Wednesday, November 25, 2015



Complete DHS Report for November 25, 2015

Daily Report                                            

Top Stories

• Utility crews worked to restore power to 29,000 customers that remained without service in Spokane County November 23 while public schools remained closed through November 27following a November 17 winter storm. – Associated Press

1.     November 23, Associated Press – (Washington) Tens of thousands in Washington state shiver without power. Utility crews worked to restore power to 29,000customers that remained without service in Spokane County November 23 following a November 17 winter storm that downed power poles and trees, and knocked out power to 180,000 customers. Public schools were closed through November 27 due to the outage and debris that blocked sidewalks. Source: http://www.theolympian.com/news/state/washington/article46036540.html

• The U.S. Department of State issued a worldwide travel alert November 23 through February 24 citing increased threats from militant groups, and urged the public to remain vigilant and ware of surroundings during travel. – Reuters

9. November 24, Reuters – (International) U.S. issues global travel alert as manhunt continues for Paris attackers. The U.S. Department of State issued a worldwide travel alert November 23 through February 24 citing increased threats from militant groups, and urged the public to remain vigilant and aware of surroundings during travel. Source: http://www.reuters.com/article/2015/11/24/us-france-shooting-belgium-idUSKCN0TA03H20151124

• Highway 42 in Clayton was shut down between Glen Laurel and Castleberry Road for approximately 14 hours November 23 – November 24 after crews hit an 8-inchunderground gas line in the area that caused a gas leak. – WTVD 11 Durham

10. November 24, WTVD 11 Durham – (North Carolina) NC-42 reopen after major gas leak in Clayton. Highway 42 in Clayton was shut down between Glen Laurel and Castleberry Road for approximately 14 hours November 23 – November 24 after crews hit an 8-inch underground gas line in the area that caused a gas leak. Source: http://abc11.com/traffic/nc-42-shut-down-in-clayton-due-to-major-gas-leak/1096312/

• The U.S. Centers for Disease Control and Prevention are investigating cases of E. coli illnesses linked to Costco Wholesale chicken salad products in Colorado, Montana, Utah, and Washington November 23. – Associated Press

18. November 23, Associated Press – (National) Costco pulls chicken salad off shelves due to E. coli. The Washington State Department of Health reported November 23 that at least one case of E. coli in King County was linked to chicken salad purchased at Costco Wholesale Corporation stores after a person fell ill from consuming the product. The U.S. Centers for Disease Control and Prevention reported that Colorado, Montana, and Utah have also confirmed E. coli cases linked to the product. Source: http://www.king5.com/story/news/local/2015/11/23/costco-pulls-chicken-salad-off-shelves-due-to-e-coli/76295426/

Financial Services Sector

8. November 24, Softpedia – (International) ModPOS is a sophisticated criminal malware framework targeting POS devices. Security specialists from iSIGHT Partners discovered November 24 a new complex form of malware called ModPOS that targets U.S. retailers’ point-of-sale (PoS) systems via its three modules including Uploader/Downloader, Keylogger, and POS Scrapper that use obfuscation and encryption to evade security software and use its command and control (C&C) server to instruct the infected device to fetch other modules, once the stolen information is deemed valuable. Source: http://news.softpedia.com/news/modpos-is-a-sophisticated-criminal-malware-framework-targeting-pos-devices-496643.shtml

For another story, see item 35 below from the Commercial Facilities Sector

35. November 23, Milwaukee Journal Sentinel – (Wisconsin) Wilderness resort reports credit card data breach. Wisconsin Dells officials reported November 23 that its Wilderness Resort’s point-of-sale (PoS) system for processing credit and debit card transactions was compromised and may affect guests with reservations from March 9 – June 8 after a malware was found in its systems. The malware was removed and the resort is offering one year of free credit monitoring to guests who may have been affected. Source: http://www.jsonline.com/business/wilderness-resort-reports-credit-card-data-breach-b99621592z1-353041801.html

Information Technology Sector

28. November 24, Securityweek – (International) Lenovo patches privilege escalation flaws in system update. Lenovo released a new version of its System Update software addressing a security flaw, including a local unprivileged vulnerability, in which an attacker can gain administrative privileges on a victim’s system by predicting the temporary administration account generated by SUService.exe, as well as allowing a local unprivileged attacker to execute commands on users’ Windows systems. Source: http://www.securityweek.com/lenovo-patches-privilege-escalation-flaws-system-update

29. November 24, IDG News Service – (International) Dell security error widens as researchers dig deeper. Researchers from Duo Security discovered that new Dell laptops were found with a self-signed root digital certificate, eDellRoot, which can allow attackers to conduct a man-in-the-middle attack, spy on incoming data, and use private keys to create their own digital certificates to produce fake Web sites that appear legitimate. Dell Inc. reported they plan to release instructions on how to remove the certificates. Source: http://www.computerworld.com/article/3008077/security/dell-security-error-widens-as-researchers-dig-deeper.html#tk.rss_security

30. November 23, Softpedia – (International) ISIS retaliates against Anonymous, leaks data of “To-be-killed” US officials. Hackers from the Islamic State Hacking Division leaked a list containing data about employees who served on bases located in the Middle East, including personnel from the U.S. Defense Intelligence Agency, the FBI, the CIA, and the National Counterterrorism Center, the U.S. National Guard, and other Federal government agencies, via a Twitter account. The leak was contained. Source: http://news.softpedia.com/news/isis-retaliates-against-anonymous-leaks-data-of-to-be-killed-us-officials-496593.shtml

31. November 23, Softpedia – (International) Researchers find multiple Chrome extensions secretly tracking users. Researchers from Detectify Labs discovered that Google Chrome extensions including HooverZoom, SpeakIt, ProxFlow, Instant Translate, and other extensions were embedded with an analytics code to track users’ browsing history, collect data from cookies, and view secret access tokens from Facebook Connect without users’ consent while surfing across Web sites in different browser tabs. Source: http://news.softpedia.com/news/researchers-find-multiple-chrome-extensions-secretly-tracking-users-496596.shtml

Communications Sector

Nothing to report