Thursday, April 30, 2015



Complete DHS Report for April 30, 2015

Daily Report

Top Stories

 · Miller County, Arkansas officials announced April 28 that an oil spill caused by a leak in a line covering 40 to 60 acres of an area in the county could take 1-2 weeks to clean up. – KSLA 12 Shreveport

1. April 28, KSLA 12 Shreveport – (Arkansas) Oil spill in Miller County could take weeks to clean up. Miller County officials announced April 28 that an oil spill covering 40 to 60 acres of an area in the county could take 1-2 weeks to clean up. Crews used oil booms to clean up the spill that was reportedly caused by a leak in one of the lines. Source: http://www.ksla.com/story/28923049/hazmat-crews-on-scene-of-oil-spill-in-miller-county

 · American Airlines reported that a software application problem with iPads used by pilots forced the airline to ground about two dozen flights April 28. – USA Today

8. April 29, USA Today – (National) Travelers scramble after iPad issues delay American Airlines flights. American Airlines reported that a software application problem with iPads used by pilots forced the airline to ground about two dozen flights April 28. Source: http://www.usatoday.com/story/news/nation/2015/04/29/ipad-issues-ground-american-airlines-flights/26565621/

 · A garbage truck rear-ended a New Britain Public Schools bus in Glastonbury, Connecticut, April 28 causing 33 students from John Barry School to be transported to area hospitals with injuries. – WFSB 3 Hartford

17. April 28, WFSB 3 Hartford – (Connecticut) School bus crash sends students to hospital as a precaution. A garbage truck rear-ended a New Britain Public Schools bus in Glastonbury April 28 causing 33 students from John Barry School to be transported to area hospitals with injuries. Source: http://www.wfsb.com/story/28918167/students-taken-to-hospital-as-precaution-after-school-bus-crash-in-glastonbury

 · A Major League Baseball game scheduled to be played at Oriole Park at Camden Yards in Baltimore April 29 was closed to the public following a wave of looting and riots around the ballpark after protests in the city April 27 – April 28. – WRC 4 Washington, D.C.

24. April 29, WRC 4 Washington, D.C. – (Maryland) Orioles to play at empty stadium Wednesday in riot-ravaged Baltimore. A Major League Baseball game scheduled to be played at Oriole Park at Camden Yards in Baltimore April 29 was closed to the public following a wave of looting and riots around the ballpark after protests in the city April 27 – April 28. Games at the ballpark were postponed April 27 – April 28 due to safety concerns. Source: http://www.nbcwashington.com/news/local/Orioles-Postponed-Again-in-Riot-Ravaged-Baltimore-301564421.html

Financial Services Sector

4. April 28, Columbus Dispatch – (Ohio) Reward increased for ‘Buckeye Bandit.’ The FBI and Central Ohio Crime Stoppers offered an increased reward of up to $10,000 for information leading to the arrest of the bank robbery suspect dubbed the ‘Buckeye Bandit’ after he allegedly robbed the Cooper State Bank branch in Columbus April 26. The suspect is believed to have committed 24 bank and store robberies dating back to 2013. Source: http://www.dispatch.com/content/stories/local/2015/04/28/reward-for-bank-robber.html

5. April 28, Softpedia – (International) Malware delivered via malicious macro in Word document embedded in PDF. Security researchers at Avast discovered that cybercriminals are employing a new malware delivery technique in which they embed Microsoft Word documents with malicious macros into seemingly legitimate Adobe Portable Document Files (PDFs). Once the document is opened and macros are enabled, a script downloads a variant of the Dridex banking trojan to steal banking credentials and Google and Microsoft login information. Source: http://news.softpedia.com/news/Malware-Delivered-via-Malicious-Macro-in-Word-Document-Embedded-in-PDF-479593.shtml

Information Technology Sector

19. April 29, Securityweek – (International) InFocus projectors plagued by authentication flaws: Core Security. Security researchers at Core Security identified an authentication bypass vulnerability in InFocus network-connected projectors in which an unauthenticated user could bypass the login page and access the projector’s Web interface as an administrator by navigating to the “main.html” page. Once logged in, the unauthenticated user would have the ability to access and modify private network and WiFi configuration information. Source: http://www.securityweek.com/infocus-projectors-plagued-authentication-flaws-core-security

20. April 29, Softpedia – (International) Routers built with RealTek SDK affected by remote command-injection bug. A security researcher at HP’s Zero Day Initiative discovered a vulnerability in version 1.3 of the RealTek Software Development Kit (SDK) used in the development of D-Link and Trendnet broadband routers in which attackers can exploit a flaw in the simple object access protocol (SOAP) service to execute arbitrary code on the devices. Source: http://news.softpedia.com/news/Routers-Built-with-RealTek-SDK-Affected-by-Remote-Command-Injection-Bug-479660.shtml

21. April 29, Help Net Security – (International) Threats on government networks remain undetected for 16 days. Findings from a report by MeriTalk and Splunk on the state of cyber security in Federal, State, and local government agencies revealed that cyber threats exist on government networks for an average of 16 days without detection, and that 68 percent of respondents reported that their organizations are overwhelmed by the volume of security data they must analyze. Respondents also reported the benefits of big data in analytics and the challenges they face due to lack of skill or time, among other findings. Source: http://www.net-security.org/secworld.php?id=18323

22. April 29, Help Net Security – (International) Hacker exploits Android devices with self-implanted NFC chip. A security researcher at APA Wireless demonstrated that he could implant himself with a near field communication (NFC) chip that is undetectable by body scanners and could be used to infiltrate and compromise devices in high-security locations. The chip would ping nearby Android devices with links to malicious files that, once run and installed, would allow for further exploits from a remote computer. Source: http://www.net-security.org/secworld.php?id=18324

23. April 28, Threatpost – (International) WordPress zero-day vulnerability. WordPress patched a critical stored cross-site scripting (XSS) zero-day vulnerability in its release of version 4.2.1. The vulnerability affected tens of millions of WordPress sites and allowed attackers to store malicious JavaScript in the comment fields of WordPress sites that would be executed server-side once the comments are viewed. Source: https://threatpost.com/wordpress-patches-zero-day-vulnerability/112455

For another story, see item 5 above in the Financial Services Sector

Communications Sector

See item 22 above in the Information Technology Sector