Tuesday, October 6, 2015




Complete DHS Report for October 6, 2015

Daily Report                                            

Top Stories

  • Scottrade officials reported October 2 that the contact information for 4.6 million customers was compromised after internal and Federal investigations reportedly revealed unauthorized access to systems housing the information. – Krebs on Security See item 4 below in the Financial Services Sector

 • Several roadways, school districts, and apartment complexes in South Carolina were closed or damaged October 4 due to a series of storms and Hurricane Joaquin which dumped rain and caused flooding in the State. – Wall Street Journal

5. October 5, Wall Street Journal – (South Carolina) Flooding from Hurricane Joaquin shuts roads, schools in South Carolina. A 70-mile stretch of Interstate 95 was closed October 4, along with several other roadways and bridges in South Carolina due to a series of storms and Hurricane Joaquin which dumped rain and caused flooding in the State. Universities and 19 local school systems were closed while a number of apartment complexes flooded. Source: http://www.wsj.com/articles/obama-declares-state-of-emergency-in-south-carolina-as-hurricane-joaquin-adds-to-flooding-1443972189

 • Officials reported October 3 that nearly 400 students and teachers have been affected by an ongoing norovirus outbreak in 11 northern Nevada schools. – Associated Press

19. October 3, Associated Press – (Nevada) Norovirus outbreak affects hundreds of Nevada students, teachers. Officials reported October 3 that nearly 400 students and teachers have been affected by a norovirus outbreak in 11 northern Nevada schools following the start of the outbreak September 16 at Reno Elementary School. Schools were ordered to sanitize and thoroughly clean the buildings, and sick students and adults were ordered to stay home for at least 72 hours until symptoms subsided. Source: http://www.foxnews.com/health/2015/10/03/norovirus-outbreak-affects-hundreds-nevada-students-teachers/

 • Officials reported that a 4-alarm fire October 4 destroyed Cho Senter market in California, prompted an evacuation of five nearby mobile homes, and temporarily closed dozens of surrounding businesses. – San Jose Mercury News

22. October 5, San Jose Mercury News – (California) San Jose: Early morning four-alarm blaze destroys businesses and threatens trailer park. Officials reported that a 4-alarm fire destroyed Cho Senter market in San Jose, prompted an evacuation of five nearby mobile homes, and temporarily closed dozens of surrounding businesses while fire crews extinguished the blaze October 4. The cause of the fire remains under investigation and authorities are assessing the total amount of damages. Source: http://www.mercurynews.com/bay-area-news/ci_28919907/san-jose-firefighters-battle-4-alarm-grocery-store

Financial Services Sector

4. October 2, Krebs on Security – (National) Scottrade breach hits 4.6 million customers. Scottrade officials reported October 2 that contact information and possibly Social Security numbers of 4.6 million customers were compromised after internal and Federal investigations reportedly revealed unauthorized access to systems housing the information between late 2013 – early 2014. The company does not believe any Social Security numbers were accessed, and that the breach focused solely on contact information. Source: https://krebsonsecurity.com/2015/10/scottrade-breach-hits-4-6-million-customers/

Information Technology Sector

20. October 5, SC Magazine – (International) Zero day vulnerability found in VMware product. Researchers from 7 Elements discovered a VMware vCentre zero day vulnerability involving the deployment of the JMX/RMI service used in the management interface in which an attacker could gain unauthorized remote system access to the hosting server, leading to full enterprise environment compromise. VMware reported that it is working on releasing a patch to address the vulnerability.

21. October 3, Softpedia – (International) Fareit malware uses different file hash for each attack to avoid AV detection. Security researchers from Cisco’s Talos team discovered a new version of the Fareit trojan specializing in information stealing that changes its file hash with each infection. Researchers found only 23 shared common hashes out of 2,455 recorded samples, and determined that the samples communicated with only 2 command and control (C&C) servers. Source: http://news.softpedia.com/news/fareit-malware-uses-different-file-hash-for-each-attack-to-avoid-av-detection-493525.shtml

Communications Sector

Nothing to report