· A
Russian national was charged February 17 in the U.S. for his alleged
involvement in a scheme that stole more than 160 million credit card numbers
resulting in hundreds of millions of dollars in losses to consumers and
financial institutions. – Tribune Washington Bureau See item 4 below in the Financial Services Sector
· Snow removal operations
in Boston continued February 18 after a series of winter storms that added
additional delays and cancellations to the State’s transit system. – Boston
Globe
8. February 17, Boston Globe – (Massachusetts) Cancellations,
delays stack up on commuter rail. Full-scale snow removal operations in
Boston continued and a parking ban in the city was expected to be lifted
February 18 after the latest of a series of winter storms dumped snow that
added additional delays and cancellations to the Massachusetts Bay
Transportation Authority’s (MBTA) transit system which already was already
providing limited service. An MBTA representative warned that it could take up
to 30 days to restore full service on the public transit system. Source: https://www.bostonglobe.com/metro/2015/02/17/mbta-commuters-face-hurdles-workweek-resumes/onVl30TkQBpbP9tYSCGqrN/story.html
· A state of emergency was
declared in Tennessee February 16 due to deteriorating road conditions and
major traffic issues caused by a winter storm that swept across the State. – Nashville
Tennessean
10. February 17, Nashville
Tennessean –
(Tennessee) Tennessee declares state of emergency as roads deteriorate. A
state of emergency was declared in Tennessee February 16 due to deteriorating
road conditions and major traffic issues caused by a winter storm that swept
across the State. The Tennessee Emergency Management Agency activated its
emergency management plan and the Tennessee National Guard deployed to several
counties to aid with interstate crashes and perform motorist wellness checks.
Source: http://www.tennessean.com/story/news/2015/02/16/tennessee-declares-state-emergency-roads-deteriorate/23534741/
· Researchers reported that
a cyber-espionage group has used spear-phishing and other techniques to deliver
two backdoors though 100 malware samples to infect Windows PCs and Android
devices of targets based in several countries. – Securityweek See item 31 below in the Information Technology Sector
Financial Services Sector
4. February
18, Tribune Washington Bureau – (International) Accused
Russian hacker to face charges in US court. A Russian national was
extradited to the U.S. and charged February 17 in New Jersey for his alleged
involvement in an international scheme that stole more than 160 million credit
card numbers resulting in hundreds of millions of dollars in losses to
consumers and financial institutions including Dow Jones, 7-Eleven, Nasdaq, Visa,
and JetBlue. The suspect, arrested in the Netherlands in 2012, allegedly hacked
victims’ networks to gain access to usernames and passwords, credit card and
personal identifiable information, and sold them to resellers around the world.
Source: http://www.msn.com/en-us/news/crime/accused-russian-hacker-to-face-charges-in-us-court/ar-BBhHvhz
5. February
17, Kingston Daily Freeman – (New York) Fire badly damages Key Bank
branch in Phoenicia; vault contents, customer records OK. The Key Bank
branch in Phoenicia, New York, issued a statement that all client information
and vault contents were secure February 17 after a February 16 fire caused
extensive damage to the structure. The cause of the fire remains under
investigation, and the bank is closed indefinitely until officials can repair
the damage. Source: http://www.dailyfreeman.com/general-news/20150217/fire-badly-damages-key-bank-branch-in-phoenicia-vault-contents-customer-records-ok\
6. February
17, Softpedia – (International) Vawtrak trojan downloaded via malicious macro
for Microsoft Word. Trend Micro security researchers discovered a new cyber
criminal campaign targeting banks including Bank of America, Barclays,
Citibank, HSBC, Lloyd’s Bank, and J.P. Morgan with emails containing malicious
macro-enabling Microsoft Word documents that install the Vawtrak banking trojan
by downloading a batch file, a visual basic scripting edition (VBS script), and
Powershell file. The malware serves clients modified pages to trick them into
providing log in data for Microsoft Outlook, Google Chrome, Mozilla Firefox,
and file transfer protocol (FTP) clients. Source: http://news.softpedia.com/news/Vawtrak-Trojan-Downloaded-Via-Malicious-Macro-for-Microsoft-Word-473438.shtml
7. February
16, Help Net Security – (International) Banking trojan Dyreza
sends 30,000 malicious emails in one day. Bitdefender security researchers
discovered that 30,000 malicious emails containing the banking trojan Dyreza
were sent in one day to customers of banks including HSBC, NatWest, Barclays, RBS,
Lloyds Bank, and Santander from servers in the U.K., France, Turkey, Russia,
and the U.S. The trojan allows hackers to covertly steal credentials and
manipulate accounts. Source: http://www.net-security.org/malware_news.php?id=2964
For another story, see item 28 below in the Information Technology Sector
Information Technology Sector
27. February
18, Softpedia – (International) Author of Android Xbot malware includes curse
at AV companies. Avast security researchers discovered that the Xbot
Android malware infected over 2,570 installations in 350 unique files through
third-party marketplaces since the beginning of February. The malware
persistently runs on infected devices, has the capability to download content
to command and control (C&C) servers, and primarily focuses on capturing,
reading, and writing short text messages. Source: http://news.softpedia.com/news/Author-of-Android-Xbot-Malware-Includes-Curse-At-AV-Companies-473509.shtml
28. February
18, Help Net Security – (International) Credit card info stolen in
BigFish Games site compromise. BigFish Games reported that the personal and
financial information of some of its customers that made purchases between
December 24, 2014 and January 8 may have been compromised after the company
discovered malware installed on the billing and payment pages of their Web site
January 12. Affected customers were notified of the breach February 11, and the
company removed the malware and has taken steps to prevent the malware from
being reinstalled. Source: http://www.net-security.org/secworld.php?id=17964
29. February
17, Softpedia – (International) Siemens fixes security flaws in Simatic Step
7 (TIA Portal). Siemens patched two minor and two more severe
vulnerabilities due to glitches in Simatic Step 7 that allowed hackers to
possibly learn user passwords, escalate privileges, or hijack and intercept
industrial communication on TCP port 102. Source: http://news.softpedia.com/news/Siemens-Fixes-Security-Flaws-in-Simatic-Step-7-TIA-Portal-473410.shtml
30. February
17, Help Net Security – (International) Flaw in Netgear Wi-Fi
routers exposes admin password, WLAN details. A network engineer discovered
and notified Netgear support that certain versions of the brand’s WNDR3700v4,
WNR2200, and WNR2500 home wireless routers contain a vulnerability in the
embedded simple object access protocol (SOAP) service that could allow
unauthenticated remote and locally-connected attackers to obtain the
administrator password, device serial number, WLAN details, and various
information related to clients connected to the device. Source: http://www.net-security.org/secworld.php?id=17959
31. February
17, Securityweek – (International) Arabic threat group attacking thousands of
victims globally. Kaspersky Lab security researchers reported that “Desert
Falcons,” the first known full-scale Arabic cyber-espionage group, has used
spear-phishing and social engineering techniques to deliver two backdoors
though 100 malware samples to infect Windows PCs and Android devices of targets
based in Egypt, Palestine, Israel, Jordan, the U.S., and other countries for at
least 2 years. The malware has full-backdoor capability as well as the
capability to steal call and SMS logs in Android versions, and attackers have
targeted victims from political, military, government individuals and
organizations, media outlets, energy and utility providers, physical security
companies, and others holding geopolitical information. Source: http://www.securityweek.com/arabic-threat-group-attacking-thousands-victims-globally
For
additional stories, see items 4, 6, and 7 above in the Financial Services Sector
Communications Sector
32. February 17, Fierce
Wireless – (National) T-Mobile recovers from service disruptions
in the Northeast. T-Mobile service in the Northeast region of the U.S. was
restored after several hours February 13 following a network disruption that
resulted in intermittent service, loss of high-speed data reception, and the
ability to make voice calls. The cause of the outage was not disclosed. Source:
http://www.fiercewireless.com/story/t-mobile-recovers-service-disruptions-northeast/2015-02-17
For another story, see item 31 above in the Information Technology
Sector