Friday, September 27, 2013
Complete DHS Daily Report for September 27, 2013
Daily Report
Top Stories
• Between 20 and 30 cars derailed near
Amarillo, Texas, after 3 freight trains collided, injuring 4 crew members. – Associated
Press
8. September
25, Associated Press – (Texas) 3 freight trains collide in Texas, 4 crew hurt. Between
20 and 30 cars derailed near Amarillo after 3 freight trains collided. Four crew members
were injured and authorities said there was no immediate timetable as to when
the tracks will be cleared. Source: http://www.kansascity.com/2013/09/25/4506772/3-bnsf-trains-in-collision-near.html
• A power failure shut down the Metro-North
Railroad and Amtrak service north of New York City, forcing tens of thousands
of commuters to cope with jammed, delayed trains or long alternative routes to
work. – Wall Street Journal
13.
September 25, Wall Street Journal –
(New York) Power failure hits Metro-North, Amtrak. A power failure shut
down the Metro-North Railroad and Amtrak service north of New York City,
forcing tens of thousands of commuters to cope with jammed, delayed trains or
long alternative routes to work. Officials from Con Edison reported that it
could take as long as 2 to 3 weeks to restore electricity to the section of
overhead wires at Mount Vernon where a 138-kilovolt feeder line failed. Source:
http://online.wsj.com/article/SB10001424052702303796404579097793898983768.html
• Authorities recaptured a California prison
inmate at his home in Jessieville, Arkansas, after he escaped 36 years ago. – Reuters
29. September
25, Reuters – (California; Arkansas) California prison escapee recaptured
after 36 years. Authorities recaptured a California prison inmate September
25 at his home in Jessieville, Arkansas, after he escaped 36 years ago. He
became California’s longest sought fugitive inmate to be caught. Source: http://news.msn.com/crime-justice/california-prison-escapee-recaptured-after-36-years
• Kaspersky released a report on an advanced
persistent threat cyberespionage campaign dubbed Icefog that has been targeting
a variety of industrial, government, and communications organizations since
2011. – Softpedia See item 30
below in the Information Technology
Sector
Details
Banking and Finance Sector
3. September 25, U.S. Attorney’s Office, Northern District of
Illinois; Federal Bureau of Investigation – (Illinois) Ten
defendants indicted in alleged $14.5 million mortgage fraud scheme that
resulted in $8 million loss to lenders. Ten individuals were indicted for
allegedly running a $14.5 million mortgage fraud scheme that used straw buyers
to obtain mortgage loans for properties primarily in Chicago’s south and west
sides, causing at least $8 million in losses to lenders. An eleventh individual
was charged separately in connection to the scheme. Source: http://www.fbi.gov/chicago/press-releases/2013/ten-defendants-indicted-in-alleged-14.5-million-mortgage-fraud-scheme-that-resulted-in-8-million-loss-to-lenders
For another story,
see item 22 below from the Healthcare and Public Health Sector
22. September 24, WFOR 4 Miami – (Florida) Holy
Cross Hospital informs former patients of data breach. Holy Cross Hospital
in Ft. Lauderdale notified 9,900 patients that their personal information may
have been inappropriately accessed by a former employee from November 2011 and
August 2013. The hospital terminated the employee after discovering the
information was accessed to allegedly file fraudulent tax returns. Source: http://miami.cbslocal.com/2013/09/24/holy-cross-hospitals-inform-former-patients-of-data-breach/
Information Technology Sector
30. September
26, Softpedia – (International) Icefog cybercriminals launch hit and run
attacks against high-profile organizations. Kaspersky released a report on
an advanced persistent threat (APT) cyberespionage campaign dubbed Icefog that
has been targeting a variety of organizations since 2011. The campaign targets
military contractors, telecoms, maritime and shipbuilding organizations,
satellite operators, media, governments, and high-tech companies mainly in
Japan and South Korea but with some targets in the U.S. and several European
and Asian countries. Source: http://news.softpedia.com/news/Icefog-Cybercriminals-Launch-Hit-and-Run-Attacks-Against-High-Profile-Organizations-386293.shtml
31. September
26, Softpedia – (International) New malware Napolar steals information,
launches DDoS attacks. Researchers from Avast and ESET analyzed a new piece
of malware dubbed Napolar, whose author is Solarbot, that is capable of
stealing information and launching distributed denial of service (DDoS)
attacks. The malware is being sold for $200 and is being distributed to targets
through Facebook. Source: http://news.softpedia.com/news/New-Malware-Napolar-Steals-Information-Launches-DDOS-Attacks-386317.shtml
32. September
26, V3.co.uk – (International) Microsoft uncovers Sefnit trojan return after
Groupon click-fraud scam. Researchers at Microsoft discovered a new version
of the Sefnit click fraud trojan being used as a botnet to defraud Groupon and
other popular Web sites. Source: http://www.v3.co.uk/v3-uk/news/2297027/microsoft-uncovers-sefnit-trojan-return-after-groupon-click-fraud-scam
33. September
26, Softpedia – (International) Patches released to fix 4 XSS vulnerabilities
in IP.Board 3.4.5 and IP.Gallery 5.0.5. Invision Power Services released
patches to address four cross-site scripting (XSS) vulnerabilities in IP.Board
3.3.4, IP.Board 3.4.5, IP.Gallery 4.2.1, and IP.Gallery 5.0.5. Source: http://news.softpedia.com/news/Patches-Released-to-Fix-4-XSS-Vulnerabilities-in-IP-Board-3-4-5-and-IP-Gallery-5-0-5-386478.shtml
34. September
26, ZDNet – (International) Google Hangouts/GTalk glitch sends chats to
wrong recipients. Some users of Google Hangouts and GTalk reported
experiencing an issue September 26 where messages were being delivered to
unintended recipients. Google reported that they were investigating the issues.
Source: http://www.zdnet.com/google-hangoutsgtalk-glitch-sends-chats-to-wrong-recipients-7000021195/
35. September 25, Threatpost – (International) Javascript
issue plagues Mailbox app for iOS. A security researcher found that the
Mailbox app for iOS automatically executes any Javascript contained in an HTML
email, presenting a security issue that could be taken advantage of to a
variety of attacks. Source: http://threatpost.com/javascript-issue-plagues-mailbox-app-for-ios
For another story, see item 15 below from the Transportation Systems Sector
15. September
24, Alaska Dispatch – (Alaska) iPhone map app directs Fairbanks drivers on airport
taxiway. At least twice in the past 3 weeks, drivers from outside of
Fairbanks unknowingly crossed the runway and drove to the ramp side of the
passenger terminal at the Fairbanks International Airport while following
directions from iPhones. Airport authorities closed the aircraft access route
and Apple officials have said that the map application would be fixed by
September 25. Source: http://www.alaskadispatch.com/article/20130924/iphone-map-app-directs-fairbanks-drivers-airport-taxiway
Communications Sector
36.
September 26, WIS 10 Columbia – (South
Carolina) Orangeburg Co. phone service restored. Frontier Communications
restored cell and land phone service to residents in Orangeburg County
September 26 after a fiber line was cut near Bowman September 25. Source: http://www.live5news.com/story/23532150/phone-service-outage-reported-for-parts-of-orangeburg-county
For
another story, see item 30 above in the Information Technology Sector