Complete DHS Report for November 3, 2014
Daily Report
Top Stories
· Officials are investigating after a 120,000-pound crane
overturned on northbound Interstate 5 at Avenida Pico in San Clemente,
California, October 30 and blocked all northbound lanes for 13 hours. – San
Diego Union-Tribune
8. October
31, San Diego Union-Tribune – (California) N I-5 reopens after
toppled crane causes shutdown. Officials are investigating after a
120,000-pound crane overturned on northbound Interstate 5 at Avenida Pico in
San Clemente October 30 and blocked all northbound lanes for 13 hours. Source: http://www.utsandiego.com/news/2014/oct/30/major-traffic-backup-interstate-5-san-clemente/
· A small twin-engine plane crashed into a building shortly
after takeoff from Mid-Continent Airport in Wichita, Kansas, October 30 and
burst into flames, killing four people and injuring five who were sent to
nearby hospitals for treatment. – CNN
9. October 31, CNN – (Kansas) 4 killed after
plane hits building near Wichita airport. A small twin-engine plane crashed
into a building shortly after takeoff from Mid-Continent Airport in Wichita
October 30 and burst into flames, killing four people and injuring five who
were sent to nearby hospitals for treatment. The FlightSafety International
building was evacuated and deemed unsafe due to the fire and damage. Source: http://www.cnn.com/2014/10/30/us/kansas-wichita-airport-crash/index.html
· All Oakland,
California public schools were dismissed October 30 after a strong odor of
natural gas spread through the city as a result of an incident at a Pacific Gas
and Electric Company facility. – KPIX 5 San Francisco; San Francisco Bay
City News
16. October 30, KPIX 5 San Francisco; San Francisco Bay City
News – (California) Oakland schools, city hall, federal building
evacuated because of gas odor. All Oakland, California public schools were
dismissed October 30 after a strong odor of natural gas spread through the city
as a result of an incident at a Pacific Gas and Electric Company facility.
Crews worked to determine where the smell originated. Source: http://sanfrancisco.cbslocal.com/2014/10/30/oakland-federal-building-other-office-buildings-evacuated-after-gas-odor/
· Pennsylvania police
captured a suspect October 30 in an abandoned airplane hangar in Blooming Grove
after he surrendered following a September 12 targeted attack where the suspect
allegedly opened fire killing a trooper and seriously injuring another. – Associated
Press
21. October 31, Associated Press – (Pennsylvania) Captured:
manhunt ends for trooper ambush suspect. Pennsylvania police captured a
suspect October 30 in an abandoned airplane hangar in Blooming Grove after he
surrendered following a September 12 targeted attack where the suspect
allegedly opened fire killing a trooper and seriously injuring another. Source:
http://www.msn.com/en-us/news/crime/captured-manhunt-ends-for-trooper-ambush-suspect/ar-BBc6H2f
Financial Services Sector
4. October
31, Softpedia – (National) Capital One employee accesses customer
info without authorization. Capital One stated in a letter to affected
customers that a former employee at the bank gained unauthorized access to an
undisclosed amount of customer data that included names, account numbers, and
Social Security numbers. The company has increased security measures and law
enforcement agencies are investigating. Source: http://news.softpedia.com/news/Capital-One-Employee-Accesses-Customer-Info-without-Authorization-463624.shtml
5. October
30, BankInfoSecurity – (National) Phishing attack leads to title
firm breach. Fidelity National Financial notified an unspecified number of
customers that personal and financial information including payment card,
driver’s license, and Social Security numbers may have been compromised when
attackers gained access to employees’ email accounts via a phishing attack. The
company stated that an investigation showed that the attackers’ goal was to
obtain information in order to redirect scheduled money transfers. Source: http://www.bankinfosecurity.com/phishing-attack-leads-to-bank-breach-a-7502
6. October
30, Associated Press – (Texas) 2 women charged in $800k south
Texas bank scam. Two Zapata women were arrested October 30 and charged with
allegedly issuing and cashing around $800,000 in fraudulent checks from a
construction company. One of the accused worked at the construction company
while the other was employed by Zapata National Bank. Source: http://houston.cbslocal.com/2014/10/30/2-women-charged-in-800k-south-texas-bank-scam/
Information Technology Sector
22. October
31, Softpedia – (International) RIG Exploit Kit used in Drupal CMS exploit
incidents. RiskIQ researchers observed the RIG Exploit Kit being used in
attacks that exploit a critical SQL injection vulnerability in the Drupal
content management system (CMS) to redirect users to the exploit kit. The
researchers found that all instances of the exploit kit are hosted on a machine
at a Selectel datacenter in Russia. Source: http://news.softpedia.com/news/RIG-Exploit-Kit-Used-in-Drupal-CMS-Exploit-Incidents-463685.shtml
23. October
31, Securityweek – (International) iOS app vulnerability exposed GroupMe accounts.
A researcher identified and reported a vulnerability in the GroupMe app for
iOS that could have allowed an attacker to hijack the account of another user
due to the sign-up process for new accounts lacking rate limiting or a security
lockout mechanism on a phone number verification process. The issue was
reported August 28 and patched September 17, and the researcher stated that
there was no evidence it was exploited before being fixed. Source: http://www.securityweek.com/ios-app-vulnerability-exposed-groupme-accounts
24. October
31, Help Net Security – (International) Android dialer hides,
resists attempts to remove it. Researchers with Dr. Web identified a
malicious dialer for Android dubbed Android.Dialer.7.origin that places calls
to a paid service at regular intervals after infecting devices disguised as an
app. The malware attempts to hide itself by deleting its shortcut, disabling
the device earpiece during calls, and removing evidence of the calls from the
call and system logs. Source: http://www.net-security.org/malware_news.php?id=2903
25. October
30, The Register – (International) Danish court finds Pirate Bay cofounder
guilty of hacking CSC servers. A court in Denmark found a cofounder of the
Pirate Bay Web site guilty of working with an anonymous accomplice to
compromise servers belonging to U.S. company CSC that contained data for
European governments between February and August 2012. Source: http://www.theregister.co.uk/2014/10/30/danish_court_finds_pirate_bay_cofounder_guilty_of_hacking_csc_servers/
Communications Sector
26. October
30, Bristol Herald Courier – (Tennessee; Virginia) Phone and Internet
outage affects area CenturyLink customers Phone and Internet services as
well as 9-1-1 service were disrupted for CenturyLink customers in parts of
Tennessee and southwestern Virginia for nearly 8 hours October 30 due to a
damaged fiber optic cable. Source: http://www.tricities.com/news/article_57d434ca-607a-11e4-b637-001a4bcf6878.html