Complete DHS Report for March
30, 2015
Daily Report
Top Stories
· The U.S.
Department of State announced rewards totaling $3 million March 26 for
information leading to the arrest of 2 Russian nationals believed to be key
members in the Carder.su financial and identity fraud scheme that has caused
losses of at least $50 million. – Securityweek See item 6 below in the Financial Services Sector
· Interstate
35 in Salado, Texas, reopened March 27 after it was closed for nearly 18 hours
when a semi-truck crashed into a highway bridge and two beams fell onto the
interstate hitting several vehicles March 26. – KWTX 10 Waco
8. March
27, KWTX 10 Waco – (Texas) I-35 reopens after fiery 18-wheeler
crash kills 1, injures 3. Interstate 35 at Farm-to-market Road 2484 in
Salado reopened in both directions March 27 after it was closed for nearly 18
hours when an oversized semi-truck crashed into a highway bridge and dislodged
two beams that fell onto the interstate hitting several vehicles March 26. One
individual was killed and 3 others were injured during the incident that
remains under investigation. Source: http://www.kwtx.com/home/headlines/Major-Crash-On-Interstate-35-Shuts-Down-Highway-297669591.html
· Authorities
are investigating after 34 cars of a Union Pacific train derailed along the
Nevada Subdivision in Lovelock March 25, prompting the delay of 33 trains that
were rerouted around the scene. – Reno Gazette-Journal
12. March 26,
Reno Gazette-Journal – (Nevada) Derailed Nevada train delays 33 others. Authorities
are investigating after 34 cars of a 51-car Union Pacific train derailed along
the Nevada Subdivision in Lovelock March 25. The derailment delayed 30 freight
trains and 3 Amtrak trains that were rerouted around the scene where wreckage
was strewn for hundreds of yards. Source: http://www.rgj.com/story/news/2015/03/26/derailed-car-train-delays-trains-churchill-co/70492756/
· An
apparent gas explosion March 26 destroyed 4 New York City apartment buildings,
displacing residents from about 49 units, and injuring 19 individuals while 2
others were reportedly missing. – Reuters
25. March 27, Reuters – (New York) Police seek
two people reportedly missing after New York explosion. An apparent gas
explosion March 26 caused 2 apartment buildings to collapse and 2 adjacent
apartment buildings to catch fire in the Manhattan area of New York City,
displacing residents from about 49 units. Nineteen individuals were injured
during the blast and 2 others were reportedly missing, while firefighters
remained at the scene March 27 to search the rubble and extinguish smoldering
debris. Source: http://www.reuters.com/article/2015/03/27/us-usa-new-york-collapse-missing-idUSKBN0MN1OO20150327
Financial Services Sector
6. March 27,
Securityweek – (International) U.S. offers $3 million reward for alleged
Russian cybercriminals. The U.S. Department of State announced rewards
totaling $3 million March 26 for information leading to the arrest or
conviction of 2 Russian nationals believed to be key members in the Carder.su
operation, in which participants created and trafficked identification
documents and payment cards and perpetrated financial fraud and identity theft,
causing losses of at least $50 million. Thirty members involved in the
operation have been convicted and 25 remaining are fugitives or pending trial.
Source: http://www.securityweek.com/us-offers-3-million-reward-alleged-russian-cybercriminals
7. March 26,
Associated Press – (New York) FINRA fines Oppenheimer $3.75M in employee fraud
case. The Financial Industry Regulatory Authority issued a $3.75 million
fine to Oppenheimer & Co., for failing to supervise and stop an employee
from transferring $2.9 million of client funds to his own accounts or for use
in excessive trades while he was under investigation for other fraud
accusations, including a 2012 scheme in which he allegedly scammed a New York
City Broadway show’s producers out of $20,000 after promising to raise $4.5
million from phony investors. Source: http://www.newsobserver.com/entertainment/celebrities/article16389836.html
For another story, see item 23 below in the Information Technology Sector
Information Technology Sector
20. March 27, Softpedia – (International) GitHub
has been under a continuous DDoS attack in the last 24 hours. The GitHub
Web site suffered a minor service outage March 26 and has been mitigating a
sustained distributed denial-of-service (DDoS) attack on its servers that has
lasted over 24 hours. Administrators reported that that connectivity resumed to
normal after the attack was amplified March 27, and are continuing to monitor
for any abnormalities. Source: http://news.softpedia.com/news/GitHub-Has-Been-Under-a-Continuous-DDoS-Attack-in-the-Last-24-Hours-476902.shtml
21. March 26, Threatpost – (International) GE
fixes buffer overflow bug in DTM library. General Electric released a patch
for a vulnerability in device type management (DTM) libraries affecting five
Highway Addressable Remote Transducer (HART) digital communication devices
deployed in various critical infrastructure areas, including one manufactured
by MACTek. The vulnerability allows an attacker to execute arbitrary code by
causing a buffer overflow in the product’s DTM and crashing the Field Device
Tool (FDT) Frame Application. Source: https://threatpost.com/ge-fixes-buffer-overflow-bug-in-dtm-library/111817
22. March 27, CSO Online – (International) DDOS
attacks less frequent last year, more dangerous. San Francisco-based Black
Lotus Communications released a report which found that the total number of
distributed denial-of-service (DDoS) attacks declined steadily in 2014, but
increased in packet size by 3.4 times in the third quarter, and average attack
size by 12.1 gigabits per second (Gbps) in the fourth quarter. The report also
identified an increase in complex, hybrid network and application-layer
attacks. Source: http://www.csoonline.com/article/2902309/network-security/ddos-attacks-less-frequent-last-year-more-dangerous.html#tk.rss_news
23. March 26, Securityweek – (International) Thousands
of hijacked WordPress sites redirect users to exploit kits. Security
researchers at Germany’s Computer Emergency Response Team (CERT-Bund)
discovered that at least 3,000 Web sites have been compromised by a local file
inclusion (LFI) vulnerability in the Slider Revolution WordPress plugin that
allows attackers to take control of sites by accessing and downloading files
from the affected server. Many victims are directed to exploit kit landing
pages including Angler and Fiesta which can inject various ransomware, fraud
malware, and trojan malware into affected systems. Source: http://www.securityweek.com/thousands-hijacked-wordpress-sites-redirect-users-exploit-kits
For additional stories,
see items 6 above in the Financial Services Sector and 26 below
from the Commercial Facilities Sector
26. March 26, SC Magazine – (International) Vulnerability
found in popular hotel routers. Cylance researchers discovered an
authentication flaw in the firmware of several models of InnGate routers that
are commonly used by hotels and convention centers that can be exploited to
distribute malware to guests, monitor and record data sent over the network,
and possibly gain access to a hotel’s reservation and keycard system. The
vulnerability was detected in 277 devices in 29 countries, including more than
100 devices located in the U.S. Source: http://www.scmagazine.com/vulnerability-discovered-in-inngate-routers/article/405708/
Communications Sector
24. March 27, Natchez
Democrat – (Mississippi) Cut fiber optic line disables local
Cable One Internet. A Cable ONE fiber optic cable was cut by Media 3 crews
that were attempting to run their own cable March 26, causing service outages
for 100 percent of Internet and phone customers and approximately 15 percent of
cable customers in the Natchez area. Service was expected to be restored more
than 6 hours after the line was severed. Source: http://www.natchezdemocrat.com/2015/03/27/cut-fiber-optic-line-disables-local-cable-one-internet/