Complete DHS Report for
October 27, 2015
Daily Report
Top Stories
• A Kentucky
accountant pleaded guilty October 23 to charges that he embezzled $8.7 million
from G&J Pepsi-Cola Bottlers Inc., by creating a sham account where he
deposited checks before moving them to personal accounts. – Associated Press See item 8 below
in the Financial Services Sector
• Heavy rain storms
October 24 caused flooding that forced the closure of Interstate 45 in
Corsicana, northbound lanes of Interstate 35 in north Texas to be shut down,
and caused a Union Pacific train to be partially submerged under water. – Weather.com
11. October
25, Weather.com – (Texas) Houston residents told to avoid traveling; Texas
roads, Interstates closed. The city of Houston activated its Emergency
Operations Center October 24 after heavy rain storms caused flooding that forced
the closure of Interstate 45 in Corsicana in both directions, northbound
Interstate 35 in north Texas to be shut down at mile marker 353, and caused a
Union Pacific train to be partially submerged under water, prompting the rescue
of two employees.
• Thirty-two cars of
a train derailed and spilled liquid asphalt on the BNSF Railway west of Gallup,
New Mexico, October 23, prompting the closure of Route 118 while HAZMAT crews
responded to the scene. – KNXV 15 Phoenix
14. October
23, KNXV 15 Phoenix – (New Mexico) 32 train cars derail, spill closes down State
Route 118 in New Mexico. Thirty-two cars of a train derailed and spilled
liquid asphalt on the BNSF Railway west of Gallup, New Mexico, October 23,
prompting the closure of Route 118 while HAZMAT crews responded to the scene.
Officials determined that the spill was non-toxic and there were no reports of
injuries. Source:
http://www.abc15.com/news/national/32-train-cars-derail-spill-closes-down-state-route-118-in-new-mexico
• Four people were
killed and dozens of others were injured when a woman drove into a crowd of
spectators at an Oklahoma State University homecoming parade near the Boone
Pickens Stadium October 24. – CNN
25. October
25, CNN – (Oklahoma) Driver faces murder charges in Oklahoma State
crash. Four people were killed and dozens of others were injured when a
woman accused of driving under the influence, drove into a crowd of spectators
at an Oklahoma State University homecoming parade near the Boone Pickens
Stadium October 24. Source: http://www.cnn.com/2015/10/25/us/oklahoma-car-into-crowd/
Financial Services Sector
7. October
24, WRGB 6 Schenectady – (New York; New Jersey; Massachusetts) Man
accused of ‘skimming’ ATMs. Authorities arrested a suspect in New Lebanon
October 24 who was allegedly part of a widespread ATM skimming operation that
stole hundreds of thousands from banks in New York, New Jersey, Massachusetts,
and potentially elsewhere. Police arrested the man after he reportedly used a
skimming device at Berkshire Bank and First Niagara Bank ATMs in Chatham.
Source: http://www.cbs6albany.com/news/features/top-story/stories/man-accused-skimming-atms-29920.shtml
8. October
23, Associated Press – (Kentucky; Virginia) Appalachian Trail hiker pleads guilty to
wire fraud in embezzling case. A Kentucky accountant pleaded guilty October
23 to charges that he embezzled $8.7 million from G&J Pepsi-Cola Bottlers
Inc., by creating a sham account where he deposited checks before moving them
to personal accounts. The man was found in Damascus, Virginia, after hiking
along the Appalachian Trail as a fugitive for about six years. Source: http://www.tuscaloosanews.com/article/20151023/NEWS/151029853/1002?Title=Appalachian-trail-hiker-pleads-guilty-to-wire-fraud-in-embezzling-case-
For another story, see item 30 below in the Information Technology Sector
Information Technology Sector
30. October
26, Softpedia – (International) 12 new malware strands are discovered every
minute. Security researchers at G DATA released report findings revealing
that the company discovered 3,045,722 new types of malware in the first half of
2015, a 26.6 percent increase since the second half of 2014, and that most
attacks were either adware or potentially unwanted programs (PUPs) hosted on
U.S. Web sites from the healthcare and technology and telecommunications, among
others. G DATA also observed an increase in banking trojan usage for the first
time since 2012.
Source: http://news.softpedia.com/news/12-new-malware-strands-are-discovered-every-minute-495302.shtml
31. October
23, Softpedia – (International) Malware spread via black hat SEO campaign. Security
researchers from Heimdal Security discovered a malware campaign in which
criminals are using black hat search engine optimization (SEO) to distribute
malicious software to technical users typing terms such as “Java JRE,” “MSN 7,”
or “Windows 8,” into searches, which would then return infected Google top
search results. Source: http://news.softpedia.com/news/malware-spread-via-black-hat-seo-campaign-495195.shtml
For additional stories, see
items 5 and 6 below from the Critical Manufacturing Sector
5. October
23, The Register – (International) Hackers pop grease monkeys’ laptops to
disable Audi airbags. Security researchers from CrySyS Lab and Budapest
University of Technology and Economics discovered that third party software
used in certain Volkswagen Group vehicles could be compromised using a zero-day
vulnerability, allowing an attacker to disable airbags and other car functions
without mechanics’ knowledge by falsifying car readouts via a malicious
replaced dynamic link library (DLL) file used to communicate with the vehicle’s
diagnostic cable. Source: http://www.theregister.co.uk/\2015/10/23/hackers_pop_mechanics_laptops_to_silently_disable_car_airbags/
6. October
23, Securityweek – (International) Serious flaws found in Janitza power
analyzers. Security researchers from Applied Risk discovered several
vulnerabilities in Janitza power analyzer products, including an undocumented
default password protecting a File Transfer Protocol (FTP) interface that could
allow an attacker to upload and download arbitrary files, and a flaw in which
an attacker could use a debug interface on Transmission Control Protocol (TCP)
port 1239 to read and write files and execute JASIC code, among other issues.
The vendor released firmware updates and new documentation addressing the
issues; however researchers determined that not all flaws were effectively
fixed. Source: http://www.securityweek.com/serious-flaws-found-janitza-power-analyzers
Communications Sector
See item 30 above in the Information Technology
Sector