Tuesday, March 31, 2015



Complete DHS Report for  March 31, 2015

Daily Report

Top Stories

 · JetBlue Airways announced March 30 that a system-wide computer outage was resolved, causing delays for thousands of passengers after the airline had to issue handwritten boarding passes. – Associated Press

6. March 30, Associated Press – (National) JetBlue computer outage causes delays for passengers. JetBlue Airways announced March 30 that a system wide computer outage was resolved, causing delays for thousands of passengers after the airline had to issue handwritten boarding passes. The company stated that customers will likely face delays throughout the day while they worked to get operations back to normal. Source: http://abcnews.go.com/Business/wireStory/jetblue-computer-outage-delays-passengers-30001797

 · A Los Angeles Metro Expo line train slammed into a car at a crossing in front of the University of Southern California March 28 leaving 19 passengers injured as well as the car’s driver and train’s operator. – Associated Press

9. March 28, Associated Press – (California) LA light rail train hits car, partially derails; 21 hurt. A Los Angeles Metro Expo line train slammed into a car at a crossing in front of the University of Southern California March 28 leaving 19 passengers injured as well as the car’s driver and train’s operator. Authorities are investigating the incident and believe the driver was attempting to turn at a grade crossing and did not see the approaching train. Source: http://abcnews.go.com/US/wireStory/hurt-cars-hit-la-commuter-train-29976569

 · An accident involving a semi-truck carrying 15 chemicals in 55-gallon drums on Interstate 39-90 in Janesville, Wisconsin, prompted an estimated 13 hour closure of westbound lanes March 27. – WISC 3 Madison

10. March 28, WISC 3 Madison – (Wisconsin) Chemical spill shuts down I-90 most of Friday. An accident involving a semi-truck carrying 15 chemicals in 55-gallon drums that rear-ended another semi-truck parked on the shoulder of Interstate 39-90 in Janesville, Wisconsin, prompted the nearly 13 hour closure of westbound lanes March 27 while crews removed and cleaned up 4 damaged and leaking barrels found along the roadway. Over a dozen people were evacuated from nearby homes for 10 hours as a precaution. Source: http://www.channel3000.com/news/chemical-spill-shuts-down-interstate-in-janesville/32043946

 · The FBI is conducting an investigation after a U.S. National Security Agency police officer killed one man and seriously injured another while they were attempting to drive into the main gate of the agency’s headquarters at Fort Meade, Maryland, March 30. – CNN

19. March 30, CNN – (Maryland) One shot dead at Fort Meade after trying to ram NSA gate. The FBI is conducting an investigation after a U.S. National Security Agency police officer shot and killed one man and seriously injured another while they were attempting to drive into the main gate of the agency’s headquarters at Fort Meade, Maryland, March 30. Source: http://www.cnn.com/2015/03/30/us/fort-meade-nsa-incident/index.html

Financial Services Sector

5. March 30, U.S. Securities and Exchange Commission – (National) SEC announces fraud charges against investment adviser accused of concealing poor performance of fund assets from investors. The U.S. Securities and Exchange Commission charged an investment adviser and her New York-based Patriarch Partners firms with fraud March 30, for allegedly hiding the poor performance of loan assets in 3 collateralized loan obligation funds and collecting almost $200 million in illegitimate fees from investors. Source: http://www.sec.gov/news/pressrelease/2015-52.html

Information Technology Sector

22. March 30, Help Net Security – (International) Massive DDoS against GitHub continues. Systems engineers at GitHub reported that complex, large-scale distributed denial-of-service (DDoS) attacks against the company’s servers that started March 26 are ongoing but that all of the Web site’s services are available to users. Security researchers from Insight Labs traced the start of the attack to advertising and visitor tracking provided by the Chinese search engine Baidu. Source: http://www.net-security.org/secworld.php?id=18148

Communications Sector

23. March 29, WKYT 27 Lexington – (Kentucky) Timer Warner Cable reports outages for hundreds of Lexington customers. Time Warner Cable reported March 29 that an outage prompted by damage to their fiber network impacted service for less than 700 customers in Lexington. Crews worked to repair the damages and restore services. Source: http://www.wkyt.com/news/headlines/Time-Warner-Cable-reports-outages-for-hundreds-of-Lexington-customers-297929961.html

Monday, March 30, 2015



Complete DHS Report for  March 30, 2015

Daily Report

Top Stories

 · The U.S. Department of State announced rewards totaling $3 million March 26 for information leading to the arrest of 2 Russian nationals believed to be key members in the Carder.su financial and identity fraud scheme that has caused losses of at least $50 million. – Securityweek See item 6 below in the Financial Services Sector

 · Interstate 35 in Salado, Texas, reopened March 27 after it was closed for nearly 18 hours when a semi-truck crashed into a highway bridge and two beams fell onto the interstate hitting several vehicles March 26. – KWTX 10 Waco

8. March 27, KWTX 10 Waco – (Texas) I-35 reopens after fiery 18-wheeler crash kills 1, injures 3. Interstate 35 at Farm-to-market Road 2484 in Salado reopened in both directions March 27 after it was closed for nearly 18 hours when an oversized semi-truck crashed into a highway bridge and dislodged two beams that fell onto the interstate hitting several vehicles March 26. One individual was killed and 3 others were injured during the incident that remains under investigation. Source: http://www.kwtx.com/home/headlines/Major-Crash-On-Interstate-35-Shuts-Down-Highway-297669591.html

 · Authorities are investigating after 34 cars of a Union Pacific train derailed along the Nevada Subdivision in Lovelock March 25, prompting the delay of 33 trains that were rerouted around the scene. – Reno Gazette-Journal

12. March 26, Reno Gazette-Journal – (Nevada) Derailed Nevada train delays 33 others. Authorities are investigating after 34 cars of a 51-car Union Pacific train derailed along the Nevada Subdivision in Lovelock March 25. The derailment delayed 30 freight trains and 3 Amtrak trains that were rerouted around the scene where wreckage was strewn for hundreds of yards. Source: http://www.rgj.com/story/news/2015/03/26/derailed-car-train-delays-trains-churchill-co/70492756/

 · An apparent gas explosion March 26 destroyed 4 New York City apartment buildings, displacing residents from about 49 units, and injuring 19 individuals while 2 others were reportedly missing. – Reuters

25. March 27, Reuters – (New York) Police seek two people reportedly missing after New York explosion. An apparent gas explosion March 26 caused 2 apartment buildings to collapse and 2 adjacent apartment buildings to catch fire in the Manhattan area of New York City, displacing residents from about 49 units. Nineteen individuals were injured during the blast and 2 others were reportedly missing, while firefighters remained at the scene March 27 to search the rubble and extinguish smoldering debris. Source: http://www.reuters.com/article/2015/03/27/us-usa-new-york-collapse-missing-idUSKBN0MN1OO20150327

Financial Services Sector

6. March 27, Securityweek – (International) U.S. offers $3 million reward for alleged Russian cybercriminals. The U.S. Department of State announced rewards totaling $3 million March 26 for information leading to the arrest or conviction of 2 Russian nationals believed to be key members in the Carder.su operation, in which participants created and trafficked identification documents and payment cards and perpetrated financial fraud and identity theft, causing losses of at least $50 million. Thirty members involved in the operation have been convicted and 25 remaining are fugitives or pending trial. Source: http://www.securityweek.com/us-offers-3-million-reward-alleged-russian-cybercriminals

7. March 26, Associated Press – (New York) FINRA fines Oppenheimer $3.75M in employee fraud case. The Financial Industry Regulatory Authority issued a $3.75 million fine to Oppenheimer & Co., for failing to supervise and stop an employee from transferring $2.9 million of client funds to his own accounts or for use in excessive trades while he was under investigation for other fraud accusations, including a 2012 scheme in which he allegedly scammed a New York City Broadway show’s producers out of $20,000 after promising to raise $4.5 million from phony investors. Source: http://www.newsobserver.com/entertainment/celebrities/article16389836.html

For another story, see item 23 below in the Information Technology Sector

Information Technology Sector

20. March 27, Softpedia – (International) GitHub has been under a continuous DDoS attack in the last 24 hours. The GitHub Web site suffered a minor service outage March 26 and has been mitigating a sustained distributed denial-of-service (DDoS) attack on its servers that has lasted over 24 hours. Administrators reported that that connectivity resumed to normal after the attack was amplified March 27, and are continuing to monitor for any abnormalities. Source: http://news.softpedia.com/news/GitHub-Has-Been-Under-a-Continuous-DDoS-Attack-in-the-Last-24-Hours-476902.shtml

21. March 26, Threatpost – (International) GE fixes buffer overflow bug in DTM library. General Electric released a patch for a vulnerability in device type management (DTM) libraries affecting five Highway Addressable Remote Transducer (HART) digital communication devices deployed in various critical infrastructure areas, including one manufactured by MACTek. The vulnerability allows an attacker to execute arbitrary code by causing a buffer overflow in the product’s DTM and crashing the Field Device Tool (FDT) Frame Application. Source: https://threatpost.com/ge-fixes-buffer-overflow-bug-in-dtm-library/111817

22. March 27, CSO Online – (International) DDOS attacks less frequent last year, more dangerous. San Francisco-based Black Lotus Communications released a report which found that the total number of distributed denial-of-service (DDoS) attacks declined steadily in 2014, but increased in packet size by 3.4 times in the third quarter, and average attack size by 12.1 gigabits per second (Gbps) in the fourth quarter. The report also identified an increase in complex, hybrid network and application-layer attacks. Source: http://www.csoonline.com/article/2902309/network-security/ddos-attacks-less-frequent-last-year-more-dangerous.html#tk.rss_news

23. March 26, Securityweek – (International) Thousands of hijacked WordPress sites redirect users to exploit kits. Security researchers at Germany’s Computer Emergency Response Team (CERT-Bund) discovered that at least 3,000 Web sites have been compromised by a local file inclusion (LFI) vulnerability in the Slider Revolution WordPress plugin that allows attackers to take control of sites by accessing and downloading files from the affected server. Many victims are directed to exploit kit landing pages including Angler and Fiesta which can inject various ransomware, fraud malware, and trojan malware into affected systems. Source: http://www.securityweek.com/thousands-hijacked-wordpress-sites-redirect-users-exploit-kits

For additional stories, see items 6 above in the Financial Services Sector and 26 below from the Commercial Facilities Sector

26. March 26, SC Magazine – (International) Vulnerability found in popular hotel routers. Cylance researchers discovered an authentication flaw in the firmware of several models of InnGate routers that are commonly used by hotels and convention centers that can be exploited to distribute malware to guests, monitor and record data sent over the network, and possibly gain access to a hotel’s reservation and keycard system. The vulnerability was detected in 277 devices in 29 countries, including more than 100 devices located in the U.S. Source: http://www.scmagazine.com/vulnerability-discovered-in-inngate-routers/article/405708/

Communications Sector

24. March 27, Natchez Democrat – (Mississippi) Cut fiber optic line disables local Cable One Internet. A Cable ONE fiber optic cable was cut by Media 3 crews that were attempting to run their own cable March 26, causing service outages for 100 percent of Internet and phone customers and approximately 15 percent of cable customers in the Natchez area. Service was expected to be restored more than 6 hours after the line was severed. Source: http://www.natchezdemocrat.com/2015/03/27/cut-fiber-optic-line-disables-local-cable-one-internet/