Monday, September 22, 2014



Complete DHS Report for September 22, 2014

Daily Report

Top Stories

 · Phoenix Sky Harbor International Airport in Arizona reopened Terminal 4 after authorities locked it down for over 3 hours and grounded its flights September 18 while searching for three suspects connected to a shooting at a nearby gas station. – Associated Press 

9. September 19, Associated Press – (Arizona) Shooting suspect captured at Sky Harbor. Phoenix Sky Harbor International Airport in Arizona reopened Terminal 4 after authorities locked it down for over 3 hours and grounded its flights September 18 in search of three suspects connected to a shooting at a nearby Tempe gasoline station. Police located and arrested all three suspects. Source: http://www.azfamily.com/news/Police-search-for-Tempe-shooting-suspects-at-Sky-Harbor-275669941.html

 · A JetBlue flight that was forced to return to Long Beach Airport in California shortly after takeoff September 18 landed safely and closed the airport’s main runway for approximately 2 hours while the airplane was towed. – Associated Press

10. September 18, Associated Press – (California) Passenger says JetBlue plane filled with smoke. An Austin, Texas-bound JetBlue flight that was forced to return to Long Beach Airport shortly after takeoff September 18 landed safely when the pilot declared an emergency after smoke was seen coming from the engine and filled the cabin, prompting passengers to evacuate onto the runway using the plane’s emergency slides. Four people sought medical attention and the airport’s main runway was closed for approximately 2 hours while the airplane was towed. Source: http://abcnews.go.com/Sports/wireStory/airliner-returns-long-beach-emergency-25599587

 · Police arrested a man September 18 and charged him with arson in connection to starting the 73,184-acre King Fire in El Dorado County, California, that is 10 percent contained and threatens over 12,000 residences. – CNN 

21. September 19, CNN – (California; Oregon) Arson arrest made at 10 wildfires scorch California; state emergency declared. Police arrested a man September 18 and charged him with arson in connection to starting the 73,184-acre King Fire in El Dorado County, California, that is 10 percent contained and threatens over 12,000 residences. Fire crews in California worked to contain 9 other fires that have burned over 125,000 acres and destroyed dozens of structures, including near the Oregon border. Source: http://www.cnn.com/2014/09/18/us/california-fires/

 · Home Depot officials reported September 18 that 56 million payment cards were likely compromised when attackers used custom-built malware to breach the networks of stores in the U.S. and Canada. – Reuters 

33. September 18, Reuters – (International) Home Depot breach bigger than Target at 56 million cards. Home Depot officials reported September 18 that 56 million payment cards were likely compromised when attackers used custom-built malware to breach the networks of stores in the U.S. and Canada between April and September 8 when the breach was detected. Costs associated with the breach are estimated to total $62 million to date. Source: http://www.reuters.com/article/2014/09/18/us-home-depot-dataprotection-idUSKBN0HD2J420140918

Financial Services Sector

6. September 18, Threatpost – (International) Dyre trojan caught in the cookie jar. An analysis by Adallom researchers found that a new variant of the Dyre banking trojan is targeting login credentials for large banks and corporate accounts. The new variant is capable of stealing client certificates and browser cookies, potentially acquiring the same account persistence for attackers as that held by legitimate users. Source: http://threatpost.com/dyre-trojan-caught-in-the-cookie-jar/108373

7. September 18, Southern California City News Service – (California) Four charged with making credit cards with ‘skimmed’ info. Four men from the Los Angeles area were arrested September 18 for allegedly using skimming devices to obtain payment card information, creating fraudulent payment cards, and stealing over $2 million from around 10,000 accounts. Source: http://www.encinitasadvocate.com/news/2014/sep/18/credit-card-skimming-encinitas/

8. September 18, Federal Bureau of Investigation – (California) Penny stock fraud nets millions. The FBI announced the arrest of two Los Angeles men September 18 for allegedly running a penny stock manipulation scheme that used shell companies to create the illusion of demand for stocks in several companies in order to defraud investors of several million dollars. The alleged scheme also used kickbacks paid to brokers in order to make the penny stocks appear to have value. Source: http://www.fbi.gov/cleveland/press-releases/2014/penny-stock-fraud-nets-millions

For another story, see item 33 below from the Commercial Facilities Sector

33. September 18, Reuters – (International) Home Depot breach bigger than Target at 56 million cards. Home Depot officials reported September 18 that 56 million payment cards were likely compromised when attackers used custom-built malware to breach the networks of stores in the U.S. and Canada between April and September 8 when the breach was detected. Costs associated with the breach are estimated to total $62 million to date. Source: http://www.reuters.com/article/2014/09/18/us-home-depot-dataprotection-idUSKBN0HD2J420140918

Information Technology Sector

27. September 19, Securityweek – (International) Apple fixes numerous vulnerabilities with release of Mac OS X 10.9.5. Apple released the latest version of its OS X operating system September 18, which addresses over 40 vulnerabilities that could lead to information disclosure, arbitrary code execution, privilege escalation, and other issues. Apple also released security updates for its OS X Server, Apple TV, Xcode development platform, and Safari Web browser. Source: http://www.securityweek.com/apple-fixes-numerous-vulnerabilities-release-mac-os-x-1095

28. September 18, IDG News Service – (International) Malicious advertisements distributed by DoubleClick, Zedo networks. Researchers at Malwarebytes found that the DoubleClick and Zedo advertisement networks have been delivering malicious ads to several popular Web sites including Last.fm, The Times of Israel, and The Jerusalem Post. The malicious ads redirect users to a page hosting the Nuclear exploit kit which then attempts to drop the Zemot malware used by attackers to download additional malicious components. Source: http://www.networkworld.com/article/2686393/malicious-advertisements-distributed-by-doubleclick-zedo-networks.html

For another story, see item 6 above in the Financial Services Sector

Communications Sector

29. September 19, Natchez Democrat – (Mississippi) Cable ONE fiber optic cable cut. Nearly 4,000 Cable ONE customers in Natchez and Yazoo City lost Internet and other services for nearly 3 hours September 18 when a fiber cable was cut. Source: http://www.natchezdemocrat.com/2014/09/19/cable-one-fiber-optic-cable-cut/

30. September 18, Fluvanna Review – (Virginia) Communication outage could affect 911 calls. Internet, land line, and some cellular phone service was disrupted for CenturyLink customers around the Lake Monticello area in Fluvanna County September 18 due to a cut fiber optic line. Officials warned the public that 9-1-1 calls may also be impacted as well. Source: http://www.fluvannareview.com/index.php?option=com_content&view=article&id=5983:outage