Daily Report
Top Stories
· Power was
restored and new motors installed at a wastewater treatment plant in Honolulu,
Hawaii, October 22 after the plant was overwhelmed by 20 million gallons of
untreated sludge and storm water from Hurricane Ana October 19. – Associated
Press
16.
October 23, Associated Press –
(Hawaii) Honolulu restoring power to sewage plant damaged by 20 million
gallons of untreated sludge. The City of Honolulu reported that crews
installed new motors at the Sand Island Wastewater Treatment Plant October 22
after the plant was overwhelmed by sludge and storm water from Hurricane Ana
October 19. The storm sent 20 million gallons of untreated sludge into the
plant’s below-ground areas, cutting power to the plant as well as allowing
around 5,000 gallons of sewage to flow into Honolulu Harbor. Source: http://www.dailyjournal.net/view/story/d256ec13b23b4fbeb70f647662645d0b/HI--Sewage-Plant/
· Ventura
County, California officials reported that around 68,000 gallons of raw sewage
spilled in Moorpark due to a blockage during the October 18-19 weekend but was
not reported until October 20. – Associated Press; Ventura County Star
17.
October 23, Associated Press; Ventura County Star
– (California) 68,000 gallons of raw sewage spill in Moorpark. Ventura
County officials reported that around 68,000 gallons of raw sewage spilled in
Moorpark due to a blockage during the October 18-19 weekend but was not
reported until October 20. The area of the spill in the Arroyo Simi was
sandbagged to isolate and clean the sewage and the blockage was cleared while
residents were advised to avoid contact with the water for at least 72 hours
Source: http://www.ktvu.com/news/ap/california/68000-gallons-of-raw-sewage-spill-in-moorpark/nhqTC/
· Authorities
are investigating after medical records including the personal information of
40,000 former and current patients of a Jersey City, New Jersey internist were
stolen from a storage shed outside the doctor’s office. – Jersey Journal
20.
October 22, Jersey Journal – (New
Jersey) Medical records of 40,000 patients stolen from Jersey City doctor’s
office, police say. Authorities are investigating after medical records
including Social Security numbers and the personal information of 40,000 former
and current patients of a Jersey City internist were stolen from a storage shed
outside the doctor’s office the week of October 21. Source: http://www.nj.com/hudson/index.ssf/2014/10/medical_records_of_40000_patients_stolen_from_jersey_city_doctors_office_police_say.html
· The FBI
arrested and charged a National Weather Service employee working out of the
Wilmington, Delaware office October 21 for allegedly hacking into the
restricted U.S. Army Corps of Engineers’ National Inventory of Dams. – Dayton
Daily News
25.
October 21, Dayton Daily News –
(National) FBI arrests Weather Service employee for alleged cyber hacking. The
FBI arrested and charged a National Weather Service employee working out of the
Wilmington office October 21 for allegedly hacking into the restricted U.S.
Army Corps of Engineers’ National Inventory of Dams, which contains detailed
information about dams nationwide, in May 2012 and downloading sensitive files
from the inventory. Source: http://www.daytondailynews.com/news/news/fbi-arrests-weather-service-employee-for-alleged-c/nhpKt/
Financial Services Sector
Nothing
to report
Information Technology Sector
27. October 23, Softpedia – (International) CryptoWall 2.0 delivered through
malvertising on Yahoo and other large sites. Proofpoint researchers
observed a recent campaign using malicious advertisements on Yahoo, 9gag, and
other popular Web sites to deliver the CryptoWall 2.0 ransomware via the
FlashPack Exploit Kit. The exploit kit exploits vulnerabilities in Adobe Flash
Player to deliver the ransomware that encrypts users’ files and demands a
ransom to decrypt them. Source: http://news.softpedia.com/news/CryptoWall-2-0-Delivered-Through-Malvertising-On-Yahoo-and-Other-Large-Sites-462970.shtml
28. October 23,
Securityweek – (International) 1.2 million
networking devices vulnerable due to NAT-PMP issues. A security researcher
with Rapid7 reported October 21 that the company identified around 1.2 million
Internet-connected devices that are vulnerable to various attacks due to poor
implementation or configuration of the Network Address Translation – Port
Mapping Protocol (NAT-PMP). The vulnerabilities could allow attackers to
perform denial of service (DoS) attacks, intercept traffic, or perform other
malicious actions. Source: http://www.securityweek.com/12-million-networking-devices-vulnerable-due-nat-pmp-issues
29. October 22,
Softpedia – (International) Apple warns
users of attack targeting iCloud site. Apple confirmed reports of
man-in-the-middle (MitM) attacks against its iCloud service that employed an
insecure certificate and advised users not to dismiss browser warnings
regarding the security of content. The attacks trigger warnings in the Chrome
and Firefox browsers but not in Qihoo, the most popular Web browser in China.
Source: http://news.softpedia.com/news/Apple-Warns-Users-of-Attack-Targeting-iCloud-Site-462846.shtml
For another story, see item 21 below
from the Government Facilities Sector
21. October 22, Securityweek – (International) ‘Operation
Pawn Storm’ cyber-espionage campaign hits organizations. Trend Micro
researchers identified a cyberespionage operation dubbed “Operation Pawn Storm”
that uses targeted emails and compromised Web sites to infect users in
government, military, and media organizations with the SEDNIT (also known as
Sofacy) malware. Source: http://www.securityweek.com/operation-pawn-storm-cyber-espionage-campaign-hits-organizations
Communications Sector
30. October 22, KMA 960 AM Shenandoah – (Iowa) 911, Internet and cable service back in
southwest Iowa. Internet, telephone, cable, and 9-1-1 services were
restored to Mediacom customers across southwest Iowa after a fiber cable
ruptured causing a widespread outage that affected Montgomery and Adams
counties for several hours October 22. Source: http://www.kmaland.com/news/internet-and-cable-service-back-in-southwest-iowa/article_7a361bee-5a28-11e4-9f56-0017a43b2370.html
31. October 22, WEHT 25 Evansville – (Kentucky) Crews work to repair broken fiberoptic
AT&T line. Crews spent 8-10 hours working to restore AT&T Internet,
phone, and cable services in Daviess County after a construction crew hit a
fiber optic line in the Hawesville area October 22. Source: http://www.tristatehomepage.com/story/d/story/crews-work-to-repair-broken-fiberoptic-att-line/80091/yUrjQV5v-k6BTwEpyuTYaQ
32. October 22, Scranton Times-Tribune – (Pennsylvania) The sound of radio silence: WARM
transmitter fails, station off air. WARM 590 AM Scranton went off air
September 15 and filed for a notice to suspend operations September 25 to the
U.S. Federal Communications Commission due to a transmitter failure located
near Falls. Engineers worked to identify the technical issue in order to bring
the station back on air. Source: http://thetimes-tribune.com/news/the-sound-of-radio-silence-warm-transmitter-fails-station-off-air-1.1775261