Complete DHS Report for June 12, 2014
NOTE: I am sure that most of you that follow my blog know that it is based on the DHS published report and that I am timely in publishing my blog. Today is the first time that I have seen DHS publish its report after 6PM. I am not sure what the problem was. Do you? If you do, please let me know at DHS@e-computer-security.com.
Daily Report
Top Stories
• Authorities closed a section of beach in
Gulfport, Mississippi, June 10 after an estimated 56,000 gallons of sewage
spilled from a manhole cover on U.S. 90. – Biloxi Sun Herald
21.
June 10, Biloxi Sun Herald – (Mississippi) Sewage spill closes
central Gulfport beach waters. The Mississippi Department of Environmental
Quality reported June 10 that an estimated 56,000 gallons of sewage spilled
from a manhole cover on U.S. 90 into the Mississippi Sound, prompting officials
to close a section of Central Beach in Gulfport until bacteria levels return to
normal. The manhole was filled with concrete, causing the spill. Source: http://www.sunherald.com/2014/06/10/5640003/sewage-spill-closes-central-gulfport.html
• An armed shooter was found dead in a
bathroom at Reynolds High School in Troutdale, Oregon, June 10 in an apparent
suicide after the suspect entered the high school, shot and killed a student,
and injured a teacher. The school was evacuated while police investigated the
incident. – Associated Press
24.
June 10, Associated Press – (Oregon) Police ID victim of Oregon
shooting as 14-year-old. An armed shooter was found dead in a bathroom at
Reynolds High School in Troutdale, Oregon, June 10 in an apparent suicide after
the suspect entered the high school, shot and killed a student, and injured a
teacher. The school was evacuated while police investigated the incident.
Source: http://news.msn.com/crime-justice/police-id-victim-of-oregon-shooting-as-14-year-old
• Authorities in Savannah, Georgia, unsealed
an indictment June 10 charging 54 individuals for allegedly being involved in
the purchase of more than $18 million in government vouchers and food stamp
benefits for cash. – Macon Telegraph
25.
June 10, Macon Telegraph – (Georgia) Macon, Byron residents indicted
in huge food stamp fraud case. Authorities in Savannah unsealed an
indictment June 10 charging 54 individuals for their alleged involvement in the
purchase of more than $18 million in government vouchers and food stamp
benefits for cash through several grocery stores set up across Georgia. An
additional 34 defendants were charged separately for allegedly selling their
Women, Infant and Children vouchers and food stamps for cash. Source: http://www.macon.com/2014/06/10/3142523/macon-byron-residents-indicted.html
• Firefighters responded to the Oak Park Mall
in Overland Park, Kansas, June 11 when a water flow alarm was triggered due to
two water main breaks that flooded a portion of the mall with inches of water.
– KCTV 5 Kansas City
35.
June 11, KCTV 5 Kansas City – (Kansas) Water main break floods parts
of Oak Park Mall. Firefighters responded to the Oak Park Mall in Overland
Park June 11 when a water flow alarm was triggered due to two water main breaks
that flooded a portion of the mall with inches of water. Thirteen stores and
some kiosks suffered water damage but most were expected to reopen by the end
of the day. Source: http://www.kctv5.com/story/25748003/water-main-break-affecting-stores-at-oak-park-mall
Financial Services Sector
8. June 11, IDG News Service – (National) Food chain, PF
Chang’s, investigates possible card breach. Restaurant chain P.F. Chang’s
reported that it is investigating a potential data breach after a large batch
of stolen payment card information data was spotted by Hold Security
researchers on the Rescator underweb marketplace and appeared to originate from
the chain. Source: http://www.networkworld.com/article/2362008/security/food-chain-pf-changs-investigates-possible-card-breach.html
9. June 10, Bloomberg News – (International) Ex-Rabobank
trader pleads guilty to Libor scheme, U.S. says. A former Rabobank Group
trader pleaded guilty in U.S. court June 10 to charges of wire fraud and bank
fraud for conspiring to manipulate the London interbank offered rate (LIBOR)
used to determine benchmark interest rates. Rabobank previously agreed to a
$325 million settlement with the U.S. to resolve charges that the bank was
involved in LIBOR manipulation. Source: http://www.bloomberg.com/news/2014-06-10/ex-rabobank-trader-pleads-guilty-to-libor-scheme-u-s-says-1-.html
10. June 10, Hawaii Reporter – (Hawaii) Star Advertiser
credit card breach could impact hundreds, if not thousands, of customers. Two
women were charged in Hawaii with allegedly conspiring to steal a box of client
records from the Honolulu Star Advertiser newspaper following a break-in for
use in payment card fraud. Police stated that they believe the two women were
acting as part of a larger payment card fraud ring. Source: http://www.hawaiireporter.com/star-advertiser-credit-card-breach-could-impact-thousands-of-customers/123
11. June 10, Securityweek – (International) New Zeus
variant targeting online banking users in Canada. Security researchers at
Trusteer identified a new variant of the Zeus banking trojan known as
Zeus.Maple that has been in use since January 2014 and is primarily targeting
major Canadian financial institutions. The variant improves on features from
past versions but does not add new functionality. Source: http://www.securityweek.com/new-zeus-variant-targeting-online-banking-users-canada
For another story, see item 16 below from the Transportation Systems Sector
16. June 10, Fort Lauderdale
Sun-Sentinel – (Florida) Ex-postal worker charged with stealing checks
from the mail. A former U.S. Postal Service worker and a co-conspirator
were charged June 10 with taking 20 checks worth $33,109 from mailed envelopes.
The former U.S. Postal Service employee would allegedly steal the checks and
visit ATM machines along with the co-conspirator in Broward and Miami-Dade counties
and deposit them. Source:
http://articles.sun-sentinel.com/2014-06-10/news/fl-postal-employee-check-theft-20140610_1_ex-postal-worker-checks-darden
Information Technology Sector
28. June 11, The Register –
(International) Feedly DDoSed by ransom-threat crims: ‘We refused to give
in.’ News aggregator service Feedly was knocked offline June 11 by a
distributed denial of service (DDoS) attack after the company refused to pay
attackers a ransom to stop the attack. Other entities were targeted by the same
group, with Evernote reporting being knocked offline for a time by another DDoS
attack. Source: http://www.theregister.co.uk/2014/06/11/feedly_ddos_ransom_attack/
29. June 10, Threatpost –
(International) Microsoft patches IE8 zero day, critical Word bug. Microsoft
released its June round of Patch Tuesday updates, with a total of seven
updates. Included was a patch for a zero day vulnerability in Internet Explorer
8, as well as a vulnerability in Word 2007. Source: http://threatpost.com/microsoft-patches-ie8-zero-day-critical-word-bug
30. June 10, SC Magazine –
(International) Online gambling site hit by five-vector DDoS attack peaking
at 100Gbps. Incapsula reported that it responded to a distributed denial of
service (DDoS) attack on a customer’s online gambling Web site June 6 that used
five different vectors to create a 100 gigabits per second attack. Source: http://www.scmagazine.com/online-gambling-site-hit-by-five-vector-ddos-attack-peaking-at-100gbps/article/355020/
31. June 10, Dark Reading –
(International) Zeus being used in DDoS, attacks on cloud providers. Researchers
with the Prolexic Security Engineering and Response Team released a threat
advisory that describes how the Zeus trojan and toolkit is being equipped with
new payloads to perform attacks outside its usual use in banking fraud. Zeus
was identified being used in a variety of attacks including distributed denial
of service (DDoS), spam, virtual currency mining, and attacks on platform as a
service (PaaS) and software as a service (SaaS) infrastructure. Source: http://www.darkreading.com/zeus-being-used-in-ddos-attacks-on-cloud-providers/d/d-id/1269554
For another story, see item 11 above from the Financial Services
Sector
\Communications Sector
32.
June 11, Mlive.com – (Michigan) Verizon Wireless, Sprint and AT&T
customers in Jackson area without service, no timetable given for restoration. Cellular
service for Verizon Wireless, AT&T, and Sprint customers in Jackson,
Michigan, was down indefinitely June 10 due to an issue with a tower in
Detroit. Source: http://www.mlive.com/news/jackson/index.ssf/2014/06/verizon_wireless_customers_in.html
33.
June 10, Alexander City Outlook – (Alabama) Verizon customers without
service after fiber cut. An AT&T fiber optic cable was cut due to
storms near Sylacauga, Alabama, resulting in a loss of service for 22 cell
towers in the area, which caused Windstream and Verizon Wireless customers to
lose cellular service June 10. Crews worked to repair the damaged fiber optic
cable. Source: http://www.alexcityoutlook.com/2014/06/10/breaking-verizon-customers-without-service-after-fiber-cut/