Daily Report
Top Stories
· An air
traffic control facility in Aurora, Illinois, is expected to be restored to
full service by October 13 following a September 26 fire that prompted the
cancelation of about 3,800 flights across the U.S. between September 26 and
September 28. – Reuters
10.
September 28, Reuters – (Illinois) FAA
wants to restore Chicago air traffic site by mid-October. Federal Aviation
Administration officials reported September 28 that a regional air traffic
control facility in Aurora, is expected to be restored to full service by
October 13 after crews complete repairs and replace the central communications
network in the building following a fire that was intentionally set by a field
technician September 26. An estimated 3,800 flights were canceled across the
U.S. between September 26 and September 28 as a result of the incident. Source:
http://news.yahoo.com/faa-wants-restore-chicago-air-traffic-mid-october-001045762--finance.html
· A water-boil
alert in Mercer Island, Washington, was lifted September 29 after E. coli was
detected in water samples from the city’s distribution system September 26
which prompted the closure of area schools and 62 businesses. – Seattle
Times
21.
September 29, Seattle Times –
(Washington) Mercer Island lifts water-boil alert Monday morning; schools
closed. Officials lifted a water-boil alert in Mercer Island September 29
and advised residents to flush pipes and clear ice makers after water samples
tested negative for E. coli following detection of the bacteria in water
samples from the city’s distribution system September 26. Mercer Island School
district was closed September 29 to sanitize the schools’ facilities and 62
businesses were ordered closed until the boil-water advisory was lifted.
Source: http://blogs.seattletimes.com/today/2014/09/tests-improve-but-water-boil-alert-remains-for-mercer-island/
· An accident
involving a North Central Texas College bus left 4 students dead and 12 others
injured when the bus was hit by a semi-truck on Interstate 35 in Oklahoma
September 26. – CNN
27. September 27, CNN – (Oklahoma) 4 killed when semi hits bus carrying Texas college
softball team in Oklahoma. An accident involving a North Central Texas
College bus left 4 students dead and 12 others injured when the bus was hit by
a semi-truck on Interstate 35 in Oklahoma September 26. Source: http://www.cnn.com/2014/09/27/us/oklahoma-school-bus-accident/
· Signature
Systems reported September 26 that the breach of its point-of-sales system may
have compromised the systems of an additional 108 independent restaurants
across the U.S. that utilizes its payment products. – IDG News Service
38.
September 26, IDG News Service –
(International) Credit card breach that hit Jimmy John's is larger than
originally thought. Signature Systems reported September 26 that the breach
of its point-of-sales system that affected 216 Jimmy John’s sandwich shop
locations also may have compromised the systems an additional 108 independent
restaurants across the U.S. that use its payment products. The intrusion is
believed to have started June 16 when hackers used stolen credentials to
remotely install malware onto stores’ payment terminals that is capable of
stealing customers’ payment card information. Source: http://www.networkworld.com/article/2688453/security/credit-card-breach-that-hit-jimmy-johns-is-larger-than-originally-thought.html
Financial Services Sector
38. September
26, IDG News Service – (International) Credit card breach that
hit Jimmy John's is larger than originally thought. Signature Systems
reported September 26 that the breach of its point-of-sales system that
affected 216 Jimmy John’s sandwich shop locations also may have compromised the
systems an additional 108 independent restaurants across the U.S. that use its
payment products. The intrusion is believed to have started June 16 when
hackers used stolen credentials to remotely install malware onto stores’
payment terminals that is capable of stealing customers’ payment card
information. Source: http://www.networkworld.com/article/2688453/security/credit-card-breach-that-hit-jimmy-johns-is-larger-than-originally-thought.html
Information Technology Sector
30. September 29, Softpedia – (International) New remote code execution flaws found
in Shellshock-patched Bash. Researchers found four additional vulnerabilities
with the Bash command interpreter for Linux, Shellshock, two of which were
unofficially patched after new changes to the code. The two new bugs that
remain could be exploited remotely and in an easier way due to the rare use of
address space layout randomization (ASLR) when compiling Bash. Source: http://news.softpedia.com/news/New-Remote-Code-Execution-Flaws-Found-In-Shellshock-Patched-Bash-460348.shtml
31. September 29, Softpedia – (International) Ello social network recovers after
DDoS attack. Administrators with Ello, a social networking site, announced
they blocked a bad IP address that was responsible for sending junk traffic
after reporting the site was under an apparent distributed denial of service
(DDoS) attack. Source: http://news.softpedia.com/news/Ello-Social-Network-Recovers-After-DDoS-Attack-460324.shtml
32. September 29, Softpedia – (International) Cisco lists 31 products vulnerable to
the Shellshock vulnerability. Cisco released a list of 31 products
vulnerable to the Shellshock glitch which included connection routing, network
management, and media content delivery and encoding, among others. Oracle also
released a list of 32 products vulnerable to attack by the Bash bug after the
company changed its initial list and appended new products. Source: http://news.softpedia.com/news/Cisco-Lists-31-Products-Vulnerable-To-the-Shellshock-Vulnerability-460303.shtml
33. September 26, SC Magazine – (International) iThemes users asked to change
passwords following attack. The CEO if iThemes, a WordPress themes,
plugins, and training provider, advised 60,000 past and current users to reset
their passwords following an attack on its membership database that may have
compromised usernames, email addresses, passwords, names, IP addresses, and purchase
information. Source: http://www.scmagazine.com/ithemes-users-asked-to-change-passwords-following-attack/article/373939/
Communications Sector
34.
September 25, U.S. Department of Labor –
(Kansas) Wireless Horizon tower collapse results in deaths of 2 cell tower
workers. The Occupational Safety and Health Administration cited Wireless
Horizon, Inc., September 25 for 2 willful and 4 serious safety violations and
placed the company in the Severe Violator Enforcement Program following the
March 25 death of 2 workers from the collapse of a cell tower they were
dismantling in Kansas. Proposed fines total $134,400. Source: https://www.osha.gov/pls/oshaweb/owadisp.show_document?p_table=NEWS_RELEASES&p_id=26781