· An estimated 4,000
barrels of oil were released October 13 in northwest Louisiana from a Sunoco
Logistics oil pipeline prompting the shut off of a section of the pipeline
until further notice. – Wall Street Journal
October
14, Wall Street Journal – (Louisiana) Pipeline remains shut after spill in
Louisiana on Monday. An estimated 4,000 barrels of oil were released
October 13 in northwest Louisiana from a Sunoco Logistics oil pipeline
prompting the shut off of a section of the pipeline between Longview, Texas,
and Mayersville, Mississippi, until further notice. The spill was contained and
the company is investigating the incident. Source: http://online.wsj.com/articles/pipeline-remains-shut-after-spill-in-louisiana-monday-1413319263
· A water line
break the week of October 6 that left roughly 2,000 customers in Nowata County,
Oklahoma, without water service prompted members of the Cherokee Nation to
deliver 16,000 bottles of water, 336 one-gallon jugs, and a 535-gallon tank of
water to residents. – Tulsa World
16. October
15, Tulsa World – (Oklahoma) Cherokees deliver drinking water
following line break in Nowata County. A water line break the week of
October 6 that left roughly 2,000 residents in Nowata County without water
service prompted members of the Cherokee Nation to deliver 16,000 bottles of
water, 336 one-gallon jugs, and a 535-gallon tank of water to residents and
Oklahoma Union Public Schools. Source: http://www.tulsaworld.com/news/state/cherokees-deliver-drinking-water-following-line-break-in-nowata-county/article_def659c7-935b-5e5d-8334-565b27b9b71c.html
· Repair work
and cleanup continued October 13 after a water main broke October 10 and
discharged an estimated 2.5 million gallons of water, flooding nearby streets,
34 homes, and a school in east Salt Lake City, Utah. – Salt Lake Tribune
18. October 13, Salt Lake Tribune – (Utah) Cleanup from E. Salt Lake City water main break
continues. Repair work and cleanup efforts continued October 13 after a
48-inch water main broke October 10 and discharged an estimated 2.5 million
gallons of water, flooding and damaging nearby streets, 34 homes, and the
Montessori Community School in east Salt Lake City. The school remained closed
until further notice while city officials worked to assess the total damage.
Source: http://www.sltrib.com/sltrib/news/58515941-78/1700-lake-salt-break.html.csp
· A 5-alarm
fire displaced more than 20 residents from a Boston apartment building October
10 and caused an estimated $1.1 million in damage to the structure. – Associated
Press
40.
October 13, Associated Press –
(Massachusetts) Police: Body found in Boston fire had been stabbed. A
5-alarm fire displaced more than 20 residents from a Boston apartment building
October 10 and caused an estimated $1.1 million in damage to the structure.
Authorities discovered the remains of a man who was stabbed multiple times
during their investigation into the source of the blaze. Source: http://www.wbur.org/2014/10/13/police-body-fire-stabbed
Financial Services Sector
Nothing
to report
Information Technology Sector
24. October 15, Help Net Security – (International) Microsoft patches two more 0-days
actively used by attackers. Microsoft released its monthly Patch Tuesday
round of patches for October, closing several critical vulnerabilities
including the SandWorm vulnerability and others exploited by attackers. Source:
http://www.net-security.org/secworld.php?id=17498
25. October 15, Softpedia – (International) Flash Player 15 update plugs remote
code execution bugs. Adobe released patches for three critical
vulnerabilities in its Flash Player consisting of two memory corruption issues
and one integer overflow vulnerability. Source: http://news.softpedia.com/news/Flash-Player-15-Update-Plugs-Remote-Code-Execution-Bugs-462158.shtml
26. October 15, Softpedia – (International) Mozilla fixes critical bugs in Firefox
33. Mozilla released the latest version of its Firefox browser, closing 33
critical vulnerabilities and adding improved functionality. Source: http://news.softpedia.com/news/Mozilla-Fixes-Critical-Bugs-in-Firefox-33-462211.shtml
27. October 15, Softpedia – (International) SSL 3.0 falls in the face of POODLE
attack, needs to be disabled. Researchers with Google designed an attack
named POODLE that can exploit a flaw in the design of the Secure Sockets Layer
3.0 (SSL 3.0) protocol that can allow the extraction of data from secure
connections using the protocol. SSL 3.0 has been superseded by several other
protocols but is still used in some clients and servers and as a backup
protocol by Web browsers if modern protocols are unavailable. Source: http://news.softpedia.com/news/SSL-3-0-Falls-In-Face-of-POODLE-Attack-Needs-To-Be-Disabled-462136.shtml
28. October 14, Softpedia – (International) Malware-like browser pop-ups used by
advertisers to push apps on Android. A researcher at Malwarebytes reported
that some advertisers are using fake warning or update notifications directed
at Android users in an attempt to get them to download legitimate but
potentially unwanted programs in an affiliate marketing scheme. Source: http://news.softpedia.com/news/Malware-Like-Browser-Pop-Ups-Used-By-Advertisers-to-Push-Apps-On-Android-462103.shtml
29. October 14, Threatpost – (International) BlackBerry 10 devices open to bug that
allows malicious app installation. BlackBerry released a patch for a
vulnerability in BlackBerry 10 devices that could allow an attacker with a
man-in-the-middle position to replace legitimate apps downloaded through the
BlackBerry World app store with malicious apps. Source: http://threatpost.com/blackberry-10-devices-open-to-bug-that-allows-malicious-app-installation/108830
30. October 14, Help Net Security – (International) Malicious YouTube ads lead to
exploits, ransomware. Trend Micro researchers identified and reported a
malvertising campaign where attackers appeared to have bought traffic from
legitimate ad providers in order to place malicious ads on popular YouTube
videos to redirect users through several sites to a server hosting the Sweet
Orange exploit kit. The exploit kit then attempts to infect users with the
Kovter ransomware via an Internet Explorer vulnerability. Source: http://www.net-security.org/malware_news.php?id=2883
31. October 14, Securityweek – (International) Massive Oracle security update lands
on Microsoft Patch Tuesday. Oracle released over 150 patches for several of
its products, closing critical vulnerabilities in several products including
Oracle Database and Java SE. Source: http://www.securityweek.com/massive-oracle-security-update-lands-microsoft-patch-tuesday
Communications Sector
32.
October 15, KCRA 3 Sacramento –
(California) Downed tree to blame for Sonora-area service outage. Cellphone,
Internet, and TV service was restored to 37,000 AT&T, Citizens Telephone,
and Sierra Cellular customers in the Sonora area October 15 after a downed tree
disrupted service October 14. Source: http://www.kcra.com/news/local-news/news-sierra/37k-are-without-att-service-in-foothills/29135598