Complete DHS Report for January 9, 2015
Daily Report
Top Stories
·
An accident involving a semi-truck carrying military-grade explosives closed
U.S. Highway 271 in Grant, Oklahoma, for approximately 15 hours January 7 until
an ordnance team reported that the explosives were stable and safe. – KXII
12 Sherman
8. January
8, KXII 12 Sherman – (Oklahoma) Semi carrying explosives wrecks
on Choctaw Co. highway. An accident involving a semi-truck carrying military-grade
explosives and a vehicle prompted law enforcements and Choctaw County Emergency
Management team to close down all lanes of U.S. Highway 271 in Grant, Oklahoma,
for approximately 15 hours as a precaution January 7. An ordnance team reported
that the explosives were stable and safe after inspection and reopened the
highway. Source: http://www.kxii.com/morningshow/headlines/Highway-reopened-after-semi-accident--287784251.html
·
Police fatally shot a man outside of Port Columbus International Airport in
Ohio January 7 after the suspect allegedly attempted to use a fake ID to
purchase a plane ticket and then pulled a knife when confronted. – WLWT 5
Cincinnati; Associated Press
10. January
8, WLWT 5 Cincinnati; Associated Press – (Ohio) Man killed by
police at Columbus airport identified. A man was shot and killed during an
officer-involved shooting outside of Port Columbus International Airport
January 7 after the suspect allegedly attempted to use a fraudulent ID to
purchase a plane ticket and then lunged at police with a knife when confronted.
Some areas of the airport were placed off-limits and passengers diverted around
them, while the incident also caused some flight delays. Source: http://www.wlwt.com/news/1-dead-in-officerinvolved-shooting-at-columbus-airport/30577822
·
A former Shell Pipeline Company employee pleaded guilty January 7 in federal
court in Milwaukee, Wisconsin, for failing to follow federal law which led to a
spill of 9,000 gallons of jet fuel in January 2012 costing $19 million for
cleanup. – Milwaukee-Wisconsin Journal Sentinel
11. January
7, Milwaukee-Wisconsin Journal Sentinel – (Wisconsin) Ex-Shell
worker pleads guilty in Mitchell airport fuel spill. A former employee of
Shell Pipeline Company pleaded guilty January 7 in federal court in Milwaukee
for failing to follow federal law while doing his job to oversee maintenance of
a jet fuel pipeline near Mitchell International Airport which led to a spill of
9,000 gallons of jet fuel in January 2012 costing $19 million for cleanup.
Source: http://www.jsonline.com/news/crime/ex-worker-pleads-guilty-in-massive-mitchell-airport-fuel-spill-b99421937z1-287833691.html
·
One person was taken into custody as the Tanglewood apartment complex in Kansas
City, Missouri, was evacuated January 8 while authorities removed apparent
improvised explosive devices from a unit in the building. – Kansas City Star
36. January
8, Kansas City Star – (Missouri) Possible explosives force
evacuation of Kansas City, North apartments. One person was taken into
custody as residents were evacuated from the Tanglewood apartment complex in
the Northland area of Kansas City January 8 while authorities removed apparent
improvised home-made explosive devices and some precursor chemicals from a unit
in the building. The discovery was made after police initially responded to
check on a possible suicidal person at the complex. Source: http://www.kansascity.com/news/local/article5608344.html
Financial Services Sector
7. January 7,
Securityweek – (International) Attackers spread Dridex banking trojan via
malicious macros. Researchers with Trustwave identified an attack campaign
that uses phishing emails to attempt to spread the Dridex banking malware
through Microsoft Office documents containing malicious macros. The campaign
prompts users to enable macros and is currently targeting users in the U.K.
Source: http://www.securityweek.com/attackers-spread-dridex-banking-trojan-malicious-macros
Information Technology Sector
31. January 8,
Help Net Security – (International) Hackers use Pastebin to deliver backdoor
code. Researchers with Sucuri Security identified several attacks targeting
WordPress Web sites running outdated versions of the RevSlider plugin that
downloads malicious code hosted on the Pastebin service to the targeted sites,
where it is then executed. A vulnerability in the plugin is then used to
install a backdoor on the targeted sites. Source: http://www.net-security.org/malware_news.php?id=2937
32. January 8,
The Register – (International) Thunderstrike shocks OS X with firmware
bootkit. A researcher presented at the Chaos Communications Congress
security conference an outlined attack dubbed Thunderstrike that can use legacy
option ROMs to replace the RSA keys in Mac OS X machines’ extensible firmware
interface (EFI) and allow the installation of malicious firmware. The attack
works against Macbooks released since the introduction of Thunderbolt in 2011
and requires brief physical access, though the researcher stated that it may be
able to be exploited remotely. Source: http://www.theregister.co.uk/2015/01/08/thunderstrike_shocks_os_x_with_first_firmware_bootkit/
33. January 8,
Softpedia – (International) 8chan attacked with Lizard Stresser and
knocked offline. The 8chan image board service experienced a distributed
denial of service (DDoS) attack January 8, preventing users from accessing the
site. The Twitter account of the Lizard Squad hacktivist group stated that the
group’s Lizard Stresser DDoS tool was being used in the attack. Source: http://news.softpedia.com/news/8chan-Attacked-with-Lizard-Stresser-and-Knocked-Offline-469327.shtml
34. January 7,
SC Magazine – (International) Stealthy ‘XOR.DDoS’ trojan infects Linux
systems, installs rootkit. Researchers with Avast reported that the
recently discovered XOR.DDoS malware has been targeting Linux systems and is
using a rootkit to avoid detection. The malware is possibly being used by a
small group to build up infrastructure for use in distributed denial of service
(DDoS) attacks. Source: http://www.scmagazine.com/malware-targets-linux-and-arm-architecture/article/391497/
For another story, see item 7 above in the Financial Services Sector
Communications Sector
Nothing to report