Monday, October 6, 2014



Complete DHS Report for October 6, 2014

Daily Report

Top Stories

 · JPMorgan Chase & Co. stated October 2 that a cyberattack against the company’s systems compromised the customer information of around 76 million households and 7 million small businesses. – Associated Press See item 5 below in the Financial Services Sector

 · A former executive at Foundry Networks was found guilty October 2 on charges of insider trading for passing along nonpublic information, allowing a former Artis Capital Management LP analyst and over a dozen others to make over $27 million in illicit profits. – Bloomberg News See item 6 below in the Financial Services Sector

 · More than 800 flights were canceled at Chicago’s O’Hare International Airport and Midway International Airport October 2 due to severe weather and system issues caused by a September 26 fire at an Aurora, Illinois control center. – Reuters

9. October 2, Reuters – (Michigan) More than 800 flights canceled in Chicago due to weather, fire issues. More than 525 flights were canceled at O’Hare International Airport and nearly 300 flights were canceled at Midway International Airport October 2 due to severe weather conditions and system issues caused by a September 26 fire at an Aurora, Illinois control center. Source: http://www.reuters.com/article/2014/10/02/us-usa-chicago-weather-idUSKCN0HR1QA20141002

 · An October 2 storm caused the cancellation of classes at the University of Texas at Arlington, and closure of schools in the Dallas-metro area after roughly 180,000 customers lost power. – Dallas Business Journal

26. October 3, Dallas Business Journal – (Texas) Arlington ISD, UT Arlington close campuses in wake of Thursday’s storm. An October 2 storm that produced strong winds and heavy rain caused the closure of all schools in the Arlington, Texas school district, the cancellation of classes at the University of Texas at Arlington, the closure of 6 campuses in the Richardson and Mesquite Independent School District, and the closure of 41 Dallas Independent School campuses after roughly 180,000 customers lost power. Source: http://www.bizjournals.com/dallas/blog/morning_call/2014/10/arlington-isd-ut-arlington-close-campuses-in-wake.html

Financial Services Sector

4. October 3, WFTX 4 Fort Myers – (Florida) Deputies seize over 400 fake credit cards. Lee County deputies arrested a man during a traffic stop after finding over 400 counterfeit credit cards in his possession. Officials stated that the fraudulent cards could have been worth over $4.1 million. Source: http://www.jrn.com/fox4now/news/Deputies-seize-over-400-fake-credit-cards-278009891.html

5. October 2, Associated Press – (National) 76M households hit by JPMorgan data breach. JPMorgan Chase & Co. stated October 2 that a large cyberattack against the company’s systems compromised the customer information of around 76 million households and 7 million small businesses. The attack was discovered in August and began as early as June and compromised customers’ names, addresses, email addresses, and phone numbers but the bank stated that there was no evidence that the breach included account information. Source: https://finance.yahoo.com/news/jpmorgan-says-data-breach-affected-210556038.html

6. October 2, Bloomberg News – (New York) Ex-Foundry Networks official guilty of passing tips. A former executive at Foundry Networks was found guilty October 2 on charges of insider trading for passing along nonpublic information about Foundry Networks’ acquisition by Brocade Communications Systems Inc., allowing a former Artis Capital Management LP analyst and over a dozen others to make over $27 million in illicit profits. Source: http://www.businessweek.com/news/2014-10-02/ex-foundry-networks-official-guilty-of-passing-tips

7. October 2, KABC 7 Los Angeles – (California) Chase driver identified as ‘Hills Bandit’ bank robbery suspect. A man who led police on a chase while driving a truckload of steel allegedly stolen from a steel business in Santa Fe Springs was arrested and identified by police as the suspect known as the “Hills Bandit” responsible for up to 10 bank robberies in Orange County, San Diego, and Santa Barbara. Source: http://abc7.com/news/chase-suspect-ided-as-hills-bandit-bank-robber/334292/

Information Technology Sector

35. October 3, Softpedia – (International) CryptoWall 2.0 available in the wild, has new obfuscator. A 2.0 version of the CryptoWall ransomware has been spotted in the wild by researchers and includes the use of the Tor network for communicating with command and control servers and a new obfuscator to prevent analysis and debugging. Source: http://news.softpedia.com/news/CryptoWall-2-0-Available-In-the-Wild-Has-New-Obfuscator-460927.shtml

36. October 3, Help Net Security – (International) Destructive Android trojan poses as newest Angry Birds game. Researchers with Doctor Web identified a piece of destructive Android malware detected as Android.Elite.1.origin that poses as an unreleased Angry Birds game app and once installed deletes a device’s data, blocks communications programs, and sends out a high volume of messages to all contacts on the device. Source: http://www.net-security.org/malware_news.php?id=2877

37. October 2, Securityweek – (International) “BadUSB” code published. Two researchers presenting at the Derbycon 4.0 conference reverse-engineered USB firmware to launch various attacks and posted the attack code online. The flaw in USB firmware that enables the attack was first revealed at the Black Hat conference but the attack code was not released at that time. Source: http://www.securityweek.com/badusb-code-published

38. October 2, Threatpost – (International) Second same-origin policy bypass flaw haunts Android browser. A researcher identified and reported a same-origin policy bypass vulnerability in the Android browser in versions prior to 4.4 that could allow an attacker to steal data from a user’s browser. Google issued a patch for the vulnerability for users of Android 4.1-4.3 in late September. Source: http://threatpost.com/second-same-origin-policy-bypass-flaw-haunts-android-browser

Communications Sector

39. October 2, Syracuse Journal-Democrat – (Nebraska) Water shuts down communications for some local businesses. Full Windstream Communications telephone and Internet service was restored to as many as 100 customers in Syracuse, Nebraska, October 1 following an outage that occurred September 30 due to heavy rains that soaked the cable lines. Source: http://www.journaldemocrat.com/article/20141002/NEWS/141009958