Daily Report
Top Stories
· A 12-inch
water main ruptured in Hyattsville, Maryland, July 31 sending an estimated 6
million gallons of water gushing onto Route 1 and prompting a closure of the
roadway through August 2 for repairs. – WJLA 7 Washington, D.C.
16.
August 1, WJLA 7 Washington, D.C. –
(Maryland) Huge water main break floods major Hyattsville road with 6
million gallons. A 12-inch water main ruptured in Hyattsville, Maryland,
July 31 causing the road to buckle and sending an estimated 6 million gallons
of water gushing onto Route 1. About 30 homes and businesses were without water
as crews worked to repair the pipe closing a stretch of Rhode Island Avenue
through the weekend of August 2. Source: http://www.wjla.com/articles/2014/07/huge-water-main-break-floods-roadway-in-hyattsville-md--105636.html
· A boil water
advisory was issued to roughly 5,000 residents in the Village of Ossining, New
York, through August 3 after a water main break July 31 that left the water
supply open to contamination. – WABC 7 New York City
17. August 1, WABC 7 New York City – (New York) Boil water advisory issued in Ossining
after water main break. A boil water advisory was issued to roughly 5,000
residents in the Village of Ossining through August 3 after a water main break
July 31 that left the water supply open to contamination. Source: http://7online.com/health/boil-water-advisory-issued-in-ossining/232302/
· Authorities
charged a DCM Erectors Inc. official July 31 with defrauding a government
program of millions of dollars during work performed for the Port Authority of
New York and New Jersey in the redevelopment of the World Trade Center. – Reuters
20.
July 31, Reuters – (New York) World
Trade Center contractor charged in multimillion-dollar fraud. The chief
executive of DCM Erectors Inc., was charged by federal authorities July 31 with
defrauding a government program intended to promote minority-and women-owned
businesses during work performed for the Port Authority of New York and New
Jersey in the redevelopment of the World Trade Center. The chief executive
allegedly paid the owners of two contracting businesses to aid him in
falsifying documents made to appear as though they had done work for the company.
Source: http://www.reuters.com/article/2014/07/31/us-usa-crime-worldtradecenter-idUSKBN0G02ST20140731
· Researchers
from SRLabs reported developing a new piece of malware that can reprogram USB
controller chips to spoof other devices, allowing an attacker to take control
of a computer, steal data, and perform other actions. – Securityweek
See item 23
below in the Information Technology
Sector
Financial Services Sector
4. August
1, Softpedia – (International) New point-of-sale malware
“Backoff” scrapes RAM for card data. The U.S. Computer Emergency Response
Team (US CERT) published an advisory warning of a new family of malware known
as “Backoff” that can compromise point-of-sale (PoS) systems by compromising
remote desktop applications and then performing memory scraping to obtain
payment card track data. The malware currently has very low rates of detection
in most antivirus engines and contains various other capabilities including
keystroke logging and injecting a malicious stub into explorer.exe to increase
persistency. Source: http://news.softpedia.com/news/New-Point-of-Sale-Malware-Backoff-Scrapes-RAM-For-Card-Data-453051.shtml
5. July
31, Krebs on Security – (National) Sandwich chain Jimmy John’s
investigating breach claims. Sandwich restaurant chain Jimmy John’s
reported that it is working with authorities to investigate a possible breach
of customer payment data. Source: https://krebsonsecurity.com/2014/07/sandwich-chain-jimmy-johns-investigating-breach-claims/
6. July
31, KUSA 9 Denver – (Colorado) ‘Good Grammar Bandit’ bank robber
strikes again. The FBI believes that a suspect known as the “Good Grammar
Bandit” was responsible for the robbery of a Chase Bank branch in Thornton July
29, the seventh robbery in the Denver area linked to the suspect. Source: http://www.wfmynews2.com/story/news/crime/2014/07/31/good-grammar-bandit/13442831/
Information Technology Sector
23. August 1, Securityweek – (International) USB device firmware can be
reprogrammed to hide sophisticated malware. Researchers from SRLabs
reported developing a new piece of malware that can reprogram USB controller
chips to spoof other devices, allowing an attacker to take control of a
computer, steal data, and perform other actions. The researchers plan to
demonstrate the “BadUSB” malware at the upcoming Black Hat security conference.
Source: http://www.securityweek.com/usb-device-firmware-can-be-reprogrammed-hide-sophisticated-malware
24. August 1, Softpedia – (International) Hackers steal video game source code. Dell
SecureWorks’ Counter Threat Unit identified a group of attackers labeled Threat
Group-3279 that has been observed targeting video game and entertainment
companies to steal source code and create cracks or cheat codes for games. The
group is believed to be associated with the China Cracking Group and leverages
a variety of tools and pieces of malware, including ones created by the group.
Source: http://news.softpedia.com/news/Hackers-Steal-Video-Game-Source-Code-453108.shtml
25. August 1, Securityweek – (International) “Pitty Tiger” threat actors possibly
active since 2008: FireEye. Researchers at FireEye analyzed the “Pitty
Tiger” advanced persistent threat group first identified by Airbus Defense
& Space and found that the group may have been active since 2008. The Pitty
Tiger campaign targeted a variety of sectors including the defense and telecoms
industries, and is believed to be operating from China. Source: http://www.securityweek.com/pitty-tiger-threat-actors-possibly-active-2008-fireeye
26. August 1,
Securityweek – (International) New ransomware
uses GnuPG to encrypt files. Researchers at Symantec and Trend Micro
analyzed a new piece of ransomware dubbed Trojan.Ransomcrypt.L or BAT_CRYPTOR.A
that uses GNU Privacy Guard to encrypt files for ransom and can be easily
updated by its controllers. Trend Micro also identified another new piece of
ransomware dubbed Cryptoblocker which does not use RSA keys and appears to have
been written by inexperienced writers. Source: http://www.securityweek.com/new-ransomware-uses-gnupg-encrypt-files
27. August 1,
Softpedia – (International) Fiesta Exploit
Kit delivers double payload. A Malwarebytes researcher reported that
attackers have modified the way the Fiesta Exploit Kit delivers its malicious
payload by delivering two malicious files at once to attempt to avoid antivirus
detection for at least one file. Source: http://news.softpedia.com/news/Fiesta-Exploit-Kit-Delivers-Double-Payload-453143.shtml
For another story, see item 4 above in the Financial
Services Sector
Communications Sector
28.
July 31, U.S. Department of Labor –
(West Virginia) Cell tower company cited by OSHA for safety hazards
following fatality in Clarksburg, West Virginia, tower collapse in February
2014. Oklahoma-based S and S Communication Specialists Inc., was cited for
two serious safety violations July 31 by the Occupational Safety and Health
Administration following the February collapse of a communication tower in Clarksburg
that killed two employees and a firefighter and injured two others. Proposed
fines totaled $7,000. Source: https://www.osha.gov/pls/oshaweb/owadisp.show_document?p_table=NEWS_RELEASES&p_id=26472
For
another story, see item 25 above in the Information Technology
Sector