Complete DHS Report for January
28, 2014
Daily Report
• A natural gas
pipeline explosion in Canada over January 25 weekend blew out three lines that
bring natural gas into the U.S., impacting nearly 100,000 customers in
Minnesota and Wisconsin. – KARE 11 Minneapolis; CNN
1. January
25, Reuters – (West Virginia) Chemical tanks ordered removed in West
Virginia after spill. The governor of West Virginia ordered Freedom
Industries January 25 to dismantle and dispose of all 17 above-ground storage
tanks located at its Charleston coal processing facility by March 15. A January 9 chemical
spill from one of the company’s tanks contaminated the water supply for 300,000
people in the area. Source: http://news.yahoo.com/chemical-tanks-ordered-removed-west-virginia-spill-005919533--sector.html
• Three men were
charged in federal court for allegedly running a payment card counterfeiting
Web site, while 11 others were charged for being alleged customers of the site
that caused over $34.5 million in losses. – Softpedia See item 5 below in the Financial Services Sector
• A Royal
Caribbean cruise was cut short January 26 due to a gastrointestinal illness
outbreak that affected more than 600 passengers and crew members. – CNN
10. January
27, CNN – (International) Royal Caribbean cruise cut short after more
than 600 are sickened. A 10-day Royal Caribbean cruise was cut to 8 days
January 26 due to a gastrointestinal illness outbreak that affected more than
600 passengers and crew members. The cause of the illness was not clear and the
cruise liner will thoroughly sanitize the entire ship. Source: http://www.cnn.com/2014/01/26/travel/cruise-ship-illness/
• The Mall in
Columbia reopened January 27 after a gunman opened fire at the Maryland mall
January 25, killing two people before taking his own life. Five others were
injured and authorities disabled two homemade explosive devices found in the
shooter’s backpack. – CNN
38. January
27, CNN – (Maryland) Maryland mall shooting: Journal may reveal gunman's
motives; mall to reopen. The Mall in Columbia reopened January 27 after a
gunman opened fire at the Maryland mall January 25, killing two people before
taking his own life. Five others were injured during the incident and
authorities disabled two homemade explosive devices they found in the shooter’s
backpack. Source: http://www.cnn.com/2014/01/27/us/maryland-mall-shooting/?hpt=hp_t1
Details
Financial Services Sector
3. January 27, Pensacola News Journal – (Florida) McGuire’s
alerts customers to credit card breach. The McGuire Management Group began
notifying customers January 24 that customers at two of its restaurant
locations in Pensacola may have had their payment card information compromised
during a data breach that lasted about 90 days in late 2013. Source: http://www.pnj.com/article/20140127/NEWS01/301270013/McGuire-s-alerts-customers-to-credit-card-breach
4. January 26, Casino.org – (New Jersey) Poker pro
charged in Borgata fake chip scandal. A professional poker player was
arrested January 24 in connection with clogging a sewer pipe with $2.7 million
worth of counterfeit poker chips at Harrah’s Resort in Atlantic City. Harrah’s
employees detected the counterfeit chips, used during a tournament at the
Borgata Hotel Casino & Spa, after hotel guests complained of leaky pipes
dripping water into their rooms. Source: http://www.casino.org/news/poker-pro-christian-lusardi-charged-in-borgata-fake-chip-scandal
5. January 25, Softpedia – (National) Operators of
credit card counterfeiting service Fakeplastic.net charged. Three men were
charged in the Western District of North Carolina federal court with allegedly
running the Fakeplastic.net Web site that sold fraudulent credit cards and
credit card-making materials, causing over $34.5 million in losses. Eleven
other individuals were also arrested for allegedly being customers of the site.
Source: http://news.softpedia.com/news/Operators-of-Credit-Card-Counterfeiting-Service-Fakeplastic-net-Charged-420645.shtml
6. January 25, Reuters – (National) U.S. retailer
Michaels warns of possible payment card breach. Arts and crafts retailer
Michaels Companies Inc., stated January 25 that it is investigating a possible
payment network security breach and advised customers to monitor their
financial statements for suspicious activity. Source: http://www.reuters.com/article/2014/01/25/us-michaels-databreach-idUSBREA0O0N320140125
7. January 24, Charlotte Observer – (North Carolina) Federal
indictment charges 27 in a check fraud scheme. A federal indictment announced
January 24 listed 27 individuals accused of running a check fraud scheme in
North Carolina that allegedly stole around $1 million from area banks. Source: http://www.charlotteobserver.com/2014/01/24/4637672/federal-indictment-charges-27.html
8. January 23, Associated Press – (International) Clearstream
Banking paying $152M in US settlement. Clearstream Banking SA of Luxembourg
agreed January 23 to pay $152 million to settle U.S. Department of the Treasury
charges that it allowed Iran access to the U.S. banking system in violation of
sanctions. Source: http://abcnews.go.com/Business/wireStory/clearstream-banking-paying-152m-us-settlement-21641056
Information Technology Sector
30. January 27, IDG News Service – (International) Suspected
email hackers for hire charged in four countries. Five suspects in
Arkansas, New York, and California were charged with allegedly hacking into
email accounts or hiring others to do so. The arrests were part of an
international law enforcement operation that also resulted of the arrests of
six others in China, India, and Romania. Source: http://www.computerworld.com/s/article/9245780/Suspected_email_hackers_for_hire_charged_in_four_countries
31. January 27, Softpedia – (International) GitHub down
due to DDoS attack. GitHub reported coming under a distributed denial of
service (DDoS) attack January 27 that prevented users form accessing some
services. Source: http://news.softpedia.com/news/GitHub-Down-Due-to-DDOS-Attack-1-27-2014-421114.shtml
32. January 27, Help Net Security – (International) Hasbro’s
website compromised, serves malware. Researchers at Barracuda Labs found
that the Web site of toy maker Hasbro was compromised and would lead users
through several redirects to a malicious Web site hosting Java exploits that
would attempt to infect systems with an information-stealing trojan that was
not initially detected by antivirus programs. Users who visited the site
January 10, 11, 14, and 20 were likely to have been infected. Source: http://www.net-security.org/malware_news.php?id=2689
33. January 27, Softpedia – (International) Mozilla fixes
Thunderbird flaw that allowed hackers to insert malicious code into emails. Mozilla
confirmed that it fixed a vulnerability in its Thunderbird email client
reported in May 2013 that could have allowed attackers to bypass security
controls and filters. Source: http://news.softpedia.com/news/Critical-Validation-and-Filter-Bypass-Vulnerability-Fixed-in-Thunderbird-420962.shtml
34. January 27, Softpedia – (International) Expert finds
remote code execution vulnerability in Yahoo server. A security researcher
reported a PHP code injection vulnerability found in a Yahoo server that he was
able to escalate to a remote code execution vulnerability. The vulnerability
was then closed January 21. Source: http://news.softpedia.com/news/Expert-Finds-Remote-Code-Execution-Vulnerability-in-Yahoo-Server-Video-420896.shtml
35. January 26, IDG News Service – (International) Microsoft
says law enforcement documents likely stolen by hackers. Microsoft stated
that documents related to law enforcement inquiries were stolen during recent
phishing attacks against the company. Source: http://www.computerworld.com/s/article/9245775/Microsoft_says_law_enforcement_documents_likely_stolen_by_hackers
36. January 25, Softpedia – (International) Vulnerability
that allowed hackers to hijack Samsung.com accounts fixed. Samsung closed a
vulnerability reported by a researcher that could have allowed an attacker to
take over a user’s Samsung.com account by registering an account with extra
spaces on the end of the username. Source: http://news.softpedia.com/news/Vulnerability-that-Allowed-Hackers-to-Hijack-Samsung-com-Accounts-Fixed-Video-420630.shtml
37. January 24, IDG News Service – (International) Gmail,
other Google services hit by outage on Friday. A software issue in a Google
system left Gmail and other Google applications unavailable for around 30
minutes to 2 hours January 24. Source: http://www.networkworld.com/news/2014/012514-gmail-other-google-services-hit-278072.html
Communications Sector
Nothing to
report