Daily Report
Top Stories
· The U.S.
National Highway Traffic Safety Administration October 22 expanded a recall
affecting vehicles with airbags manufactured by Takata to a total of 7.8
million from 6.1 million that were announced October 21. – Reuters
1.
October 21, Associated Press –
(Connecticut) US oversight increased at Millstone nuclear plant. The U.S.
Nuclear Regulatory Commission announced October 21 that it was increasing
oversight at the Millstone nuclear power plant in Waterford due to the length
of time it took plant operators to address problems with a back-up cooling pump
at the plant. Source: http://www.greenwichtime.com/news/article/US-oversight-increased-at-Millstone-nuclear-plant-5837614.php
· Matson
Terminals Inc. agreed to plead guilty to two violations of the Rivers and
Harbors Act of 1899 and pay a $1 million penalty for illegally discharging more
than 233,000 gallons of molasses into Honolulu Harbor in September 2013 after a
pipe in its ship cracked, killing more than 25,000 fish. – KHON 2 Honolulu
11.
October 21, KHON 2 Honolulu – (Hawaii)
Matson to pay $1 million for Honolulu Harbor molasses spill. Matson
Terminals Inc. agreed to plead guilty to two violations of the Rivers and
Harbors Act of 1899 and pay a $1 million penalty for illegally discharging more
than 233,000 gallons of molasses into Honolulu Harbor in September 2013 after a
pipe in its ship cracked, killing more than 25,000 fish. Source: http://khon2.com/2014/10/21/matson-to-pay-1-million-for-honolulu-harbor-molasses-spill/
· Two St. John
the Baptist Parish Utilities Department employees were indicted October 20 for
allegedly lying and falsifying data about a public water system infected with
the deadly Naegleria fowleri amoeba. – New Orleans Times-Picayune
18. October 20, New Orleans
Times-Picayune – (Louisiana) Brain-eating
amoeba inquiry yields charges that 2 St. John employees lied about water
samples. Two St. John the Baptist Parish Utilities Department employees
were charged October 20 with lying and falsifying data about a public water
system infected with the deadly Naegleria fowleri amoeba. Authorities
discovered the employees had lied about the amount and results of water samples
that were collected at the Lions treatment plant in Reserve and the end of the
system in Mount Airy after Louisiana health officials reported the presence of
the amoeba in August. Source: http://www.nola.com/crime/index.ssf/2014/10/indictment_from_brain-eating_a.html
· Microsoft
disclosed a vulnerability affecting most current releases of Microsoft Windows
that allows an attacker to perform remote code execution if a user opens a
specially-crafted Microsoft Office file containing a malicious Object Linking
and Embedding (OLE) object. – Securityweek See item 20 below in the Information
Technology Sector
Financial Services Sector
3. October 21, Associated Press – (New Mexico) Belen woman pleads guilty to a bank fraud
charge. A Belen woman pleaded guilty October 21 for making fraudulent
withdrawals from Belen Railroad Employees Credit Union accounts causing around $118,376
in losses to her employer. Source: http://www.demingheadlight.com/deming-news/ci_26774959/belen-woman-pleads-guilty-bank-fraud-charge
4. October 21, U.S. Attorney’s
Office, Eastern District of Virginia –
(Virginia) Vienna investment advisor pleads guilty to defrauding numerous
elderly and widowed clients. A Vienna, Virginia resident and former
investment advisor for Apple Federal Credit Union affiliate Apple Financial
Services pleaded guilty October 21 to using his position to misappropriate
between around $1 million and $7 million from customers. Source: http://www.justice.gov/usao/vae/news/2014/10/20141021emasnr.html
Information Technology Sector
20. October 22, Securityweek – (International) Windows zero-day exploited in targeted
attacks through PowerPoint. Microsoft reported that it has observed limited
targeted attacks exploiting a zero-day vulnerability in the company’s Object
Linking and Embedding (OLE) technology which could allow an attacker to perform
remote code execution if a user opens a specially-crafted Microsoft Office
file. The vulnerability affects all current Microsoft Windows releases except
Windows Server 2003 and Microsoft advised users to apply a series of workarounds
until a patch can be released. Source: http://www.securityweek.com/windows-zero-day-exploited-targeted-attacks-through-powerpoint
21. October 22, Help Net Security – (International) Koler worm spreads via SMS, holds
phones for ransom. Researchers at AdaptiveMobile identified a new variant
of the Koler worm for Android that spreads via a bitly link that directs users
to a Dropbox page where the malware is disguised as an app. The malware then
blocks infected devices’ screens with a fake law enforcement page and demands a
ransom to be paid via Money Pak Voucher. Source: http://www.net-security.org/malware_news.php?id=2890
22. October 22, Help Net Security – (International) Attackers change home routers’ DNS
settings via malicious code injected in ads. Sucuri Security researchers
identified a malvertising campaign that embeds malicious code into an ad hosted
on the googlesyndication.com network and attempts to change the DNS settings on
users’ home routers in order to lead them to potentially malicious Web sites.
Source: http://www.net-security.org/malware_news.php?id=2891
23. October 22, Help Net Security – (International) Malware directs stolen documents to
Google Drive. Researchers with Trend Micro identified a new piece of
information-stealing malware dubbed Drigo that uploads any .PDF, text, and
Microsoft Word, Excel, and PowerPoint files to a Google Drive account. The
researchers reported that the malware appears to be targeting government
agencies and reported the Google Drive account associated with the malware to
Google. Source: http://www.net-security.org/malware_news.php?id=2888
24. October 21, Securityweek – (International) Apple fixes security flaws with
release of iOS 8.1. Apple released an update to its iOS 8 mobile operating
system, closing several vulnerabilities and adding new features. Source: http://www.securityweek.com/apple-fixes-security-flaws-release-ios-81
Communications Sector
Nothing
to report
No comments:
Post a Comment