Complete DHS Report for April 24, 2014
Daily Report
Details
• A
Bakersfield, California man pleaded guilty April 21 to conspiring to damage
energy facilities by stealing programmable logic
controllers and other equipment from oil field facilities of several companies during
2011 and 2012. – KERO 23 Bakersfield
3.
April 21, KERO 23
Bakersfield – (California) Bakersfield
men enter guilty plea to
damaging oilfield facilities. A
Bakersfield man pleaded guilty April 21 to conspiring
to
damage energy facilities by stealing programmable logic controllers and other
equipment
from oil field facilities of several companies during 2011 and 2012. The
total
loss of equipment by the oil companies exceeded $200,000.
• U.S.
Chemical Safety Board officials reported April 22 that an April 2013 explosion
at a fertilizer plant in West, Texas, was
preventable and resulted from the owner’s failure to take necessary steps to avert a
preventable fire and explosion, and from government regulators’ failure to identify the
hazard. – CNN
4. April 22, CNN – (Texas) West, Texas,
fertilizer plant blast that killed 15 'preventable,' safety board says. U.S.
Chemical Safety Board officials reported April 22 that an April 2013 explosion
that killed 15 workers at a West Fertilizer Co. facility in West, Texas, was
preventable. The board’s report claimed that the explosion resulted from the
owner’s failure to take the necessary steps to avert a preventable fire and
explosion, and from government regulators’ failure to identify the hazard.
Source: http://www.cnn.com/2014/04/22/us/west-texas-fertilizer-plant-explosion-investigation/index.html
• Authorities
are investigating after nearly 120 New Hampshire physicians and medical personnel had their Social Security
numbers stolen and used to file fake tax returns, with similar issues also reported in other
States. – New Hampshire Union Leader
16. April 22, New Hampshire Union Leader –
(National) More than 110 NH doctors defrauded through filing of fake tax
returns. Authorities are investigating after nearly 120 New Hampshire
physicians and medical personnel had their Social Security numbers stolen and
used to file fake federal tax returns. The New Hampshire Medical Society stated
that similar issues were also reported in other States. Source: http://www.unionleader.com/article/20140423/NEWS03/140429663
• Iowa
State University notified 29,780 students April 22 after the discovery of a
data breach that compromised servers containing
Social Security numbers and university ID numbers. – Iowa
State University
21. April 22, Iowa State University – (Iowa) Iowa
State IT staff discover unauthorized access to servers. Iowa State
University notified 29,780 students April 22 after the discovery of a breach
affecting 5 department servers on campus. The compromised servers contained
Social Security numbers and the university notified an additional 18,949 students
whose university ID numbers were also located on the servers. Source: http://www.news.iastate.edu/news/2014/04/22/serverbreach
Financial Services Sector
7. April
23, Leesburg Today – (Virginia) Man arrested for 'skimming'
thousands of credit cards at South Riding restaurant. A New York man was
arrested after being confronted by a customer April 8 at the Moca Asian Bistro
restaurant in South Riding for allegedly using a skimming device. Police then
found a skimming device with data from over 1,000 payment cards stored on it
that were stolen between March 11 and April 8. Source: http://www.leesburgtoday.com/news/man-arrested-for-skimming-thousands-of-credit-cards-at-south/article_50b558ae-caf2-11e3-b174-001a4bcf887a.html
Information Technology Sector
25. April 23, The Register – (International) AOL Mail locks down email servers to
deal with spam tsunami. AOL confirmed that their AOL Mail email servers
were under an intensive spoofing attack beginning April 20 that has sent large
volumes of spam emails to users’ inboxes. AOL stated that they changed their
DMARC policy in order to prevent unauthorized use, but the change may affect
some email-forwarding services and listservs. Source: http://www.theregister.co.uk/2014/04/23/aol_mail_locks_down_email_servers_to_deal_with_tsunami_of_spam/
26. April 23, Help Net Security – (International) Amazon Cloud IaaS Service servers
riddled with vulnerabilities. Researchers at Bkav found in the course of a
customer-prompted investigation that several servers for Amazon’s Cloud
infrastructure as a service (IaaS) Service and HP’s Public Cloud service
contain several vulnerabilities due to the servers’ Windows Server
installations not being updated for several months. Source: http://www.net-security.org/secworld.php?id=16731
27. April 23, Softpedia – (International) SMS trojan FakeInst targets users in
66 countries. Researchers at Kaspersky analyzed the FakeInst trojan for
Android and found that attackers have added capabilities since it first
appeared in February 2013, allowing it now to target users in 66 countries. The
trojan is disguised as an app and can send SMS messages to premium rate numbers
as well as intercept text messages. Source: http://news.softpedia.com/news/SMS-Trojan-FakeInst-Targets-Users-in-66-Countries-438976.shtml
28. April 23, Softpedia – (International) DDoS attacks increasingly used as a
smokescreen for data theft. Neustar released its DDoS Attacks and Impacts
Report for 2014 which found that distributed denial of service (DDoS) attacks
are increasingly used by attackers as cover for more damaging compromises.
Around half of organizations that reported suffering a breach or DDoS attack in
2013 also had malware installed on their systems, with 55 percent of those hit
by DDoS attacks losing data or funds, among other findings. Source: http://news.softpedia.com/news/DDOS-Attacks-Increasingly-Used-as-a-Smokescreen-for-Data-Theft-438873.shtml
29. April 22, The Register – (International) Patch iOS, OS X now: PDFs, JPEGs,
URLs, Web pages can pwn your kit. Apple released updates for its OS X and
iOS operating systems, closing 19 security issues including a “triple
handshake” error in iOS Secure Transport that could allow an attacker to inject
data into secure connections. Source: http://www.theregister.co.uk/2014/04/22/apple_ios_7_1_1_os_x_security_updates/
Communications Sector
Nothing
to report
No comments:
Post a Comment