Complete DHS Report for February 26, 2015
Daily Report
Top Stories
· The
Federal Aviation Administration allowed Southwest Airlines Co., February 24 to
continue flying 128 planes that were grounded due to missed inspections, as
long as the planes are checked within 5 days. – Associated Press (See
item 4)
4. February
25, Associated Press – (National) FAA: Southwest for now can use
planes that missed inspection. The Federal Aviation Administration allowed
Southwest Airlines Co., February 24 to continue flying 128 planes that were
grounded due to missed inspections of backup hydraulic systems used to control
the rudder, as long as the planes are checked within 5 days. The airline stated
that they canceled about 80 flights after the discovery and expected to cancel
up to 19 more February 25 during inspections. Source: http://www.msn.com/en-us/news/us/faa-southwest-for-now-can-use-planes-that-missed-inspection/ar-BBhWx5Q
· A water
main break at the University of Pittsburgh at Bradford in Pennsylvania,
February 23 caused about 18,000 customers including businesses and schools to
lose water service or have low water pressure, prompting a boil advisory. – WGRZ
2 Buffalo
13. February
24, WGRZ 2 Buffalo – (Pennsylvania) Pipe replaced, but water
problems continue in Bradford. A February 23 break of a 24-inch water main
at the University of Pittsburgh at Bradford caused an estimated 18,000 people
in the city to lose water service or have low water pressure, prompting a boil
advisory. The university and city schools and businesses were closed through
February 27 due to the outage. Source: http://www.wgrz.com/story/news/local/2015/02/23/bradford-water-main-break-boil-water/23908573/
·
Anthem Inc., announced February 24 that 8.8 million to 18.8 million members of
other Blue Cross Blue Shield health insurance plans may have been affected by a
breach reported by the company in February. – Reuters (See item 14)
14. February
24, Reuters – (National) Anthem says hack may affect more than
8.8 million other BCBS members. Anthem Inc., announced February 24 that 8.8
million to 18.8 million members of other Blue Cross Blue Shield health
insurance plans may have been affected by a breach reported by the company in
February. Anthem updated the total number of records accessed in the database
to 78.8 million customers, including 14 million incomplete records. Source: http://www.reuters.com/article/2015/02/25/us-anthem-cybersecurity-idUSKBN0LS2CS20150225
· Government
offices in 50 northern Georgia counties were closed and a state of emergency
was declared, as well as in Alabama and Tennessee due to a winter storm that
also prompted schools across southern U.S. States to close February 25. – CNN
15. February 25, CNN – (National) Groan with the
wind: The south gets hit with another winter storm. State government
offices in 50 northern Georgia counties were closed and a state of emergency
was declared, as well as in Alabama and Tennessee due to a winter storm that
also prompted schools across southern U.S. States to close February 25.
Approximately 1,330 flights in and out of the U.S. were also canceled due to
the impending storm. Source: http://www.cnn.com/2015/02/25/us/winter-weather/index.html
Financial Services Sector
3. February
24, U.S. Department of Justice – (California) Los Angeles-area
executive arrested in $9 million bank fraud scheme. An executive of
Ontario, California based Eastern Tools and Equipment was arrested February 24
following an October 2014 indictment for his role in a scheme to defraud United
Commercial Bank and East West Bank of more than $9 million. The executive and
his co-conspirators allegedly overstated Eastern Tools’ accounts receivable to
increase the company’s line of credit with the banks then shifted money from
the company’s bank accounts into about 20 shell companies before siphoning the
money into their personal accounts. Source: http://www.fbi.gov/losangeles/press-releases/2015/los-angeles-area-executive-arrested-in-9-million-bank-fraud-scheme
Information Technology Sector
21. February 25, Securityweek – (International) Mozilla
fixes 17 vulnerabilities in Firefox 36. Mozilla released version 36 of its
Firefox browser closing 17 vulnerabilities and flaws, including 4 rated as
critical. Source: http://news.softpedia.com/news/Firefox-36-Fixes-Long-List-of-Security-Bugs-474150.shtml
22. February 25, Help Net Security –
(International) New DDoS attack and tools use Google Maps plugin as proxy. PLXsert
security researchers discovered that attackers are exploiting a known
vulnerability in Joomla’s Google Maps plugin by spoofing the sources of
requests, causing results to be sent from proxies to their denial of service
(DDoS) targets. Researchers identified more than 150,000 potential Joomla reflectors
on the internet, many of which remain vulnerable to be used for this type of
attack. Source: http://www.net-security.org/secworld.php?id=18002
23. February 25, Threatpost – (International) Ramnit
botnet shut down. Europol Cybercrime Centre (EC3) investigators, Microsoft,
AnubisNetworks, and Symantec carried out an operation to shut down the Ramnit
botnet’s 7 command and control (C&C) servers and redirected traffic from
300 domains used by the botnet. EC3 estimated that more than 3.2 million Windows
computers have been infected with the botnet via spam campaigns, phishing
scams, and drive-by downloads that installed malicious code to grant attackers
access to banking credentials and other log-in information. Source: http://threatpost.com/ramnit-botnet-shut-down/111254
24. February 24, Securityweek – (International) McAfee:
Popular mobile apps remain vulnerable to MitM flaws found last year. Intel
Security’s McAfee Labs reported that almost 75 percent of the most popular
mobile apps found vulnerable to man-in-the-middle (MitM) attacks remain exposed
to attacks since they were first identified in a September 2014 analysis by the
Computer Emergency Response Team (CERT) at Carnegie Mellon University. Source: http://www.securityweek.com/mcafee-popular-mobile-apps-remain-vulnerable-mitm-flaws-found-last-year
Communications Sector
Nothing to report
No comments:
Post a Comment