Complete DHS Report for January
29, 2014
Daily Report
• Richardson Highway in Alaska was forced to
close for at least a week north of Thompson Pass due to an avalanche caused by
a snow dam at Keystone Canyon January 27. – United Press International
14. January 27, United Press International – (Alaska) Avalanche
closes Alaskan highway for ‘at least a week.’ Richardson Highway in Alaska
was forced to close for at least a week north of Thompson Pass due to an
avalanche caused by a snow dam at Keystone Canyon January 27. Source: http://www.upi.com/Top_News/US/2014/01/27/Avalanche-closes-Alaskan-highway-for-at-least-a-week/UPI-82001390851839/
• The U.S. Department of Agriculture’s Food
Safety and Inspection Service announced January 27 that Arkansas-based George’s
Inc., recalled 1.25 million pounds of frozen par-fried chicken tenders due to
undeclared wheat. – KPHO 5 Phoenix
17.
January 27, KPHO 5 Phoenix – (National) Company recalls 1.25M pounds
of frozen chicken. The U.S. Department of Agriculture’s Food Safety and
Inspection Service announced January 27 that Arkansas-based George’s Inc.,
recalled 1.25 million pounds of frozen par-fried chicken tenders due to
undeclared wheat. The products were sold to wholesale locations for nationwide
distribution. Source: http://www.kpho.com/story/24559344/company-recalls-125m-pounds-of-frozen-chicken
• Coca-Cola Co. announced January 24 that they
recovered unencrypted company laptops containing the personal information of up
to 74,000 U.S. and Canadian employees that were stolen from the company’s
Atlanta headquarters by a former employee. – Wall Street Journal
21.
January 24, Wall Street Journal – (International) Coca-Cola: Stolen
laptops had personal information of 74,000. Coca-Cola Co. announced January
24 that unencrypted company laptops containing the personal information of up
to 74,000 U.S. and Canadian employees were stolen from the company’s Atlanta
headquarters by a former employee. The laptops were recovered by Coca-Cola, but
the company cannot confirm if the information was misused. Source: http://online.wsj.com/news/articles/SB10001424052702304632204579341022959922200
• A severe winter storm stretching from
southern to northern U.S. States prompted the cancellation of nearly 3,000
flights and led officials to close schools in several districts January 28 due
to the potential for ice and snow. – CNN
25.
January 28, CNN – (National) The Deep South faces a deep freeze. A
severe winter storm stretching from southern to northern U.S. States prompted
the cancellation of nearly 3,000 flights and led officials to close schools in
several districts January 28 due to the potential for ice and snow. Source: http://www.cnn.com/2014/01/28/us/winter-weather/index.html
Details
Financial Services Sector
8. January 27, Wired.com – (International) Bitcoin
exchange CEO charged with laundering $1 million through Silk Road. The CEO
of Bitcoin exchange BitInstant was arrested and charged January 26 with
allegedly engaging in money laundering for working with another individual to
sell more than $1 million of Bitcoins to users of the Silk Road underweb
marketplace. The individual alleged to have worked with the CEO was also
arrested in Florida January 27. Source: http://www.wired.com/threatlevel/2014/01/bitcoin-exchangers-arrested/
9. January 27, U.S. Securities and Exchange Commission –
(California) SEC charges Legg Mason affiliate with defrauding clients. California-based
investment advisor Western Asset Management Company agreed to pay $21 million
to settle U.S. Securities and Exchange Commission charges that the company
concealed investor losses caused by a coding error and engaged in an illegal
form of cross-trading. The settlement also covers a related issue with the U.S.
Department of Labor. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370540675955
Information Technology Sector
29. January 28, Softpedia – (International) Researchers
discover first Android bootkit, 350,000 devices already infected. Researchers
at Doctor Web discovered what is believed to be the first Android bootkit,
dubbed Android.Oldboot, which infects Android devices and waits for commands
from a server to perform actions such as the downloading, installation, or
deletion of apps. Researchers believe it is being spread via modified firmware
updates, with the majority of the 350,000 infected devices found in China.
Source: http://news.softpedia.com/news/Researchers-Discover-First-Android-Bootkit-350-000-Devices-Already-Infected-421383.shtml
30. January 28, Softpedia – (International) NetSky worm
spreads via email attachments. Researchers at Symantec identified a
cybercriminal operation using a worm dubbed NetSky that sends several different
phishing emails containing the worm to the same email addresses. If a user
opens the attached files the worm sends a copy of itself by email to the user’s
contacts. Source: http://news.softpedia.com/news/NetSky-Worm-Spreads-via-Email-Attachments-421279.shtml
31. January 28, Softpedia – (International) Foursquare
flaw could have been exploited to obtain users’ email addresses. A
researcher published findings related to a vulnerability in Foursquare that
could have been used to obtain users’ email addresses by altering part of a URL
used to accept friend requests. The issue was fixed in 2013 but the
researchers’ findings were only recently disclosed. Source: http://news.softpedia.com/news/Foursquare-Flaw-Could-Have-Been-Exploited-to-Obtain-Users-Email-Addresses-421523.shtml
32. January 28, Softpedia – (International) Google
Chrome 32.0.1700.102 fixes memory corruption bug in V8. Google released the
latest update to its Chrome browser, including patches for 14 security issues,
including a use-after-free error occurring with SVG images and a memory
corruption vulnerability in the V8 JavaScript engine. Source: http://news.softpedia.com/news/Google-Chrome-32-0-1700-102-Fixes-Memory-Corruption-Bug-in-V8-421283.shtml
33. January 27, Dark Reading – (International) Air Force
researchers plant rootkit in a PLC. Researchers with the U.S. Air Force
Institute of Technology created a prototype rootkit that can be installed on
programmable logic controllers (PLCs) via modified firmware, USB device, or
connected laptop and disrupt operations. The rootkit exploits the lack of
security and monitoring capability in most PLCs. Source: http://www.darkreading.com/attacks-breaches/air-force-researchers-plant-rootkit-on-a/240165715
34. January 27, Softpedia – (International) Cybercriminals
steal FTP credentials with fake FileZilla. Avast researchers warned users
of cybercriminals using a fake version of the FileZilla FTP client to steal
users’ FTP credentials. The fake FileZilla client can then upload the
credentials to a server for use in hosting malware or stealing data. Source: http://news.softpedia.com/news/Cybercriminals-Steal-FTP-Credentials-with-Fake-FileZilla-421070.shtml
Communications Sector
Nothing to report