Complete DHS Report for September 7, 2016
Daily Report
Top Stories
•Louisiana officials worked September 5 to secure a Harvest
Pipeline Company pipelineafter 5,300 gallons of crude oil leaked near Bay Long
after a Great Lakes Dredge and DockCompany vessel struck the pipeline during
excavation. – Associated Press
1. September
6, Associated Press – (Louisiana) 5,300-gallon oil spill being cleaned in south
Louisiana. The Louisiana Department of Wildlife and Fisheries and the U.S.
Coast Guard in New Orleans worked September 5 to secure a Harvest Pipeline
Company pipeline after 5,300 gallons of crude oil leaked near Bay Long after a
Great Lakes Dredge and Dock Company vessel struck the pipeline during
excavation. Source: http://www.wdsu.com/news/local-news/new-orleans/5300gallon-oil-spill-being-cleaned-in-south-louisiana/41530734
•Mazda Motor Corporation issued a recall September 6 for 41,918 of
its model years 2009 –2010 Mazda6 vehicles due to faulty airbag systems that
can prevent the airbags from deploying during collisions. – TheCarConnection.com
6. September
6, TheCarConnection.com – (National) 2009-2010 Mazda Mazda6 recalled
for airbag problem. Mazda Motor Corporation issued a recall September 6 for
about 41,918 of its model years 2009 – 2010 Mazda6 vehicles sold in the U.S.
due to faulty airbag systems caused by poor application of protective coating,
which could allow moisture to enter the airbag control unit and cause damage,
thereby preventing the airbags from deploying during collisions and increasing
the risk of injury. Source:
•About 125,000 gallons of partially treated wastewater spilled
into Slocum Creek in Havelock, North Carolina, September 2 after a pump
controller at the Havelock Water Plant failed due to heavy rains from Tropical
Storm Hermine. – WNCT 9 Greenville
21. September
4, WNCT 9 Greenville – (North Carolina) 125,000 gallons of wastewater discharged in
Havelock. Approximately 125,000 gallons of partially treated wastewater
spilled into Slocum Creek in Havelock, North Carolina, September 2 after a pump
controller at the Havelock Water Plant failed due to heavy rains from Tropical
Storm Hermine. Officials reset the pump controller to prevent further damage. Source:
http://wnct.com/2016/09/04/125000-gallons-of-wastewater-discharged-in-havelock/
•Two men were arrested in Coweta, Oklahoma, September 2 for their
roles in a more than$1 million gift-card theft ring targeting Walmart stores in
31 States. – Tulsa World
31. September
4, Tulsa World – (National) Coweta police arrest two suspects in nationwide
Wal-Mart theft ring. Two men were arrested in Coweta, Oklahoma, September 2
for their roles in a more than $1 million gift-card theft ring targeting
Walmart stores in 31 States where the duo and co-conspirators tricked Wal-Mart
employees into loading hundreds of dollars onto reloadable Visa gift cards
without paying for the cards. Authorities arrested the duo after store security
guards reported the men to the police. Source: http://www.tulsaworld.com/news/crimewatch/coweta-police-arrest-two-suspects-in-nationwide-wal-mart-theft/article_eff8aa39-8455-54c3-84bd-0b9a29ebea78.html
Financial Services Sector
9. September
2, South Florida Sun-Sentinel – (Florida) FBI: Prolific
‘Filter Bandit’ strikes again at Fort Lauderdale bank. The FBI is searching
September 2 for a man dubbed the “Filter Bandit” who is suspected of robbing
several banks in Broward County, Florida, since August 2014, including an
AmTrust Bank branch in Fort Lauderdale September 2. Source: http://www.sun-sentinel.com/local/broward/fl-fort-lauderdale-filter-bandit-20160902-story.html
For another story, see item 32 below from the Commercial Facilities Sector
32. September
3, Softpedia – (Tennessee) Hutton Hotel PoS systems compromised with malware
for four years. Hutton Hotel in Nashville, Tennessee, announced September 2
a security breach may have compromised the payment card information of all
customers who used their credit or debit cards at the hotel since September
2012 after discovering that the point-of-sale (PoS) systems at its check-in
counter and onsite food and beverage outlets were infected with malware when
the hotel’s payment processor detected the breach and notified hotel officials.
Source: http://news.softpedia.com/news/hutton-hotels-pos-systems-compromised-with-malware-for-four-years-507924.shtml
Information Technology Sector
27. September
4, SecurityWeek – (International) Cerber 3.0 ransomware variant emerges. TrendMicro
researchers reported a new variant of the Cerber ransomware, dubbed Cerber 3.0
emerged as a payload in a malvertising campaign and serves users with a
malicious ad in a pop-up window after clicking a video to play, which then
redirects the victims to the Magnitude and RIG exploit kits (EKs) landing page.
Researchers found the malware appends the .cerber3 extension to the encrypted
files, then deletes all copies of the files to prevent users from restoring
their files, and prompts victims with a ransom note. Source: http://www.securityweek.com/cerber-30-ransomware-variant-emerges
28. September
2, Softpedia – (International) Attackers combine three botnets to launch
massive DDoS attack. Sucuri researchers reported attackers combined a home
router botnet comprised of 11,767 devices, an internet of things (IoT) closed
circuit television (CCTV) botnet comprised of 25,000 cameras, and a botnet made
up of compromised Linux servers to carry out a Layer 7 distributed
denial-of-service (DDoS) attack involving traffic from over 47,000 Internet
Protocol (IP) addresses. Sucuri stated the 3-botnet distribution enabled the
attacker to send 120,000 requests per second without disrupting the operation
of the infected machines. Source: http://news.softpedia.com/news/attackers-combine-three-botnets-to-launch-massive-ddos-attack-507901.shtml
For additional stories, see
items 7 and 8 from the Critical Manufacturing Sector
7. September
5, Softpedia – (International) LuaBot is the first DDoS malware coded in Lua
targeting Linux platforms. Security researchers from MalwareMustDie!
discovered a trojan coded in Lua was compromising Linux platforms and internet
of things (IoT) devices or Web servers in order to add them as bots inside a
larger botnet controlled by the malicious actor. The security researchers
reported the LuaBot trojan is packed as an Executable and Linkable Format (ELF)
binary targeting Advanced RISC Machines (ARM) platforms and can be found in
embedded IoT devices.
8. September
5, Softpedia – (International) Mirai DDoS trojan is the next big threat to
IoT devices and Linux servers. MalwareMustDie! (MMD) security researchers
discovered a new trojan, dubbed Mirai was targeting Linux servers and internet
of things (IoT) devices running Busybox, and a specific set of platforms,
including Advanced RISC Machines (ARM) and ARM7, among others, on which IoT
devices are built via brute-force attacks on the Telnet port using a list of
default admin credentials to exploit cases where users failed to change the
built-in passwords. Researchers believe the trojan was built to target digital
video recorders (DVRs) and Internet Protocol (IP) cameras.
Communications Sector
See item 28 above in the Information Technology
Sector