· A
Romanian national extradited from Sweden in 2014 pleaded guilty in federal
court in Newark, New Jersey, January 29 to leading an ATM skimming scheme that
targeted bank customers and defrauded several financial institutions of at
least $5 million.– Bergen Dispatch
2. January
29, Bergen Dispatch – (International) Romanian national admits role as ringleader
of $5 million ATM skimming scheme. A Romanian national extradited from
Sweden in 2014 pleaded guilty in federal court in Newark, New Jersey, January
29 to leading an ATM skimming scheme that targeted thousands of bank customers
across multiple States and defrauded several financial institutions of at least
$5 million. Eleven of the 15 alleged co-conspirators have pleaded guilty to
charges in connection to the scheme. Source: http://www.bergendispatch.com/articles/35761711/Romanian-National-Admits-Role-as-Ringleader-of-5-million-ATM-Skimming-Scheme.aspx
· A hydrogen peroxide leak in a 3,300-gallon tank within the
storm water treatment containment system at the Port of Olympia in Washington
prompted the 3- hour evacuation of several businesses January 28. – KCPQ 13
Tacoma
7. January
28, KCPQ 13 Tacoma – (Washington) Chemical leak at Port of Olympia forces
evacuations for about 3 hours; no injuries. A hydrogen peroxide leak in a
3,300-gallon tank within the storm water treatment containment system at the
Port of Olympia
in Washington prompted the 3- hour evacuation of several businesses and a
shelter-in-place order for another 6-8 businesses surrounding the port while
authorities investigated. Officials are assessing the amount of damage caused
by the leak. Source: http://q13fox.com/2015/01/28/harmful-chemical-spills-at-port-of-olympia-businesses-evacuated/
· A January 29 fire at the
Brotman Medical Center in Culver City, California, forced the partial
evacuation of approximately 120 patients and 220 staff members for 4 hours
while crews contained the fire and removed the smoke. – KTLA 5 Los Angeles
18. January 29, KTLA 5 Los
Angeles – (California) Culver
City Hospital evacuated due to fire; 120 patients, 220 staffers moved. A
January 29 fire at the Brotman Medical Center in Culver City forced the partial
evacuation of approximately 120 patients and 220 staff members for 4 hours
while crews contained the fire and removed the smoke. Smoke from the rooftop
fire was pulled into the air system and redistributed into a building in the
hospital. Source: http://ktla.com/2015/01/29/culver-city-hospital-evacuated-due-to-fire-patients-moved-outside/
· An explosive device was
discovered at the Budget Saver Motel Annex in Coeur d’Alene, Idaho, January 27
prompting an evacuation of the motel and nearby apartments.– Coeur d’Alene
Press
33. January
28, Coeur d’Alene Press – (Idaho) Pipe bomb found. A 5-inch-long
explosive device was discovered by management at the Budget Saver Motel Annex
in Coeur d’Alene January 27 prompting an evacuation of the motel and nearby
apartments. Bomb squad members removed the device without incident and law
enforcement continued to investigate. Source: http://www.cdapress.com/news/local_news/article_475d980d-5398-5ba3-9445-e6f88e1dccbf.html
Financial Services Sector
2. January
29, Bergen Dispatch – (International) Romanian national admits role as ringleader
of $5 million ATM skimming scheme. A Romanian national extradited from
Sweden in 2014 pleaded guilty in federal court in Newark, New Jersey, January
29 to leading an ATM skimming scheme that targeted thousands of bank customers
across multiple States and defrauded several financial institutions of at least
$5 million. Eleven of the 15 alleged co-conspirators have pleaded guilty to
charges in connection to the scheme. Source: http://www.bergendispatch.com/articles/35761711/Romanian-National-Admits-Role-as-Ringleader-of-5-million-ATM-Skimming-Scheme.aspx
Information Technology Sector
27. January 30, Securityweek – (International) New
“F0xy” malware uses clever techniques to stay hidden. Websense researchers
discovered a new piece of malware that uses legitimate Web sites and services
to minimize its detection so it can download a crypto-currency miner onto an
infected machine. Earlier versions of the malware worked solely on Windows
Vista and later versions of Microsoft’s operating system, while the most recent
variants will also run on Windows XP. Source: http://www.securityweek.com/new-%E2%80%9Cf0xy%E2%80%9D-malware-uses-clever-techniques-stay-hidden
28. January 30, Softpedia – (International) Multiple
security weaknesses in Microsoft Outlook for iOS revealed by developer. A
developer at GmbH discovered that Microsoft Outlook for iOS functions violate
best security practices and present business risks by storing business email
credentials in the cloud and allowing use of a single ID across devices,
creating challenges for administrators to maintain security levels for company
data. Source: http://news.softpedia.com/news/Multiple-Security-Weaknesses-in-Microsoft-Outlook-for-iOS-Revealed-by-Developer-471688.shtml
29. January 30, Securityweek – (International) Skeleton
Key malware linked to backdoor trojan: Symantec. Symantec researchers
reported that the Trojan.Skelky (Skeleton Key) malware appears to have been
used in conjunction with the Backdoor. Winnti malware family and is capable of
bypassing authentication on Active Directory (AD) systems. Skeleton Key malware
was identified by Dell SecureWorks in January and was detected on computers in
five unidentified organizations with offices in the U.S. and Vietnam since
2013. Source: http://www.securityweek.com/skeleton-key-malware-linked-backdoor-trojan-symantec
For another story, see
item 1 below from the Critical Manufacturing Sector
1. January 30, Softpedia – (International) Vulnerability
in Connected Drive allows unlocking BMW cars via mobile phone. German
automobile club ADAC identified a security flaw in a digital-service system,
Connected Drive, which is installed on 2.2 million BMW vehicles worldwide, that
could allow an attacker to unlock the car’s doors and manipulate functions
activated by a SIM card. BMW officials confirmed the flaw and stated that a fix
would be released by January 31 for the affected BMW, Mini, and Rolls Royce
vehicles produced between March 2010 and December 2014. Source: http://news.softpedia.com/news/Connected-Drive-Glitch-Allows-2-2-Million-BMW-Cars-To-Be-Unlocked-via-Phone-471708.shtml
Communications Sector
Nothing to report