Tuesday, February 18, 2014




Complete DHS Report for February 18, 2014

Daily Report

 • Utility crews worked February 14 to restore power across several northeast States after a winter and ice storm caused power outages and also led to flight and train cancellations February 13. – CNN

1. February 14, CNN – (National) Weather woes leave many holiday travel plans up in the air. Utility crews worked February 14 to restore power to the remaining 489,000 customers across several northeast States that lost power after a winter and ice storm February 13. More than 1,100 flights were cancelled while two long-distance services provided by Amtrak were also cancelled. Source: http://www.cnn.com/2014/02/14/us/winter-weather/index.html

 • A series of accidents involving around 100 vehicles on the Pennsylvania Turnpike in Bucks County, Pennsylvania, February 14, injured at least 30 people, closed lanes, and backed up traffic into a neighboring county. – CNN

8. February 14, CNN – (Pennsylvania) 100 vehicles wreck, closing part of Pennsylvania Turnpike near Philly. A series of accidents involving around 100 vehicles on the Pennsylvania Turnpike in Bucks County February 14 left at least 30 people injured, closed lanes, and backed up traffic into neighboring Montgomery County for several hours. Source: http://www.cnn.com/2014/02/14/us/pennsylvania-turnpike-crashes/

 • Researchers identified a cyberattack campaign dubbed SnowMan utilizing a zero-day vulnerability affecting Internet Explorer (IE) 9 and IE 10 that may be targeting military personnel. – Softpedia See item 16 below in the Information Technology Sector

 • Authorities are investigating a 4-alarm fire at the Stone Ranch Apartments in Dallas that left 90 residents displaced and destroyed or rendered uninhabitable 48 apartment units February 13. – KXAS 5 Fort Worth

23. February 14, KXAS 5 Fort Worth – (Texas) Dallas fire-rescue battles 4-alarm apartment fire. Authorities are investigating a 4-alarm fire at the Stone Ranch Apartments in Dallas that left 90 residents displaced and destroyed or rendered uninhabitable 48 apartment units February 13. Source: http://www.nbcdfw.com/news/local/DFR-Battles-Apartment-Fire-245454311.html

Details

Financial Services Sector

6. February 14, Honolulu Star-Advertiser – (Hawaii) Three Honolulu visitors plead guilty to $325K credit card scam. Three New York City residents pleaded guilty February 13 to identity theft charges for using fraudulent credit cards to make over $325,000 in purchases in Honolulu during 2012. Two others also pleaded guilty in the case during 2013. Source: http://www.staradvertiser.com/news/breaking/20140213_Three_Honolulu_visitors_plead_guilty_to_325K_credit_card_scam.html

7. February 14, Norwalk Patch – (Connecticut) Stamford attorney pleads guilty in mortgage fraud. The U.S. Attorney’s office announced February 14 that an attorney pleaded guilty February 12 to his part in a $7 million mortgage fraud scheme that involved dozens of properties in Fairfield County, Connecticut. Source: http://norwalk.patch.com/groups/politics-and-elections/p/stamford-attorney-pleads-guilty-in-mortgage-fraud

For another story, see item 19 below in the Information Techology Sector

Information Technology Sector

16. February 14, Softpedia – (International) IE zero-day served by DeputyDog cybercriminals from US Veterans of Foreign Wars site. Researchers at FireEye identified a cyberattack campaign dubbed SnowMan utilizing a zero-day vulnerability affecting Internet Explorer (IE) 9 and IE 10 being served from the U.S. Veterans of Foreign Wars Web site. The researchers believe the same group behind the DeputyDog and Ephemeral Hydra campaigns is also responsible for SnowMan and may be targeting military personnel. Source: http://news.softpedia.com/news/IE-Zero-Day-Served-by-DeputyDog-Cybercriminals-from-US-Veterans-of-Foreign-Wars-Site-426909.shtml

17. February 14, Softpedia – (International) Cybercriminals abuse Twilio and Ow.ly for SMS phishing attack. Cloudmark researchers reported that cybercriminals are using Twilio and URL shortening service Ow.ly in an SMS message phishing campaign attempting to steal mobile service provider account login credentials. Source: http://news.softpedia.com/news/Cybercriminals-Abuse-Twilio-and-Ow-ly-for-SMS-Phishing-Attack-426840.shtml

18. February 14, Help Net Security – (International) Thousands of FTP sites compromised to serve malware and scams. Researchers at Hold Security reported that around 7,000 FTP sites and servers have been compromised and are being used by cybercriminals to host malware or to compromise connected Web services. Source: http://www.net-security.org/malware_news.php?id=2709

19. February 13, Help Net Security – (International) Fake SSL certificates used to impersonate Facebook, Google, banks. Netcraft researchers discovered a large number of fake SSL certificates in the wild purporting to be from banks, social networks, payment providers, and other services which could be used by attackers to conduct man-in-the-middle attacks. The researchers warned that mobile banking apps are especially vulnerable because they may not adequately check the validity of SSL certificates. Source: http://www.net-security.org/secworld.php?id=16360

Communications Sector

20. February 14, Redding Record Searchlight – (California) Charter cable outage fixed. Charter Communications customers between Sacramento and Yuba City lost Internet, phone, and video service February 13 when road construction crews severed a fiber optic cable line along railroad lines between the two cities. Repairs were made and service was restored February 14. Source: http://www.redding.com/news/2014/feb/13/charter-cable-outages-reported-redding/