could allow attackers to gain full
control of the machines to which the devices are connected to, including SIM
cards via SMS over 4G networks. The vulnerabilities could also allow access to
subscriber accounts on relevant carrier portals, and the impact of attack
methods include smartphones, industrial control systems (ICS), and supervisory
control and data acquisition (SCADA) machines. Source: http://threatpost.com/majority-of-4g-usb-modems-sim-cards-exploitable/110139
Communications Sector
Nothing to report