Thursday, November 13, 2014



Complete DHS Report for November 13, 2014

Daily Report

Top Stories



 · Several school districts were closed while crews worked November 12 to restore power to over 50,000 customers in Seattle after freezing temperatures and strong winds knocked down trees and power lines November 11. – KIRO 7 Seattle; Associated Press

1. November 12, KIRO 7 Seattle; Associated Press – (Washington) Schools closed, thousands remain without power as freezing temperatures arrive in western Washington. Utility crews continued work November 12 to restore power to over 50,000 customers around southern King County and Pierce County in Seattle after freezing temperatures and strong winds knocked down trees and power lines November 11. Several school districts were closed while Highway 164 was blocked due to debris from fallen trees. Source: http://www.kirotv.com/news/news/strong-wind-leaves-damage-freezing-temperatures-ar/nh5Xz/

 · Regulators in the U.S., U.K., and Switzerland issued fines November 12 totaling $4.25 billion against JPMorgan Chase, Citigroup, HSBC, Royal Bank of Scotland, and UBS for conspiring to manipulate foreign currency exchange markets to increase bank profits. – New York Times See item 6 below in the Financial Services Sector

 · Microsoft released a patch November 11 for a data manipulation vulnerability that has existed in Windows operating systems and could have been used by attackers to gain control of affected systems for the last 18 years. – Softpedia See item 21 below in the Information Technology Sector

 · Authorities reported that improperly discarded smoking materials were the source of a November 10 fire that caused an estimated $1.25 million in damage to an apartment building in Herndon, Virginia. – WUSA 9 Washington, D.C.

33. November 12, WUSA 9 Washington, D.C. – (Virginia) Herndon apartment fire leaves $1.25 million in damage. Authorities reported that improperly discarded smoking materials were the source of a November 10 fire that caused an estimated $1.25 million in damage to an apartment building in Herndon. Eighteen residents were displaced by the fire. Source: http://www.wusa9.com/story/news/2014/11/12/herndon-apartment-fire-jefferson-park-drive/18905747/

Financial Services Sector

6. November 12, New York Times – (International) Big banks are fined $4.25 billion in foreign exchange scandal. Regulators in the U.S., U.K., and Switzerland issued fines November 12 totaling $4.25 billion against JPMorgan Chase, Citigroup, HSBC, Royal Bank of Scotland, and UBS for conspiring to manipulate foreign currency exchange markets to increase bank profits. Source:

For additional stories, see item 10 below from the Transportation Systems Sector and 36 below from the Commercial Facilities Sector

10. November 11, KWWL 7 Waterloo – (Iowa) Parking data breach at Eastern Iowa Airport. The Eastern Iowa Airport in Cedar Rapids revealed November 11 a data breach that may have compromised the information of an unknown amount of customers who used credit or debit cards at the airport’s public parking facilities between September 29 and October 29, after discovering that a server was being mined for data. Authorities isolated the server and continue to investigate the extent of the incident. Source: http://www.kwwl.com/story/27359520/2014/11/11/parking-data-breach-at-the-eastern-iowa-airport

36. November 11, Softpedia – (International) Hacker steals payment data from One Love Organics website. One Love Organics notified consumers October 30 that the online beauty product company’s server was compromised and the personal information, including payment card data, of customers who made purchases between August 24 and October 15 may have been breached. A representative reported that an attacker leveraged a vulnerability in the Web site’s shopping cart feature to perform and SQL injection, and that the vulnerability has since been closed. Source: http://news.softpedia.com/news/Hacker-Steals-Payment-Data-from-One-Love-Organics-Website-464725.shtml
 
Information Technology Sector

21. November 12, Softpedia – (International) 18-year-old remotely exploitable vulnerability in Windows patched by Microsoft. Microsoft released a patch November 11 for a data manipulation vulnerability that has existed in Windows operating systems starting with Windows 95. Researchers with IBM’s X-Force discovered and reported the vulnerability in May, which could have been used by attackers to gain control of affected systems for the last 18 years. Source: http://news.softpedia.com/news/18-year-Old-Remotely-Expoitable-Vulnerabililty-in-Windows-Patched-By-Microsoft-464769.shtml

22. November 12, Help Net Security – (International) Microsoft patches Windows, IE, Word, SharePoint and IIS. Microsoft released its monthly Patch Tuesday round of updates for its products, which includes 14 bulletins including one patching a zero-day vulnerability in the Windows OLE packager for Windows Vista and newer Windows operating systems. Source: http://www.net-security.org/secworld.php?id=17627

23. November 12, Softpedia – (International) 18 critical vulnerabilities patched in Flash Player 15.0.0.223. Adobe released a new version of its Flash Player software, closing 18 critical security issues, 15 of which could allow an attacker to execute arbitrary code. Source: http://news.softpedia.com/news/18-Critical-Vulnerabilities-Patched-in-Flash-Player-15-0-0-223-464731.shtml

24. November 12, Network World – (International) Google DoubleClick down, leaving sites ad-free. The Google DoubleClick for Publishers service experienced an outage November 12, preventing ads from being displayed on several Web sites. Google stated that the company was working to resolve the issue. Source: http://www.networkworld.com/article/2846816/business-continuity/google-doubleclick-down-leaving-sites-ad-free.html

25. November 12, Softpedia – (International) Air-gapped systems targeted by Sednit espionage group. Researchers with ESET stated that the Sednit espionage group (also known as APT28 or Sofacy) have employed a tool known as Win32/USBStealer since at least 2005 that can exfiltrate data from air gapped systems. The tool is added to a compromised system connected to the Internet and then plants the tool on any removable storage device, collects information on the air gapped system, and then transmits it back to the attackers whenever the storage device is next connected to an Internet-connected system. Source: http://news.softpedia.com/news/Air-Gapped-Systems-Targeted-by-Sednit-Espionage-Group-464734.shtml

26. November 11, Softpedia – (International) Uroburos espionage group is still active, relies on new remote access trojan. G Data researchers found that the Uroburos espionage group (also known as Turla or Snake) remains active and is using two similar versions of a new remote access trojan (RAT) known as ComRAT that includes increased obfuscation and anti-analysis capabilities. Source: http://news.softpedia.com/news/Uroburos-Espionage-Group-Is-Still-Active-Reles-on-New-Remote-Access-Trojan-464694.shtml

27. November 10, Securityweek – (International) SQL injection vulnerability patched in IP.Board forum software. Invision Power Services released patches for its IP.Board forum software November 9, closing a SQL injection vulnerability several hours after its discovery on versions 3.3.x and 3.4.x. Source: http://www.securityweek.com/sql-injection-vulnerability-patched-ipboard-forum-software

28. November 10, Securityweek – (International) iOS security issue allows attackers to swap good apps for bad ones: FireEye. Researchers with FireEye identified a new attack dubbed a Masque Attack that can allow attackers to replace a legitimate iOS app with a malicious one if both applications use the same bundle identifier. Victims targeted by the attack must be lured into installing the malicious app which can then be replaced by the malicious app on jailbroken and non-jailbroken iOS devices. Source: http://www.securityweek.com/ios-security-issue-allows-attackers-swap-good-apps-bad-ones-fireeye

Communications Sector

29. November 12, Washington Post – (National) Weather Service issues expired tornado watches in technical glitch. The National Weather Service’s Storm Prediction Center experienced a glitch that caused expired and inaccurate tornado and severe thunderstorm alerts to be delivered November 12 due to a data transmission problem connected to a contractor. Official severed the faulty connection and are investigating the incident. Source: http://www.washingtonpost.com/blogs/capital-weather-gang/wp/2014/11/12/weather-service-issues-expired-tornado-watches-in-technical-glitch/

No comments: