Complete DHS Report for November 6, 2014
Daily Report
Top Stories
· The federal government filed suit against Southwest
Airlines November 3 seeking $12 million in penalties following an investigation
by the Federal Aviation Administration alleging that repairs on 44 aircraft did
not meet safety standards or adhere to proper procedures. – Associated Press
7. November
4, Associated Press – (National) US sues Southwest Airlines over maintenance
issues. The federal government filed suit against Dallas-based Southwest
Airlines Co. November 3 after a settlement could not be reached following an
investigation in July by the Federal Aviation Administration alleging that the
company hired a contractor that did not meet safety standards or follow proper
procedures while making repairs on 44 aircraft. The U.S. Department of Justice
is seeking civil penalties worth $12 million against the company. Source: http://seattletimes.com/html/businesstechnology/2024946254_apxsouthwestairlinesfine.html
· A November 4 fire at a poultry operation on a North
Cornwall Township, Pennsylvania farm killed 20,000 hatchling chickens and
caused an estimated $500,000 in damages. – Reuters
9. November 4, Reuters – (Pennsylvania) Barn
fire kills 20,000 young chickens near Lebanon, Pennsylvania. A November 4
fire at a poultry operation on a North Cornwall Township farm killed 20,000
hatchling chickens and caused an estimated $500,000 in damages. Officials ruled
that the cause of the fire could not be determined due to the severity of the
blaze. Source: http://www.reuters.com/article/2014/11/04/us-usa-pennsylvania-chickens-idUSKBN0IO23W20141104
· California voters approved $7.5 billion November 4 to fund
water projects and programs designed to improve water conservation and
recycling, groundwater cleanup, and water storage as well as for building two
new reservoirs. – Associated Press
13. November 4, Associated Press – (California) California
voters approve $7.5 billion water bond. California voters approved $7.5
billion November 4 to fund water projects and programs designed to improve
water conservation and recycling, groundwater cleanup, and water storage as
well as for building two new reservoirs. Source: http://www.news10.net/story/news/local/california/2014/11/05/california-prop-1-results/18510121/
· Sixty residents were displaced from a Schaumburg, Illinois
apartment community following a November 4 fire that rendered each of the
complex’s three buildings uninhabitable. – Chicago Sun-Times
27. November 4, Chicago Sun-Times – (Illinois) 60
displaced, one injured in Schaumburg apartment fire. Sixty residents were
displaced from a Schaumburg apartment community following a November 4 fire
that rendered each of the complex’s three buildings uninhabitable due to fire,
smoke, and water damage. One person was transported to an area hospital with
non-life-threatening injuries. Source: http://www.myfoxchicago.com/story/27275020/60-displaced-one-injured-in-schaumburg-apartment-fire
Financial Services Sector
3. November
5, Softpedia – (California) Palm Springs Federal Credit Union
loses hard drive with customer data. An audit at Palm Springs Federal
Credit Union in California found that a hard drive containing an undisclosed
number of customers’ names, Social Security numbers, account numbers, and
addresses was unaccounted for on or about October 20. There was no statement on
whether the data was encrypted or unencrypted. Source: http://news.softpedia.com/news/Palm-Springs-Federal-Credit-Union-Loses-Hard-Drive-with-Customer-Data-464078.shtml
4. November
5, Norfolk Virginian-Pilot – (Virginia) Ex-Va. Beach broker
admits embezzling from clients. A Virginia Beach man who formerly worked as
a financial advisor for Ameriprise Financial pleaded guilty November 4 to
embezzling $192,000 from 5 clients through 86 unauthorized transactions.
Source: http://hamptonroads.com/2014/11/exva-beach-broker-admits-embezzling-clients#
5. November
4, Orange County Register – (California) Serial bank robber
strikes in Costa Mesa. Federal authorities believe that the man who robbed
a U.S. Bank branch November 4 in Costa Mesa is the suspect known as the “Gift
Bag Bandit” responsible for five other bank robberies in the area in 2011.
Source: http://www.ocregister.com/articles/bank-640896-suspect-money.html
6. November
4, Associated Press – (Maryland) Maryland, federal authorities
seek ATM skimmer who has netted more than $100,000. Maryland and federal
authorities are trying to identify a man seen in surveillance photos believed
to be responsible for using skimming devices and pin hole cameras to steal more
than $100,000 using stolen ATM card data. Authorities believe the suspect is
operating in several Maryland counties and perhaps in one or more neighboring
States. Source: http://www.therepublic.com/view/story/685d188bb38a43dcbe49e429daa9f864/MD--ATM-Skimming-Investigation
For another story, see item 24 below
in the Information Technology Sector
Information Technology Sector
22. November
5, Ars Technica – (International) Crypto attack that hijacked Windows Update
goes mainstream in Amazon Cloud. A researcher stated that he was able to
replicate the MD5 hash collision method used in the Flame cyberespionage
attacks using a GPU instance on Amazon Web Service to cause two images to have
the same MD5 hash. The method was used in the Flame campaign to cause
compromised Windows Update certificates to be recognized as valid on targeted
systems, allowing malware to be downloaded undetected. Source: http://arstechnica.com/security/2014/11/crypto-attack-that-hijacked-windows-update-goes-mainstream-in-amazon-cloud/
23. November
5, Help Net Security – (International) New technique makes phishing sites easier to
create, more difficult to spot. Trend Micro researchers identified a new
phishing site technique targeting an e-commerce site that uses a proxy to relay
user traffic to a legitimate site and then redirects users to a phishing site
once they make a purchase and enter payment information. The method was
observed in an attack on an online store in Japan but could be used for other
sites. Source: http://www.net-security.org/secworld.php?id=17592
24. November
4, Softpedia – (International) Compromised EDU domain used to send out
ZeuS-laden emails. Researchers with PhishMe detected a spam email campaign
distributing the Zeus (also known as Zbot) information-stealing trojan through
email addresses belonging to an undisclosed U.S. educational organization with
around 25,000-30,000 enrolled students. Source: http://news.softpedia.com/news/Compromised-EDU-Domain-Used-to-Send-Out-ZeuS-Laden-Emails-464072.shtml
25. November
4, SC Magazine – (International) Spin.com redirects to Rig Exploit Kit,
infects users with malware, Symantec observes. Symantec researchers stated
November 4 that the music news Web site Spin.com was redirecting users to a
page hosting the Rig Exploit Kit October 27 and that the issue has been closed.
The researchers were unsure of how the compromise occurred but found that the
attackers injected an iFrame into the site in order to redirect visitors.
Source: http://www.scmagazine.com/the-popular-music-news-site-redirected-visitors-to-the-rig-exploit-kit/article/381364/
Communications Sector
Nothing to report