Daily Report
Top Stories
· Researchers
identified a new banking trojan botnet known as Qbot or Qakbot that has
infected 500,000 systems and stolen data from users including 800,000 online
banking transactions. – The Register See item 5 below in the Financial Services Sector
· A fire at the
Grove Field Airport in Camas, Washington, caused more than $1 million in damage
to 10-12 small aircrafts and burned 12-14 hangars October 6. – KOIN 6
Portland
7.
October 7, KOIN 6 Portland –
(Washington) Grove Field Airport fire: Airplanes destroyed. A fire at
the Grove Field Airport in Camas, Washington, caused more than $1 million in
damage to 10-12 small aircrafts and burned 12-14 hangars October 6. The cause
of the fire is under investigation and the airport remained closed October 7.
Source: http://koin.com/2014/10/06/2nd-alarm-fire-breaks-out-at-grove-field-airport/
· Stores and
restaurants at a Hillsdale, New Jersey strip mall were closed indefinitely and
officials marked the building as an unsafe structure October 6 after a dump
truck crashed through pavement and into an underground garage beneath the strip
mall October 3. – Bergen County Record
32.
October 6, Bergen County Record – (New
Jersey) Hillsdale strip mall still closed, days after dump truck crash. Stores
and restaurants at a Hillsdale strip mall were closed indefinitely and
officials marked the building as an unsafe structure October 6 after a dump
truck crashed through pavement and into an underground garage beneath the strip
mall October 3. No injuries were reported, and authorities cordoned off the
entire strip mall while engineers continue to inspect the building for
structural damage. Source: http://www.northjersey.com/news/hillsdale-strip-mall-still-closed-days-after-dump-truck-crash-1.1103697
· Utility crews
restored service to all businesses and homes in Waco, Texas, October 5
following strong storms October 1 that knocked out power and damaged several
apartment and commercial buildings. – KWTX 10 Waco
34.
October 5, KWTX 10 Waco – (Texas) Power
restored to most homes, businesses in Waco. Utility crews restored service
to all businesses and homes in Waco October 5 following strong storms October 1
that downed trees and knocked out power to thousands of customers. Officials
reported that the storm damaged 11 apartment buildings, 52 commercial and
non-profit structures, and 1 church. Source: http://www.kwtx.com/home/headlines/Severe-Weather-Causes-Damage-Across-Central-Texas-277966301.html
Financial Services Sector
5. October
7, The Register – (International) Monster banking trojan botnet
claims 500,000 victims. Researchers with Proofpoint identified a new
banking trojan botnet known as Qbot or Qakbot that has infected 500,000 systems
and stolen data from users including 800,000 online banking transactions, with
59 percent of the stolen sessions taken from accounts in major U.S. banks. The
researchers found that the malware for the botnet was launched from compromised
WordPress sites using drive-by download attacks. Source: http://www.theregister.co.uk/2014/10/07/monster_banking_trojan_botnet_claims_500000_victims/
6. October
7, NJ.com – (New Jersey; Florida) Defendants from Essex, Ocean
counties convicted in $15M mortgage fraud scheme. Two siblings in New
Jersey were found guilty October 6 for their roles in a $15 million mortgage
fraud scheme that inflated the sales prices of distressed condos in Naples,
Florida, and several locations in New Jersey and used straw buyers to defraud
lending institutions. One of the siblings assisted the scheme while working as
a title agent at Tri-State Title Agency while the other served as a straw
buyer. Source: http://www.nj.com/essex/index.ssf/2014/10/brother_sister_from_essex_county_convicted_for_roles_in_15m_mortgage_fraud_scam.html
Information Technology Sector
24. October 7, Securityweek – (International) Bugzilla vulnerability exposes
undisclosed bugs. The developers of the Bugzilla bug-tracking software
released an update to address several security issues, including one reported
by Check Point Software Technologies researchers that could allow an attacker
to bypass the email validation process and potentially receive information on
undisclosed security issues. Source: http://www.securityweek.com/bugzilla-vulnerability-exposes-undisclosed-bugs
25. October 7, Securityweek – (International) Yahoo! changes tune after saying
servers were hacked by Shellshock. Yahoo reported October 6 that some
servers that were recently compromised were not compromised using the
Shellshock vulnerability but instead by a bug in a parsing script used on some
servers. Source: http://www.securityweek.com/yahoo-changes-tune-after-saying-servers-were-hacked-shellshock
26. October 6, Softpedia – (International) Trojans-SMS are top threat on Android,
INTERPOL and Kaspersky say. Kaspersky Labs and INTERPOL released the
results of a study of mobile security threats over a 1 year period and found
that Android users were the most targeted by attackers, with SMS trojans
accounting for 57.08 percent of all detections, among other findings. Source: http://news.softpedia.com/news/SMS-Trojans-Are-Top-Threat-on-Android-INTERPOL-and-Kaspersky-Say-461195.shtml
27. October 6, SC Magazine – (International) Bash bug payload downloads KAITEN DDoS
malware source code. Trend Micro researchers detected a payload being
delivered via attacks exploiting the Shellshock vulnerability that downloads
the source code for the KAITEN distributed denial of service (DDoS) malware.
Source: http://www.scmagazine.com/bash-bug-payload-downloads-kaiten-malware/article/375650/
For another story, see item 5 above in the Financial Services Sector
Communications Sector
28.
October 6, Threatpost – (National) AT&T
hit by insider breach. AT&T notified an undisclosed amount of customers
that a former employee may have illegally accessed their personal information,
including Social Security numbers and driver’s license numbers, in August.
Source: http://threatpost.com/att-hit-by-insider-breach/108705
29.
October 6, Redmond Reporter –
(Washington) Frontier restores all copper services in Redmond. Copper
voice and broadband network services for Frontier Communications customers in
Redmond were restored October 3 following a September 20 outage caused by
copper and fiber cables that were inadvertently cut, which severely damaged
Frontier’s network infrastructure. Source: http://www.redmond-reporter.com/news/278263221.html
For
another story, see item 8 below from the Transportation Sector
8.
October 6, Chicago Tribune –
(National) Delays at O’Hare, Midway after Indianapolis FAA outage. Over
277 flights were delayed at Chicago’s O’Hare International Airport and Midway
Airport October 6 due to a telephone outage at an Indianapolis air-traffic
control facility. More than 100 flights at O’Hare International Airport were
also cancelled due to the outage. Source: http://www.chicagotribune.com/news/local/breaking/chi-delays-at-ohare-midway-after-indianapolis-faa-outage-20141006-story.html