Daily Report
Top Stories
· Eleven people
were sent to an area hospital after a gas leak from a pressurized tank in a
backyard that prompted the closure of Abraham Lincoln High School in Riverside,
California, October 27. – Riverside Press-Enterprise
20.
October 27, Riverside Press-Enterprise –
(California) Riverside: Gas leak sends 11 to hospital; quarantine lifted. Eleven
people were sent to an area hospital for observation following a gas leak from
a pressurized tank in a backyard that prompted the closure of Abraham Lincoln
High School in Riverside October 27, as well as the temporary quarantine of
several blocks surrounding the tank. The containment order was lifted after
authorities removed the source of the gas and sealed the leak which was caused
by a corroded valve. Source: http://www.pe.com/articles/gas-752847-school-unknown.html
· FireEye
reported on an advanced persistent threat (APT) actor dubbed APT28 stating that
the group used the Sourface downloader and Chopstick and EvilToss malware to
attack governments and national and international organizations. – The
Register See item 23
below in the Information Technology
Sector
· Researchers
reported on an advanced persistent threat (APT) group that has used the Hikit
malware family to target government agencies, law enforcement, aerospace,
manufacturers, media, communications, pharmaceutical, energy, educational, and
other institutions in the U.S. and several other countries since 2008. – Softpedia See item 26
below in the Information Technology
Sector
· Satellite
data for the National Weather Service was restored October 23 after the agency
experienced an outage that lasted for more than a day after the agency first
stopped receiving weather data from a network of satellites. – Fierce
Government IT See item 28 below in the Communications
Sector
Financial Services Sector
3. October 27, Softpedia – (International) Banking trojan Dridex delivered
through
Microsoft Word macros. Researchers with Palo Alto Networks found that the Dridex banking
malware is being distributed via Microsoft Word documents containing malicious
macros in a campaign that began October 21. The malicious documents are sent in
fake invoice emails and mainly target users in the U.S. Source: http://news.softpedia.com/news/Banking-Trojan-Dridex-Delivered-Through-Microsoft-Word-Macros-463259.shtml
For another story, see item 7 below from the Transportation Systems
Sector
7. October
27, Securityweek – (Delaware; New Jersey) Attackers breach PoS
systems of Delaware Ferry service. Officials from the Delaware River and
Bay Authority announced October 24 that the payment card data of customers who
made purchases at Cape May-Lewes Ferry terminals and vessels in Delaware and
New Jersey may have been compromised due to a possible data breach detected
July 30. Customers who purchased food, beverages, and retail items between
September 30, 2013 and August 7, 2014 may be affected. Source: http://www.securityweek.com/attackers-breach-pos-systems-delaware-ferry-service
Information Technology Sector
23. October 28, The Register – (International) EvilToss and Sourface hacker crew
‘likely’ backed by Kremlin - FireEye. FireEye released a report on an
advanced persistent threat (APT) actor dubbed APT28 stating that the group used
the Sourface downloader and Chopstick and EvilToss malware to attack NATO,
Eastern European governments, European defense industry events, the World Bank,
and other national and international organizations. The researchers stated that
APT28 has been active since 2007 and was likely backed by the Russian
government. Source: http://www.theregister.co.uk/2014/10/28/us_mandiant_claims_moscow_sponsoring_apt_28_hacker_group/
24. October 28, Securityweek – (International) Attackers exploit ShellShock via SMTP
to distribute malware. Binary Defense Systems researchers reported that
attackers are leveraging the ShellShock vulnerability in GNU Bash to target
servers by adding the ShellShock payload to email subject, from, and to fields,
abusing the Simple Mail Transfer Protocol (SMTP). If a system is compromised, a
Perl-based IRC bot is downloaded and the SMTP gateway is added to a botnet
designed for distributed denial of service (DDoS) attacks. Source: http://www.securityweek.com/attackers-exploit-shellshock-smtp-distribute-malware
25. October 28, IDG News Service – (International) ‘ScanBox’ keylogger targets Uyghurs,
US think tank, hospitality industry. Researchers at PricewaterhouseCoopers
found that the ScanBox keylogging framework may be being used by several
attacker groups after it was found being used to perform keylogging attacks on
a variety of Web sites, including a U.S. think tank and other sites. ScanBox
was first discovered in August and uses JavaScript rather than installing
malware to collect keystrokes and other information. Source: http://www.networkworld.com/article/2839600/security/scanbox-keylogger-targets-uyghurs-us-think-tank-hospitality-industry.html
26. October 28, Softpedia – (International) Sophisticated Chinese espionage group
after Western advanced technology. A group of security and information
technology companies coordinated by Novetta released a report into an advanced
persistent threat (APT) group dubbed Axiom Group that has used the Hikit
malware family and other tools to target government agencies, law enforcement,
aerospace, manufacturers, media, communications, pharmaceutical, energy,
educational, and other institutions in the U.S. and several other countries
since 2008. The researchers stated that the group originates in China and
appears to choose targets in line with Chinese government policies. Source: http://news.softpedia.com/news/Sophisticated-Chinese-Espionage-Group-After-Western-Advanced-Technology-463348.shtml
27. October 27, Securityweek – (International) Targeted attacks against businesses
jump: Kaspersky Lab. Kaspersky Labs and B2B International released the
results of a survey covering 3,900 respondents in 27 countries and found that
94 percent of businesses surveyed reported at least one cybersecurity incident
in the past 12 months, with 12 percent of the countries surveyed reporting one
or more targeted attack, among other findings. Source: http://www.securityweek.com/targeted-attacks-against-businesses-jump-kaspersky-lab
Communications Sector
28.
October 27, Fierce Government IT –
(Maryland) National Weather Service suffers satellite data outage, potentially
affecting forecast quality. Satellite data for the National Weather Service
was restored October 23 after the agency experienced a satellite data outage
that lasted for more than a day after the agency first stopped receiving
weather data from a network of satellites October 21. The agency stated that
the outage could potentially affect forecast quality. Source: http://www.fiercegovernmentit.com/story/national-weather-service-suffers-satellite-data-outage-potentially-affectin/2014-10-27
For
another story, see item 26 above in the Information Technology
Sector
No comments:
Post a Comment