Complete DHS Report for October 27, 2015
• A Kentucky accountant pleaded guilty October 23 to charges that he embezzled $8.7 million from G&J Pepsi-Cola Bottlers Inc., by creating a sham account where he deposited checks before moving them to personal accounts. – Associated Press See item 8 below in the Financial Services Sector
• Heavy rain storms October 24 caused flooding that forced the closure of Interstate 45 in Corsicana, northbound lanes of Interstate 35 in north Texas to be shut down, and caused a Union Pacific train to be partially submerged under water. – Weather.com
11. October 25, Weather.com – (Texas) Houston residents told to avoid traveling; Texas roads, Interstates closed. The city of Houston activated its Emergency Operations Center October 24 after heavy rain storms caused flooding that forced the closure of Interstate 45 in Corsicana in both directions, northbound Interstate 35 in north Texas to be shut down at mile marker 353, and caused a Union Pacific train to be partially submerged under water, prompting the rescue of two employees.
• Thirty-two cars of a train derailed and spilled liquid asphalt on the BNSF Railway west of Gallup, New Mexico, October 23, prompting the closure of Route 118 while HAZMAT crews responded to the scene. – KNXV 15 Phoenix
14. October 23, KNXV 15 Phoenix – (New Mexico) 32 train cars derail, spill closes down State Route 118 in New Mexico. Thirty-two cars of a train derailed and spilled liquid asphalt on the BNSF Railway west of Gallup, New Mexico, October 23, prompting the closure of Route 118 while HAZMAT crews responded to the scene. Officials determined that the spill was non-toxic and there were no reports of injuries. Source: http://www.abc15.com/news/national/32-train-cars-derail-spill-closes-down-state-route-118-in-new-mexico
• Four people were killed and dozens of others were injured when a woman drove into a crowd of spectators at an Oklahoma State University homecoming parade near the Boone Pickens Stadium October 24. – CNN
25. October 25, CNN – (Oklahoma) Driver faces murder charges in Oklahoma State crash. Four people were killed and dozens of others were injured when a woman accused of driving under the influence, drove into a crowd of spectators at an Oklahoma State University homecoming parade near the Boone Pickens Stadium October 24. Source: http://www.cnn.com/2015/10/25/us/oklahoma-car-into-crowd/
Financial Services Sector
7. October 24, WRGB 6 Schenectady – (New York; New Jersey; Massachusetts) Man accused of ‘skimming’ ATMs. Authorities arrested a suspect in New Lebanon October 24 who was allegedly part of a widespread ATM skimming operation that stole hundreds of thousands from banks in New York, New Jersey, Massachusetts, and potentially elsewhere. Police arrested the man after he reportedly used a skimming device at Berkshire Bank and First Niagara Bank ATMs in Chatham.
8. October 23, Associated Press – (Kentucky; Virginia) Appalachian Trail hiker pleads guilty to wire fraud in embezzling case. A Kentucky accountant pleaded guilty October 23 to charges that he embezzled $8.7 million from G&J Pepsi-Cola Bottlers Inc., by creating a sham account where he deposited checks before moving them to personal accounts. The man was found in Damascus, Virginia, after hiking along the Appalachian Trail as a fugitive for about six years. Source: http://www.tuscaloosanews.com/article/20151023/NEWS/151029853/1002?Title=Appalachian-trail-hiker-pleads-guilty-to-wire-fraud-in-embezzling-case-
For another story, see item 30 below in the Information Technology Sector
Information Technology Sector
30. October 26, Softpedia – (International) 12 new malware strands are discovered every minute. Security researchers at G DATA released report findings revealing that the company discovered 3,045,722 new types of malware in the first half of 2015, a 26.6 percent increase since the second half of 2014, and that most attacks were either adware or potentially unwanted programs (PUPs) hosted on U.S. Web sites from the healthcare and technology and telecommunications, among others. G DATA also observed an increase in banking trojan usage for the first time since 2012.
31. October 23, Softpedia – (International) Malware spread via black hat SEO campaign. Security researchers from Heimdal Security discovered a malware campaign in which criminals are using black hat search engine optimization (SEO) to distribute malicious software to technical users typing terms such as “Java JRE,” “MSN 7,” or “Windows 8,” into searches, which would then return infected Google top search results. Source: http://news.softpedia.com/news/malware-spread-via-black-hat-seo-campaign-495195.shtml
For additional stories, see items 5 and 6 below from the Critical Manufacturing Sector
5. October 23, The Register – (International) Hackers pop grease monkeys’ laptops to disable Audi airbags. Security researchers from CrySyS Lab and Budapest University of Technology and Economics discovered that third party software used in certain Volkswagen Group vehicles could be compromised using a zero-day vulnerability, allowing an attacker to disable airbags and other car functions without mechanics’ knowledge by falsifying car readouts via a malicious replaced dynamic link library (DLL) file used to communicate with the vehicle’s diagnostic cable. Source: http://www.theregister.co.uk/\2015/10/23/hackers_pop_mechanics_laptops_to_silently_disable_car_airbags/
6. October 23, Securityweek – (International) Serious flaws found in Janitza power analyzers. Security researchers from Applied Risk discovered several vulnerabilities in Janitza power analyzer products, including an undocumented default password protecting a File Transfer Protocol (FTP) interface that could allow an attacker to upload and download arbitrary files, and a flaw in which an attacker could use a debug interface on Transmission Control Protocol (TCP) port 1239 to read and write files and execute JASIC code, among other issues. The vendor released firmware updates and new documentation addressing the issues; however researchers determined that not all flaws were effectively fixed. Source: http://www.securityweek.com/serious-flaws-found-janitza-power-analyzers
See item 30 above in the Information Technology Sector