Tuesday, November 26, 2013



Complete DHS Daily Report for November 26, 2013

Daily Report

Top Stories

 • Strong winds in the San Francisco area that knocked down power lines and trees left at least 2 people dead and more than 50,000 people without power. – Reuters

6. November 22, Reuters – (California) Severe winds leaves two dead, 50,000 without power in San Francisco area. Strong winds in the San Francisco area that knocked down power lines and trees November 21 left at least 2 people dead and more than 50,000 people without power. Source: http://news.yahoo.com/severe-winds-leaves-two-dead-50-000-without-091905056.html

 • A large winter storm that moved through the Southwest caused major transportation disruptions in several States. – Associated Press

14. November 25, Associated Press – (National) Wintry storm threatens Thanksgiving travels. A large winter storm that moved through the Southwest caused at least 8 deaths in several fatal traffic accidents, more than 300 cancelled flights at the Dallas-Fort Worth International Airport, cancellations of sporting events and parades across Arizona, and multiple road closures in several States November 24. Source: http://www.theeagle.com/news/texas/article_7272a5ec-5599-11e3-842d-001a4bcf887a.html

 • A former crime lab chemist in Massachusetts pleaded guilty to charges that she mishandled evidence affecting possibly thousands of criminal cases. – CNN

27. November 22, CNN – (Massachusetts) Ex-Massachusetts chemist gets 3 to 5 years in tampering case. A former crime lab chemist from the William A. Hinton State Laboratory in Massachusetts pleaded guilty November 22 to charges that she mishandled evidence affecting possibly thousands of criminal cases by visually identifying alleged drug samples in lieu of performing chemical tests. Source: http://www.cnn.com/2013/11/22/justice/massachusetts-chemist-plea/index.html

 • Suffolk, New York police arrested a teenager in connection with allegedly hacking into Sachem school district computers and posting personal data of thousands of students online. – Long Island Newsday

32. November 22, Long Island Newsday – (New York) Arrest in Sachem schools data breach. Suffolk police arrested a teenager in connection with allegedly hacking into Sachem school district computers and posting personal data of thousands of students online from July through November. Source: http://www.newsday.com/long-island/suffolk/arrest-in-sachem-schools-data-breach-1.6484286

Details

Financial Services Sector

11. November 25, Softpedia – (International) Bitcoin payment solutions provider BIPS hacked, 1,295 BTC stolen. Denmark-based Bitcoin payment solutions provider BIPS was attacked by cybercriminals November 15 and November 17 with distributed denial of service (DDoS) attacks, followed by an attack that stole 1,295 BTC, equivalent to $1,085,208. Source: http://news.softpedia.com/news/Bitcoin-Payment-Solutions-Provider-BIPS-Hacked-1-295-BTC-Stolen-403365.shtml

12. November 24, Louisville Courier-Journal – (Kentucky) Louisville couple awarded $22.5 million verdict in mortgage fraud case. A verdict in Jefferson Circuit Court awarded $22.5 million to two victims of a Ponzi scheme run by New Age Title Co., a company run by two Louisville residents, who failed to pay off the victims’ original mortgage during refinancing. Damages against Wells Fargo, Forcht Bank, and an attorney were also awarded for various improper actions or parts in the scheme. Source: http://www.courier-journal.com/article/20131123/NEWS10/311230092/Louisville-couple-awarded-22-5-million-verdict-mortgage-fraud-case

13. November 22, KMOX 1120AM St. Louis – (Missouri; Nebraska) Secret Service arrests two in Lake Saint Louis debit card scheme. Police announced November 22 that two men were arrested in Omaha, Nebraska, by U.S. Secret Service agents in connection with several skimming incidents in Lake Saint Louis, Missouri. The suspects were found in possession of gift cards and $140,000 in cash. Source: http://stlouis.cbslocal.com/2013/11/22/secret-service-arrests-two-in-lake-saint-louis-debit-card-scheme/

For another story, see item 33 below:

33. November 22, Associated Press – (Colorado) Colorado county says hacker stole $146,000 from its bank accounts through email virus. Huerfano County shut down all but one of its computers used in financial transactions after hackers twice stole over $146,000 from the county’s bank accounts through a computer virus in November. Source: http://www.therepublic.com/view/story/0d1c00f3fdda4c2b95cc2b3b9a794a1c/CO--Countys-Bank-Hacked

Information Technology Sector

36. November 25, Help Net Security – (International) Twitter adds Forward Secrecy to thwart surveillance efforts. Twitter introduced Perfect Forward Secrecy for traffic to its Web site and mobile Web site in an effort to increase security. Source: http://www.net-security.org/secworld.php?id=16004

37. November 25, Softpedia – (International) Evernote warns users whose passwords have been exposed in Adobe breach. Evernote analyzed user data from a recent Adobe breach and found that some of its customers were using the same passwords for Adobe and Evernote. Evernote notified affected customers and advised them to change their passwords. Source: http://news.softpedia.com/news/Evernote-Warns-Users-Whose-Passwords-Have-Been-Exposed-in-Adobe-Breach-403297.shtml

38. November 25, Softpedia – (International) ICANN terminates accreditation of registrar Dynamic Dolphin. The Internet Corporation for Assigned Names and Numbers (ICANN) announced that it will terminate registrar Dynamic Dolphin’s registrar accreditation agreement effective December 20 due to the registrar having a convicted felon as its owner, a violation of ICANN regulations. Source: http://news.softpedia.com/news/ICANN-Terminates-Accreditation-of-Registrar-Dynamic-Dolphin-403142.shtml

39. November 24, The Register – (International) Rackspace patches Windows Updater vuln. CloudPassage researchers discovered a vulnerability in the Rackspace Windows Agent and Updater that allowed modified code to be uploaded to Rackspace Cloud Server instances and then allowed the execution of arbitrary code after a restart. Rackspace closed the vulnerability after CloudPassage notified the company of the issue. Source: http://www.theregister.co.uk/2013/11/24/rackspace_patches_windows_updater_vuln/

40. November 23, Softpedia – (International) Kaspersky publishes spam report for October 2013. Kaspersky published their spam report for October and found that email spam increased by 6.6 percent, among other findings. Source: http://news.softpedia.com/news/Kaspersky-Publishes-Spam-Report-for-October-2013-402999.shtml

41. November 22, The Register – (International) ‘High impact’ Gmail password security hole blew accounts wide open. A security researcher found and reported a security flaw in Gmail that could allow an attacker to use a spoof email with a password reset link to direct users to a site that launches a cross-site request forgery (CSRF) attack, harvesting the user’s username, new password, and login cookie. Google closed the vulnerability after it was notified by the researcher. Source: http://www.theregister.co.uk/2013/11/22/researcher_earns_payday_for_fixing_high_impact_gmail_password_flaw/

Communications Sector

Nothing to report