Daily Report
Top Stories
· A Canadian
National Railway Co., train struck another freight train in Slinger, Wisconsin,
July 20 derailing 3 engines and 10 railcars and spilling about 5,000 gallons of
diesel fuel, leading to the evacuation of around 100 nearby residents. – Associated
Press
7.
July 21, Associated Press –
(Wisconsin) Wisconsin train crash injures 2 people, spills oil. A
Canadian National Railway Co., train struck another freight train in Slinger,
Wisconsin, July 20 derailing 3 engines and 10 railcars and spilling about 5,000
gallons of diesel fuel. Two crew members were injured and around 100 residents
were evacuated for 5 hours as a precaution. Source: http://news.msn.com/us/wisconsin-train-crash-injures-2-people-spills-oil
· At least one person
died and hundreds of homes were destroyed in 114 separate wildfires in several
counties across eastern Washington that burned hundreds of thousands of acres.
– Wall Street Journal
18.
July 20, Wall Street Journal –
(National) Washington state wildfires kill one, displace hundreds. At
least one person died and hundreds of homes were destroyed in 114 separate
wildfires in several counties across eastern Washington that burned hundreds of
thousands of acres. Fire crews worked over the weekend of July 19 to contain
the fires while hundreds of residents were evacuated. Source: http://online.wsj.com/articles/washington-state-wildfire-grows-1405874057
· The sheetrock
ceiling of one of five housing units at the Diboll Correction Center in Lufkin,
Texas, collapsed July 19, leaving 19 inmates injured. – CNN
21.
July 20, CNN – (Texas) 19 injured
when Texas prison roof collapses. The sheetrock ceiling of one of five
housing units at the Diboll Correction Center in Lufkin, Texas, collapsed July
19, leaving 19 inmates injured. Authorities are investigating the cause of the
roof collapse. Source: http://www.cnn.com/2014/07/19/us/prison-roof-collapse/index.html
· The Industrial
Control Systems Cyber Emergency Response Team (ICS-CERT) stated July 17 that
six Siemens industrial control products used in several industries contained
vulnerabilities in their OpenSSL implementation, with four products currently
unpatched. – Help Net Security See item 23 below in the Information
Technology Sector
Financial Services Sector
5. July
21, The Register – (International) Secondhand Point-o-Sale
terminal was horrific security midden. A researcher with HP found that a
second-hand Aloha point-of-sale (PoS) terminal purchased from eBay still held a
database of employee names, Social Security numbers, and addresses, as well as
default passwords that could be used by an attacker if the previous owners did
not change passwords in new equipment. Source: http://www.theregister.co.uk/2014/07/21/ebayed_point_of_sale_terminal_leak_peril/
For another story, see item 25 below
in the Information Technology Sector
Information Technology Sector
23. July 21, Help Net Security – (International) Unpatched OpenSSL holes found on
Siemens ICSs. The Industrial Control Systems Cyber Emergency Response Team
(ICS-CERT) stated July 17 that six Siemens industrial control products
contained vulnerabilities in their OpenSSL implementation that could lead to
man-in-the-middle (MitM) attacks or the crashing of Web servers. Four of the
vulnerabilities remain unpatched and are present in industrial control products
used by the manufacturing, chemical, energy, agriculture, and water industries
and utilities. Source: http://www.net-security.org/secworld.php?id=17146
24. July 19, Softpedia – (International) Kelihos trojan delivered through
Askmen.com. Researchers with Malwarebytes reported that the online
publication Askmen.com was compromised by attackers and used to redirect users
to a malicious page serving the Nuclear Pack exploit kit for the purpose of
infecting users with the Kelihos malware. The compromise was achieved by injecting
malicious code into the Askmen.com server, and the site’s administrators were
notified. Source: http://news.softpedia.com/news/Kelihos-Trojan-Delivered-Through-Askmen-com-451345.shtml
25. July 18, Help Net Security – (International) Fake Flash Player steals credit card
information. Dr. Web researchers reported finding a new piece of Android
malware dubbed BankBot that is disguised as Adobe Flash Player and persistently
asks users for administrator privileges in order to display a fake credit card
information form and steal any entered information. The malware is currently
targeting users in Russia but can be repurposed to attack other targets.
Source: http://www.net-security.org/malware_news.php?id=2812
26. July 18, Securityweek – (International) Researchers analyze multipurpose
malware targeting Linux/Unix Web servers. Virus Bulletin published an
analysis of a recently discovered piece of malware that infects Linux and Unix
Web servers known as Mayhem, which has infected around 1,400 servers. The malware
relies on several plugins for various capabilities, including information
stealing and brute-force attacks. Source: http://www.securityweek.com/researchers-analyze-multipurpose-malware-targeting-linuxunix-web-servers
27. July 18, Network World – (International) Cisco counterfeiter gets 37 months in
prison, forfeits $700,000. The CEO of ConnectZone.com was sentenced for his
role in conspiring with a Chinese company to produce counterfeit Cisco Systems
network products and then sell them as genuine products. Four people and two
companies were charged in the case, with two others found guilty and a Chinese
co-conspirator remaining at large. Source: http://www.networkworld.com/article/2455477/cisco-subnet/cisco-counterfeiter-gets-37-month-prison-forfeits-700-000.html
28. July 18, Threatpost – (International) Critroni crypto ransomware seen using
TOR for command and control. Security researchers found that a new piece of
ransomware known as Critroni has been spotted in use by various attackers using
the Angler exploit kit to infect users with it and other malware. The
ransomware encrypts victims’ files and demands a ransom, and uses the TOR
network to contact its command and control servers. Source: http://threatpost.com/critroni-crypto-ransomware-seen-using-tor-for-command-and-control/107306
Communications Sector
29.
July 21, WNEW 99.1 FM Bowie –
(Maryland; Washington, D.C.) Widespread Verizon service outage across D.C. –
Baltimore region. Verizon experienced a 6 hour outage July 20 in the
Baltimore and Washington, D.C. region that impacted many customers with
Internet service, TV, and wireless service. Repairs were completed but many
customers continued reporting issues with service. Source: http://washington.cbslocal.com/2014/07/21/widespread-verizon-service-outage-affecting-d-c-baltimore-region/
No comments:
Post a Comment