Friday, December 13, 2013



Complete DHS Daily Report for December 13, 2013

Daily Report

 • An inspector general report revealed that the U.S. Department of Energy failed to address suspected cyber-security weaknesses before a July hacking incident that compromised the private information of 104,000 employees. – Washington Post

1.    December 11, Washington Post – (National) DOE was aware of security issues that exposed employees to hackers. The U.S. Department of Energy’s (DOE) inspector general released a report December 11 stating that the DOE failed to address suspected cyber-security weaknesses before a July hacking incident that compromised the private information of 104,000 employees, their dependents, and contractors. The report also found several other discrepancies with the department’s security controls and safety standards. Source: http://www.washingtonpost.com/blogs/federal-eye/wp/2013/12/11/doe-was-aware-of-security-weaknesses-that-led-to-hacking-report-says/

 • The Federal Motor Carrier Safety Administration shut down 52 bus companies December in a nationwide crackdown on unsafe motor coach companies. – Associated Press

10. December 12, Associated Press – (National) Feds shut 52 unsafe bus companies. The Federal Motor Carrier Safety Administration announced the shutdown of 52 bus companies December 12 in a nationwide crackdown on motor coach companies with poor safety records, including lines whose drivers had suspended licenses or worked routes of more than 800 miles without rest. Source: http://abcnews.go.com/US/wireStory/ap-exclusive-feds-shut-52-unsafe-bus-companies-21188061

 • Nearly 840,000 Horizon Blue Cross Blue Shield members’ personal identifiable information was compromised after two laptops were stolen in New Jersey. – WCBS 2 New York City

26. December 10, WCBS 2 New York City – (National) Personal information at risk after laptops stolen from N.J. health insurance company. New Jersey-based Horizon Blue Cross Blue Shield notified nearly 840,000 of its members after two password-protected, but unencrypted laptops were stolen from its Newark headquarters that potentially contained member’s personal information, including Social Security numbers and clinical information. Source: http://newyork.cbslocal.com/2013/12/10/personal-information-at-risk-after-laptops-stolen-from-n-j-health-insurance-company/?hpt=ju_bn4

 • Yahoo Mail experienced an outage due to a hardware problem the left some users unable to login for multiple days. – IDG News Service See item 37 below in the Information Technology Sector

Details

Financial Services Sector

5. December 12, Softpedia – (International) Cybercriminals trick unsuspecting U.S. users into delivering goods to Russia. Researchers at Trend Micro monitored a cybercrime ring that recruits and uses individuals as mules in the U.S. to launder stolen money by sending them items bought with stolen payment card information and then having the mules ship the items on to Russia or Ukraine. Some items sent in this way are subject to export restrictions. Source: http://news.softpedia.com/news/Cybercriminals-Trick-Unsuspecting-US-Users-into-Delivering-Goods-to-Russia-408711.shtml

6. December 12, U.S. Securities and Exchange Commission – (International) SEC charges London-based hedge fund advisor and U.S.-based holding company for internal control failures. GLG Partners L.P. and its former holding company GLG Partners Inc., agreed to pay the U.S. Securities and Exchange Commission almost $9 million to settle charges that the company failed to have adequate internal controls, resulting in the overvaluation of a fund’s assets and inflated revenues from fees for the company. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370540491613

7. December 11, Inland Valley Daily Bulletin – (California) Redlands police arrest man in Button-Down Bandit bank robberies. Police in Redlands December 11 arrested a man believed to be the “Button-Down Bandit”, a suspect linked to six bank robberies in the area. Source: http://www.redlandsdailyfacts.com/general-news/20131211/redlands-police-arrest-man-in-button-down-bandit-bank-robberies

For additional stories, see items 35, and 36 below in the Information Technology Sector

Information Technology Sector

34. December 12, Help Net Security – (International) Facebook users hit with phishing and malware combo attack. SANS ISC researchers reported a phishing and malware delivery campaign targeting Facebook users. The campaign uses a malicious Tumblr link contained in a phishing message that directs users to a phishing page and then to a fake Youtube page that prompts the user to install a trojan disguised as an update. Source: http://www.net-security.org/malware_news.php?id=2650

35. December 12, Softpedia – (International) App that claims to notify users of Bitcoin market changes hides RAT. A researcher at Arbor Networks identified a malicious app named BitCoin Alarm that purports to offer users market information on Bitcoins but in fact contains a remote access trojan (RAT) called NetWiredRC designed to harvest login information. Source: http://news.softpedia.com/news/App-That-Claims-to-Notify-Users-of-Bitcoin-Market-Changes-Hides-RAT-408736.shtml

36. December 11, Dark Reading – (International) Cybercriminals now enlisting database cloud services. Researchers at Imperva discovered a new botnet used for stealing online banking credentials that uses cloud-based MSSQL databases for command and control functions and data storage. The malware infected at least 370 systems in 5 days and could potentially be used to attack databases directly. Source: http://www.darkreading.com/attacks-breaches/cybercriminals-now-elisting-database-clo/240164662

37. December 11, IDG News Service – (International) Yahoo Mail still down for some users, after an attempted fix. Yahoo Mail experienced an outage beginning December 10 due to a hardware problem at one of Yahoo’s mail data centers. Some users continued to be unable to login December 11. Source: http://www.networkworld.com/news/2013/121113-yahoo-mail-still-down-for-276846.html

38. December 11, IDG News Service – (International) Nvidia exploit could turn render farms into password crackers, Bitcoin miners, researchers claim. Researchers at ReVuln identified a vulnerability in Nvidia’s Mental Ray 3D version 3.11.10 rendering software, which could allow an attacker to inject a malicious remote library into a target system and gain control over rendering machines or render farms. The compromised machines could then be used for GPU-intensive tasks such as password cracking and Bitcoin mining. Source: http://www.networkworld.com/news/2013/121113-nvidia-exploit-could-turn-render-276830.html

Communications Sector

For another story, see item 31 below:

31. December 11, CTNews.com – (Connecticut) Fire puts radio station off the air at UB. A December 11 roof fire at the University of Bridgeport’s John J. Cox Student Center prompted the building’s evacuation and closure while crews suppressed and investigated the blaze. A campus radio station, WPKN 89.5 FM Bridgeport, went off-air until December 12 due to the fire. Source: http://blog.ctnews.com/connecticutpostings/2013/12/11/fire-puts-radio-station-off-the-air-at-ub/#18818101=0