· An explosion inside a boiler room at the
Whitlock Packaging Corp. facility in Lakeland, Florida, September 2 sent a
60,000-pound boiler tank through a wall of the plant, prompting the indefinite
closure of the facility. – Lakeland Ledger
14. September
3, Lakeland Ledger – (Florida) Natural gas explosion blows boiler
through wall at Lakeland packaging facility. A natural gas explosion inside
a boiler room at the Whitlock Packaging Corp. bottling facility in Lakeland,
Florida, September 2 sent a 60,000-pound boiler tank through a wall of the
plant and onto nearby train tracks, prompting the evacuation of employees and
indefinite closure of the facility until crews can assess the damage. Source: http://www.theledger.com/article/20140902/news/140909911
· About
100,000 Prince George’s County residents were placed under a 48-hour boil water
advisory due to a water main break in Laurel, Maryland. – WTTG 5 Washington,
D.C.
17. September
3, WTTG 5 Washington, D.C. – (Maryland) Boil water advisory
issued for parts of Prince George’s County. About 100,000 Prince George’s
County residents were placed under a 48-hour boil water advisory due to a water
main break in Laurel. Source: http://www.myfoxdc.com/story/26431714/boil-water-advisory-for-parts-of-prince-georges-county
· A
gunman shot and injured a police officer after opening fire at the Greenville
County Law Enforcement Center in South Carolina September 1, before turning the
gun on himself and committing suicide. – WYFF 4 Greenville
26. September
2, WYFF 4 Greenville – (South Carolina) Man killed, officer
wounded in shooting at Greenville LEC. A gunman shot and injured a police
officer after opening fire at the Greenville County Law Enforcement Center in
South Carolina September 1, before turning the gun on himself and committing
suicide. Authorities believe the gunman was also connected to the homicide of
his stepfather prior to opening fire at the center. Source: http://www.wyff4.com/news/coroner-one-dead-after-shooitng-at-greenville-county-law-enforcement-center/27830136
· Goodwill
Industries International representatives reported September 2 that a July
payment card breach was the result of hackers using an unidentified piece of
malware to breach the systems of a third-party vendor that processes payments
for some members. – Securityweek
32. September
3, SecurityWeek – (International) Goodwill blames credit card
breach on third-party vendor. Goodwill Industries International
representatives reported September 2 that a payment card breach which was
detected in July was the result of hackers using an unidentified piece of
malware to breach the systems of a third-party vendor that processes payments
for some Goodwill members between February 2013 and August 2014. Servers at 20
Goodwill stores across several States were compromised during the breach, and
the personal information, including name and payment card information, of the
stores’ customers was accessed. Source: http://www.securityweek.com/goodwill-blames-credit-card-breach-third-party-vendor
Financial Services Sector
4. September
3, Help Net Security – (International) Cybercriminals love
PayPal, financial phishing on the rise. Kaspersky Lab researchers released
statistics on spam and phishing emails for the month of July, which found that
phishing emails targeting financial services increased 7.9 percent during the
month, with PayPal being the most targeted company. The researchers also found
that the overall share of spam in all email traffic increased 2.2 percent to a
total of 67 percent during July, among other findings. Source: http://www.net-security.org/secworld.php?id=17320
5. September
2, U.S. Attorney’s Office, District of New Jersey – (New Jersey) Belleville
man admits role in $15 million mortgage fraud scheme. A Belleville man
pleaded guilty September 2 to his role in a $15 million mortgage fraud scheme
that involved overbuilt condominiums in North Wildwood. The man served as a
straw buyer in the scheme and is 1 of 11 defendants charged in connection to
the fraud. Source: http://www.fbi.gov/newark/press-releases/2014/belleville-man-admits-role-in-15-million-mortgage-fraud-scheme
6. September
2, St. Louis Post-Dispatch – (Missouri) Bethalto bank employee
admits embezzlement, fraud. A former U.S. Bank employee pleaded guilty to
embezzlement and fraud while she worked at the bank’s Bethalto Airport branch
in St. Louis, causing damages totaling $105,827. The former employee made
unauthorized debits on customers’ accounts while working as a universal banker
at the branch. Source: http://www.stltoday.com/news/local/crime-and-courts/employee-s-fraud-costs-bank/article_bfc86ab2-2370-5a8b-8655-fb6f1fafe080.html
For additional stories, see items 32 and 33 below from the Commercial Facilities Sector
32. September
3, SecurityWeek – (International) Goodwill blames credit card
breach on third-party vendor. Goodwill Industries International
representatives reported September 2 that a payment card breach which was
detected in July was the result of hackers using an unidentified piece of
malware to breach the systems of a third-party vendor that processes payments
for some Goodwill members between February 2013 and August 2014. Servers at 20
Goodwill stores across several States were compromised during the breach, and
the personal information, including name and payment card information, of the
stores’ customers was accessed. Source: http://www.securityweek.com/goodwill-blames-credit-card-breach-third-party-vendor
33. September
2, Los Angeles Times – (International) Home Depot probing
possible hacking; customer data may be at risk. Home Depot representatives
announced September 2 that the company is investigating a potential security
breach and are working with law enforcement and banking institutions to
investigate reported unusual activity. Source: http://www.latimes.com/business/la-fi-home-depot-hack-20140902-story.html
Information Technology Sector
29. September
3, Help Net Security – (International) Linux systems infiltrated
and controlled in a DDoS botnet. Researchers at Akamai Technologies
reported that Linux systems could be at risk of infections using IptabLes and
IptabLex to compromise systems and use them in distributed denial of service
(DDoS) attacks. The researchers reported that the infections appeared to be
caused by a large number of Linux-based Web servers being compromised via
Apache Struts, Tomcat, and Elasticsearch vulnerabilities. Source: http://www.net-security.org/secworld.php?id=17322
30. September
3, The Register – (International) Firefox 32 moves to kill MITM
attacks. The Mozilla Foundation released version 32 of its Firefox browser,
which adds new features including public key pinning to help protect users
against man-in-the-middle (MitM) attacks. Source: http://www.theregister.co.uk/2014/09/03/firefox_32_moves_to_kill_mitm_attacks/
31. September
2, Threatpost – (International) Apple fixes glitch in Find My
iPhone app connected to celebrity photo leak. A security issue in Apple’s
Find My iPhone app that researchers demonstrated could be exploited in brute
force attacks was fixed by the company. Apple stated that a recent breach of
celebrities’ personal photos stored in its iCloud service was not the result of
the researchers’ findings, but instead involved targeted attacks on the
individuals’ accounts. Source: http://threatpost.com/apple-fixes-glitch-in-find-my-iphone-app-connected-to-celbrity-photo-leak
For another story, see item 4 above
in the Financial Services Sector
Communications Sector
Nothing
to report