News - Connect With Us | Electronic Warfare Associates

ICS system with public exploits cannot be patched.

The Industrial Control Systems Cyber Emergency Response Team (ICSCERT) released a security advisory for customers using the Environmental Controls System (ECS) 8832 version 3.02 and earlier version after a security researcher discovered the product had two vulnerabilities, which cannot be patched, including an authentication bypass flaw and a privilege escalation flaw that could allow an attacker to perform unauthenticated operations over the network. The ECS product is used in the energy indust

Blackout! Are We Prepared to Manage the Aftermath of a Cyber-Attack or Other Failure of the Electrical Grid?

Extremely timely! US House of Representatives Transportation and Infrastructure holds a hearing on vulnerability of the US Electrical Grid to cyber and physical actions. Includes written testimony and hearing video. Panel 1 includes: Honorable W. Craig Fugate, Administrator, FEMA; Ms. Patricia A. Hoffman, Ast Sec, Office of Electricity Delivery & Energy Reliability; Ms. Caitlin A. Durkovich, Ast Sec, Infrastructure Protection, National Protection and Programs Directorate, DHS and others.

Data breach exposes information on more than 3,000 TCC employees .

Officials announced March 25 that personal information, including Social Security numbers, of more than 3,000 employees at Tidewater Community College (TCC) in Virginia was leaked when an employee sent a file March 2 that included personal information of employees in response to a data request from a fraudulent TCC email account.

AP Investigation: US power grid vulnerable to foreign hacks

US power grids and critical infrastructure are still lucrative targets for individual and nation state supported hackers. The AP investigation provides insight into the challenges and vulnerabilities US critical infrastructure faces.

Micro soft will stop trusting certificates from 20 certificate authorities .

Microsoft reported that its Trusted Root Certificate Program will no longer include twenty trusted Certificate Authorities (CA) and will remove CA root certificates from the Trusted Root CA store after the company could not comply with CA new program prerequisites that added more stringent technical and auditing requirements. Microsoft advised users to choose another trusted CA program.

Chinese Hackers Target Taiwanese Politicians Just Before Elections

FireEye security researchers have uncovered a new APT (Advanced Persistent Threat) group linked to mainland China, targeting Taiwanese politicians and members of the media, just weeks before the country's elections.

SlemBunk Android banking trojan targets 31 banks across the world .

Security researchers from FireEye reported a new banking trojan, dubbed SlemBunk, was discovered targeting 33 international financial institutes, 31 banks, and 2 online payment systems by installing a fake Android Flash Player application, encoded with the trojan, that can perform attacks such as gaining administrative privileges, communicating with command and control (C&C) servers, watching over processes, and injecting a fake login page onto legitimate banking applications.

As Army Shrinks, Milley Considers Ways to Regenerate Force

Army Chief of Staff dispels myths on Army Force Regeneration

NERC Published 2015-2016 Winter Reliability Assessment

NERC Publication on Energy Reliability assessments for the upcoming 2015-2016 Winter Season

Obama Administration to Announce New Terrorism Alert System

The Obama administration will implement a new terrorism threat alert system in the coming days to address what he called intermediate-level threats to the United States, U.S.

Cottage reports another records breach

California-based Cottage Health reported December 3 that a breach in its server caused Google and Bing to index a limited amount of personal health information on as many as 11,000 patients from the hospital’s 3 main campuses. The health system requested the removal of the information and continues to investigate the breach.

Data breach compromises medical records .

The Santa Barbara County Public Health Department announced December 2 that it notified 260 patients of a databreach where patients’ personal health information was accessed by a staff member without proper authorization. The health department does not believe that any of the information was -5-misused and will retrain staff on its policies.

) Target in $39.4 million settlement with banks over data breach .

Minneapolis-based Target Corp. agreed December 2 to pay banks, credit unions, and MasterCard Inc. card issuers $39.4 million to settle class- action claims by lenders seeking to hold the company liable for costs to reimburse fraudulent charges and to issue new credit and debit cards following a 2013 data breach that compromised 40 million credit cards and lost the information of70 million people.

Hackers to Pentagon You are Doing Cyber Wrong

What happens when you bring together some of the nation’s leading hackers, the Pentagon’s chief of training and an Air Force Academy professor who teaches cyber skills to cadets? They all agree on one thing: The government’s approach to cyber security is coming up short.

FERC & Congress take Aim at Cyber Security

In light of the potentially devastating economic losses that could result from a cybersecurity attack causing widespread power outages as well as continued concerns about the vulnerability of the nation's electric utility system, the Federal Energy Regulatory Commission (FERC) and both chambers of Congress have recently taken actions to address critical cybersecurity concerns to the industry.

100 million Android users may have a backdoor on their devise thanks to the Baidu SDK .

Researchers from Trend Micro reported the Moplus software development kit (SDK) being offered by Chinese search engine, Baidu includes a functionality that can be abused to install backdoors on users’ devices via an Hypertext Transfer Protocol (HTTP) server on the targeted smartphone, allowing attackers to send HTTP requests to port 6259 or 40310 and execute malicious commands. The vulnerability has been included on an estimated 14,112 Android applications, potential impact on 100M Android users

DHS Kicks Off National Cyber Security Awareness Month 2015

Go to DHS website for more information on CyberSecurity Awareness

Maine mill releases thous ands of gallons of contaminated water into river.

Officials reported that 15,000 gallons of water were discharged into the Androscoggin River October 22. The Maine State Department of Environmental Protection has been notified, while officials reported that the spill will not impact drinking water.

Internet-Connected Cars Can Be Tracked by Anyone, Not Just Governments

A recent study by a Dutch researcher from the University of Twente shows that hackers can track smart cars with very low costs and quite a high degree of accuracy.

NRC Issues Watts Bar 2 Nuclear Power Plant Operating License

For the first time in nearly 20 years, the Nuclear Regulatory Commission (NRC) has issued an operating license for a new nuclear power plant. The 40-year license was issued to the Tennessee Valley Authority (TVA) for the long-overdue Watts Bar Unit 2 reactor on Oct. 22.

GAO Testimony: Critical Infrastructre Protection

Newest GAO report on Cybersecurity of the Nation's Electrical Grid. "Given the increasing use of information and communications technology in the electricity subsector and the evolving nature of cyber threats, continued attention can help mitigate the risk these threats pose to the electricity grid."

Download Document

The five stages of a cyber intrusion

When it comes to cybersecurity, the most egregious breaches often come down to human error, such as someone clicking on a link in a spoofed email. That’s why officials try to emphasize the importance of good cyber hygiene and educating the work force on best practices.

Infrastructure Security Dirty Bombs: The Reality

Recent reports regarding multiple sting operations in Moldova directed at smugglers who believed they were selling radioactive material to representatives of the Islamic State have once again generated wide interest in the threat posed by so-called “dirty bombs.” With the mainstream press doing their usual uneven job of reporting in a meaningful way on the threat posed, it behooves us, therefore, to take a few moments to talk about the reality as opposed to the hype.

Kosovo hacker detained for giving U.S. troop data to Islamic State

Police in Malaysia have arrested a Kosovo man alleged to have hacked into a U.S. company's database and extracted records on more than 1,300 federal and military employees, which he then gave to members of the Islamic State terrorist group

Data dump suggests possible breach at Electronic Arts

A post to Pastebin containing account details for Electronic Arts (EA) customers hit a little too close to home for one gamer, who found his email address, account password, and games list among the harvested data. EA has been told about the alleged leaked records, but the company hasn't made any official statements.

Power grid resiliency: final recovery transformer report issued by DHS ST

The DHS Science and Technology Directorate released a report June 20 stating that an emergency spare transformer program can be a key enabler to mitigating the effects of a high-impact, low-frequency event (such as an electromagnetic pulse weapon), which would damage the U.S. power grid. This report will enable the U.S. to achieve greater resiliency from both man-made and natural threats to the U.S. power grid.

In Wake Of Violence, France Reports Spike In Cyberattacks

19,000 French websites have been attacked since Jan. 7

Darkhotel attackers target business travelers via hotel networks.

Kaspersky Lab researchers identified an advanced persistent threat (APT) group dubbed Darkhotel APT that has targeted travelers in the Asia-Pacific region in addition to the U.S. using malicious hotel WiFi networks, spear phishing, and malicious torrent files. The group’s hotel attacks involve prompting users with a software update notice that installs a backdoor, and the group has targeted guests associated with industries and sectors including government organizations and others

Hackers breach Wyoming library system.

Officials announced November 7 that the Statewide online catalog of the Wyoming State Library was taken offline for 2 days for remediation after authorities learned the system was breached October 7 by unknown hackers. The attack was discovered after unusual activity was detected on the system and there is no indication that personal data was compromised.

N.C. dermatology center discovers hacked server two years after attack.

Central Dermatology Center in Chapel Hill announced November 7 that one of its servers was breached and compromised by malware in August 2012. The health center discovered the breach September 25 and continues to investigate the attack in order to determine what information was compromised, which could include patients’ personal and medical information.

U.S. Postal Service says data breach hits employees, call center.

The U.S. Postal Service (USPS) announced November 10 that the personal information, including Social Security numbers, of more than 800,000 employees and customers who called the Postal Service Customer Care Center between January and August 16 was potentially accessed in a cyberattack. The USPS is investigating and reported that the intrusion is limited in scope and operations are functioning normally.

Troopers seize nearly $200k in fake credit cards, cash.

Texas Department of Public Safety troopers arrested two Romanian nationals after they found 69 fraudulent payment cards valued at $172,000 and 29 fraudulent ID cards from Iowa during a traffic stop in Carson County November 4. Troopers stated that they believed the contraband and $18,000 in cash was being transported from California to Tennessee

Expired Antivirus Software No. 1 Cause Of Unprotected Windows 8 PCs

New data from Microsoft shows that nearly 10% of Windows 8 users are running expired AV software on their systems, making them four times more likely to get infected.

'Trojan Horse' Bug Lurking in Vital US Computers Since 2011

A destructive “Trojan Horse” malware program has penetrated the software that runs much of the nation’s critical infrastructure and is poised to cause an economic catastrophe, according to the Department of Homeland Security.

Power outage shuts down 911 service in Elk County.

A damaged fiber optic cable disrupted landline service for hundreds of customers in Elk County for several hours October 15 before crews were able to restore service.

UC Davis Health Email Breach Exposes 1,326 Patients Data

UC Davis Health System announced that it discovered a provider’s email had been compromised by an unknown source on September 26, breaching 1,326 patients’ data.

Massive Oracle security update lands on Microsoft Patch Tuesday.

Oracle released over 150 patches for several of its products, closing critical vulnerabilities in several products including Oracle Database and Java SE.

Malware-like browser pop-ups used by advertisers to push apps on Android.

A researcher at Malwarebytes reported that some advertisers are using fake warning or update notifications directed at Android users in an attempt to get them to download legitimate but potentially unwanted programs in an affiliate marketing scheme.

Mozilla fixes critical bugs in Firefox 33.

Mozilla released the latest version of its Firefox browser, closing 33 critical vulnerabilities and adding improved functionality.

Microsoft patches two more 0-days actively used by attackers

Microsoft released its monthly Patch Tuesday round of patches for October, closing several critical vulnerabilities including the SandWorm vulnerability and others exploited by attackers.

Cyber Awareness Month Week 2 Focus

This link will take you to the DHS site and you can learn about "Secure Development of IT Products"

Data breach on Flinn Scientific server lasted for four months.

Flinn Scientific officials notified October 2 customers that made at least one purchase through its online store since May 2 that their financial information, including payment card number and card verification code, may have been compromised after malware was planted on the company’s Web based payment system. The breach was discovered September 8 and the company removed the malicious software from its network.

Cedars-Sinai says number of patient files in data breach much higher.

Cedars-Sinai Medical Center in Los Angeles notified 33,136 patients September 11 that their personal and health information may have been accessed after a password-protected, unencrypted laptop was stolen from an employee’s home during a June burglary. The hospital previously reported the theft to 500 patients in August, but forensic analysis determined the laptop contained information for thousands of additional patients, including about 1,500 Social Security numbers.

Power outage shuts down airport website, kiosks.

A 3-hour power outage at the Kansas City International Airport management building shut down the airport’s Web site, arrival and departure signs inside the terminals, and wireless Internet access for almost 7 hours October 2. Power was still on in the terminal buildings and had no other effects on travelers.

Schneider Electric fixes remotely exploitable flaw in 22 different products.

The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) issued an advisory to operators of 22 different Schneider Electric industrial control systems products after a researcher identified a remotely exploitable directory traversal vulnerability that could allow attackers to bypass Web server authentication and gain administrator access and control over devices. Schneider Electric released a firmware update to close the vulnerability in the products...read more

Cyber Awareness: Stop/Think/Connect Campaign

As part of the Cyber Awareness Month, DHS has provided this link that provides information and practices that can help you, your family members, students, co-workers...anyone practice safe on-line activities and proper cyber hygiene. Protect yourself!

October is: CYBER Awareness Month

National Cyber Security Awareness Month is designed to engage and educate public and private sector partners through events and initiatives with the goal of raising awareness about cybersecurity and increasing the resiliency of the nation in the event of a cyber incident.

ISIS Cyber Threat To US Under Debate

ICS/SCADA systems and networks hackable but not easily cyber-sabotaged without industrial engineering know-how, experts say.

PSE&G takes first steps in Bergen and Passaic counties in $1.2B plan to safeguard power grid

"Utility crews are digging their way through North Jersey, tearing open streets and replacing decayed, leaky gas mains during the opening round of a $1.2 billion project aimed at shoring up the region's power grid against major storms."

Home Depot breach bigger than Target at 56 million cards.

Home Depot officials reported September 18 that 56 million payment cards were likely compromised when attackers used custom-built malware to breach the networks of stores in the U.S. and Canada between April and September 8 when the breach was detected. Costs associated with the breach are estimated to total $62 million to date.

Communication outage could affect 911 calls.

Internet, land line, and some cellular phone service was disrupted for CenturyLink customers around the Lake Monticello area in Fluvanna County September 18 due to a cut fiber optic line. Officials warned the public that 9-1-1 calls may also be impacted as well.

Cable ONE fiber optic cable cut.

Nearly 4,000 Cable ONE customers in Natchez and Yazoo City lost Internet and other services for nearly 3 hours September 18 when a fiber cable was cut.

Apple fixes numerous vulnerabilities with release of Mac OS X 10.9.5.

Apple released the latest version of its OS X operating system September 18, which addresses over 40 vulnerabilities that could lead to information disclosure, arbitrary code execution, privilege escalation, and other issues. Apple also released security updates for its OS X Server, Apple TV, Xcode development platform, and Safari Web browser.

Health department issues water advisory.

The Charles County Department of Health issued a temporary water advisory against swimming and ingesting water from Liverpool Point, Mallows Bay, and the Potomac River September 18 after officials discovered a toxic algae bloom on the water’s surface.

ISIS, Al Qaeda To Launch Cyber Attacks To Set Up Digital Caliphate

"Extremist groups in the Middle East are reportedly preparing to launch a massive cyber attack against the United States. According to a Fox News report, leaders of Islamic State of Iraq and Syria and Al Qaeda are stepping up efforts to seek a digital caliphate."

Home Depot Said to Ignore Security Warnings

Former information technology employees at Home Depot claim that the retailer’s management had been warned for years that its retail systems were vulnerable to attack, according to a report by The New York Times. Resistance to advice on fixing systems reportedly led several members of Home Depot’s computer security team to quit, and one who remained warned friends to use cash when shopping at the retailer’s stores

Chinese attack groups operate in parallel in cyber espionage campaigns

Researchers with FireEye discovered two cyberespionage campaigns originating in two regions of China that appear to share several commonalities including using the same custom backdoors and remote access trojans (RATs). One campaign dubbed Moafee targets various military, government, and defense industry entities while the second known as DragonOK targets high-tech and manufacturing companies in Taiwan and Japan.

Internet outage frustrates CenturyLink customers

Internet outage frustrates CenturyLink customers in southwest Missouri. CenturyLink customers in the 417 area code of southwest Missouri were without Internet service for nearly 10 hours September 11 due to a widespread outage.

NATO Nations work to level the playing field in response to cyber attacks

” It has been interesting to see news recently of a NATO agreement that indicated that member states would now come to each other’s aid in the event of digital attacks as well as in the case of military attacks. This newly signed deal reaffirms that cyber defense is now, more than ever critical component to a Nation’s comprehensive defense strategy.”

Cybersecurity Among Top Energy Industry Concerns

Attacks on an electric facility and increased attention from regulators has fueled concern about safeguarding facilities.

Potential Credit Card Data Breach at Home Depot.

Home Depot is investigating “unusual” activity that may indicate that credit and debit card data has been exfiltrated by unknown culprits.

Dairy Queen confirms breach of payment systems.

Dairy Queen officials confirmed that systems in a limited number of stores were infected with Backoff point-of-sale (PoS) malware, and customers’ personal information, including payment card information, may have been exposed.

JPMorgan and Other Banks Struck by Hackers

Another report of a coordinated cyber attack on several US banks.

South Korean Data Breach Compromises 27 Million

A data breach in South Korea appears to have impacted as many as 27 million citizens, roughly 70 percent of the nation’s population. Authorities with the South Jeolla Provincial Police Agency announced late last week that it had apprehended a 24-year-old, known simply as Kim, in addition to 15 others connected to the breach.

Governor OKs $1.3B in water plant protection

The governor of New Jersey approved nearly $1.3 billion in upgrades and improvements to drinking water and sewage treatment plants in the State after Superstorm Sandy caused an estimated $2.6 billion in damages to wastewater and drinking water infrastructure across the State in October 2012.

United States Environmental Protection Agency and GlaxoSmithKline reach $317,550 settlement for hazardous waste violations at Upper Merion facility

GlaxoSmithKline agreed to properly manage the hazardous waste at its research and development facility in Upper Merion Township and pay a $317,550 penalty August 11 in a settlement with the U.S. Environmental Protection Agency for six alleged violations of the Resource Conservation and Recovery Act that were found in an August 2012 inspection.

Orange County courthouse, shut Monday for power outage, should reopen Tuesday

The Orange County Courthouse in Goshen was closed August 11 due to a partial power outage that damaged electrical control circuits.

Millions of computers have backdoor enabled by default

Researchers from Kaspersky and Cubica Labs presenting at the Black Hat conference demonstrated how the legitimate Computrace anti-theft solution can be used by attackers performing a man-in-the-middle (MitM) attack to remotely execute arbitrary code on the target device due to the lack of encryption in Computrace traffic. Most computers come with Computrace already present, leaving millions of devices vulnerable to malicious use of the solution.

Cut cable line impacts emergency services in Mayes County

Cable, cell phone, landline, and Internet services were restored to more than 41,000 residents in Mayes County nearly 4 hours after a contractor inadvertently cut a fiber optic cable August 11. AT&T reported some customers in the Claremore and Pryor areas may have also experienced issues with their U-Verse, wireless, and wireline services.

USIS Suffers Cyberattack, Costing It Some Government Business

The U.S. government has temporarily suspended much of its work with its main security background-check contractor after the firm discovered that it was the victim of a cyberattack, federal officials said Wednesday. U.S. Investigations Services LLC discovered what it described as a "state-sponsored attack" of its corporate network that may have led to the theft of information of employees at the Department of Homeland Security.

Could be days for some to have power restored after storm.

Utility crews worked August 4 to restore power to more than 15,000 customers that remained without service after an August 2 storm knocked out electricity to more than 50,000 customers throughout Washington.

Sandwich chain Jimmy John's investigating breach claims.

Sandwich restaurant chain Jimmy John's reported that it is working with authorities to investigate a possible breach of customer payment data.

Popular wireless home alarms can be hacked from afar.

Two security researchers found that wireless home alarm systems are vulnerable to remote hijacking which would allow for access into the protected environment without tripping the alarm due to the signals lack of encryption or authentication. The tools used to hack into systems are available for purchase, potentially allowing intruders to completely disable the alarm from 10 feet.

Sony to shell out $15M in PSN breach settlement.

Sony released a statement July 24 claiming it reached an agreement to pay $15 million in a preliminary settlement associated with the April 2011 hacking of its PlayStation Network system, its on-demand service Qriocity, and gaming portal Sony Online Entertainment, exposing the personal data of roughly 77 million users.

State Department computer crash slows visa, passport applications worldwide.

The U.S. State Department announced July 24 that its main computer system for processing visa and passport applications worldwide crashed during the week of July 21 after routine maintenance on the consular database. The system was brought back online but remained at limited capacity while officials worked to correct the problem.

Self Regional announces security breach of patient info.

Self Regional Healthcare in Greenwood notified at least 500 patients July 24 of a potential security breach after two thieves broke into the Support Services Center May 25 and took a hospital-owned laptop. Police arrested and charged two men June 10 in connection with the theft where one of the suspects admitted to panicking and throwing the password protected laptop into Lake Thurmond.

Sewage spills into Lake Coeur dAlene at Arrow Point

A pump failure in a septic effluent lift station was discovered July 23 and determined to be the cause of an accidental release of an estimated 1,320 gallons of sewage into Lake Coeur d’Alene at the Arrow Point Marina. A new pump was installed and the system is under normal operations.

Widespread Verizon Service Outage Across D.C.-Baltimore Region

A widespread Verizon outage in the Baltimore-Washington region has been mostly restored, although some customers are still reporting service issues. Verizon customers first started noticing the outage — which mostly impacted Internet service, but also TV and wireless service — at about 7 p.m. Sunday. Verizon officials say service issue was fixed just after midnight Monday.

Cisco counterfeiter gets 37 months in prison, forfeits $700,000.

The CEO of ConnectZone.com was sentenced for his role in conspiring with a Chinese company to produce counterfeit Cisco Systems network products and then sell them as genuine products. Four people and two companies were charged in the case, with two others found guilty and a Chinese co-conspirator remaining at large.

Fake Flash Player steals credit card information.

Fake Flash Player steals credit card information. Dr. Web researchers reported finding a new piece of Android malware dubbed BankBot that is disguised as Adobe Flash Player and persistently asks users for administrator privileges in order to display a fake credit card information form and steal any entered information. The malware is currently targeting users in Russia but can be repurposed to attack other targets.

Unpatched OpenSSL holes found on Siemens ICSs.

The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) stated July 17 that six Siemens industrial control products contained vulnerabilities in their OpenSSL implementation that could lead to man-in-the-middle (MitM) attacks or the crashing of Web servers. Four of the vulnerabilities remain unpatched and are present in industrial control products used by the manufacturing, chemical, energy, agriculture, and water industries and utilities.

Secondhand Point-o-Sale terminal was horrific security midden.

A researcher with HP found that a second-hand Aloha point-of-sale (PoS) terminal purchased from eBay still held a database of employee names, Social Security numbers, and addresses, as well as default passwords that could be used by an attacker if the previous owners did not change passwords in new equipment.

Allegiant computer system restored after outage Friday

Allegiant Air suffered an outage that lasted more than 7 hours July 18 causing at least 26 flights to be cancelled or rescheduled. The airline restored its computer system after experiencing the technical glitch.

Record rainfall wreaks havoc across Bryan-College Station.

Heavy rainfall in Bryan-College Station caused the Burton Creek Wastewater Treatment Plant to spill about 600,000 gallons of heavily diluted domestic wastewater when the plant lost power and the pumps stopped working July 17.

Water main break causes boil water notice in Hampton.

City of Hampton residents in Bradford County remained under a boil water advisory until further notice after a water main break near the railroad tracks July 17.

SB14-188: Vulnerability Summary for the Week of June 30, 2014

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week.

Hacker group compromises US and European energy companies

European and U.S. energy companies are the latest victims of cyber espionage, as a result of the kind of industrial control system attacks the Defense Department has been growing concerned about. Thought to be state-sponsored, the perpetrators achieved sabotage capabilities that could have been used to disrupt energy supplies in affected regions, according to a recently released Symantec report.

Apple patches iOS, OSX and Safari on mega Monday.

Apple released updates June 30 for its iOS mobile operating system, OSX operating system, and Safari Web browser, closing 44 vulnerabilities in iOS, 19 in OSX, and 12 in Safari.

Metro Health reports immunization records theft.

The San Antonio Metropolitan Health District notified about 300 patients June 30 that their immunization records and personal information were stolen May 30 when a City of San Antonio-owned laptop was reported missing. Authorities are investigating the incident and do not believe the data was a target for the theft.

Derecho hits Chicago and Milwaukee: 2 dead, several more injured in the Midwest and Plains.

Two people were killed, thousands of customers lost power across several U.S. States, and hundreds of flights were cancelled or delayed at Chicago’s O’Hare and Midway airports due to a derecho storm that moved through the Midwest and Plains regions June 30.

Massachusetts Becomes First State in the Nation to Require Utilities to Modernize the Electric Grid

"The Department of Public Utilities has issued two groundbreaking orders requiring Massachusetts electric distribution companies to modernize the electric grid, building on the Commonwealth’s national leadership on energy efficiency and renewable energy. With these orders, Massachusetts is the first state in the nation to require electric distribution companies to take affirmative and far-reaching steps to modernize the electric grid."

US CERT Weekly Vulnerability Summary Bulletin (SB14-181)

Weekly Vulnerability Summary for the week of June 23, 2014 published by US CERT.

New Havex malware variants target industrial control system and SCADA users.

Researchers with F-Secure reported June 23 that attackers have been distributing new versions of the Havex remote access trojan (RAT) by compromising industrial control system (ICS) manufacturers’ Web sites and adding the RAT to legitimate software downloads. The researchers did not name the manufacturers but stated that they are based in Belgium, Germany, and Switzerland.

Comcast Xfinity evil twin steals subscriptions

A researcher at LogRhythm Labs demonstrated how an attacker could compromise Comcast Xfinity accounts by creating a malicious hotspot that mimics Comcast customer-run hotspots, and that Comcast customer devices would automatically connect to. The malicious hotspot then presents a legitimate-looking login page that collects a customer’s login and password.

Powerhouse Fire sparked by power lines, Forest Service says, victims suing DWP

The U.S. Forest Service announced June 23 that the 2013 Powerhouse Fire that burned about 30,000 acres and destroyed 53 structures in and around the Angeles National Forest was caused by power lines owned by an undisclosed entity that created a competent ignition source.

Chemical accidentally released from Norwood plant

Authorities are investigating after an undetermined amount of nitrogen dioxide was released through a stack into the air over the Shepherd Chemical plant in Norwood June 24. Workers were evacuated from the facility and officials issued a shelter in place order for residences and businesses within 500 feet of the facility for over 2 hours.

Natural gas leak capped near Garner

An equipment malfunction at a PSNC Energy regulation station in Garner caused a release valve to fail and cause a natural gas leak June 23. The leak prompted authorities to evacuate homes within 1-mile of the station and shut down U.S. Business Highway 70 for almost 2 hours.

June 13: AT&T customer details accessed without authorization.

Some AT&T customers were informed by letter that employees at one of the company's service providers may have accessed personal identifiable information, including Social Security numbers, without authorization somewhere between April 9 and April 21.

June 14: P.F. Chang's confirms credit card breach.

P.F. Chang's Chinese Bistro stated June 14 that it had confirmed that it was the victim of a customer payment card data breach affecting an unknown number of customers. The company stated that it has temporarily switched to manual payment card imprinting to process transactions while the breach continues to be investigated.

June 14: Eastman operations restored at Kingsport.

Eastman Chemical Company representatives announced June 13 that its Kingsport, Tennessee facility was brought back online and operations were substantially restored following an unplanned outage June 4.

Jun 13: Concern widens over sabotage at Nogales power station

The FBI is investigating whether a makeshift bomb placed next to a 50,000-gallon diesel tank at an Arizona power station Wednesday has any connection to a suspicious incident this year at another substation owned by the same company.

New Powerful Banking Malware Called Dyreza Emerges

IDG News Service — Security researchers said they've spotted a new type of banking malware that rivals the capabilities of the infamous Zeus malware. The malware, which is being called "Dyreza" or "Dyre," uses a man-in-the-middle attack that lets the hackers intercept unencrypted web traffic while users mistakenly think they have a secure connection with their online banking site.

June 12 Cybercriminals targeting cloud-based PoS systems via browser attacks.

IntelCrawler researchers dubbed a form of malware, POSCLOUD, which targets vulnerabilities in major Web browsers to compromise cloud-based PoS software typically used by grocery stores, retailers, and other small businesses. The malware relies on keylogging and screenshots to steal personal information and financial data.

Entirely new trojan quietly wheeled into black hat forums.

A researcher from RSA reportedly discovered a new trojan, Pandemiya, which contains about 25,000 lines of fresh code and has the ability to steal data from forms, take screen shots to send back to the botmasters who deploy it, and create fake web pages. Pandemiya can be removed by tweaking registry and command line action.

Records of more than 33,000 patients stolen from Santa Rosa radiology facility.

Officials at St. Joseph Health of Sonoma County in Santa Rosa reported June 12 that a thumb drive containing X-ray records of 33,702 patients was stolen during a burglary at an outpatient radiology facility June 2. Patients’ personal information was saved on the thumb drive which was taken from a staff member’s storage locker.

June 2 - GameOver Alert

US-CERT - Alert (TA14-150A): GameOver Zeus P2P Maleware.

May 29 - America First Credit Union Breach

KTVX 4 Salt Lake City – (Utah) America First Credit Union finds a breach in accounts that affects thousands.

May 30 - Ford Recall

Associated Press – (National) Ford issues 4 recalls affecting 1.4M vehicles.

May 29, Iranian Snooping Campaign

Threatpost – (International) Iranian campaign snooped on U.S. officials.

May 30, Help Net Security

(International) Malware creation breaks all records!

June 8, 2014: NBC News - Costs of Cybercrime

Cybercrime Costs Businesses $445 Billion and Thousands of Jobs Study.

May 19, FOX News - DOJ Espionage Case

DOJ brings first-ever cyber-espionage case against Chinese officials.

May 29, WDSU 6 New Orleans

(Louisiana) Boil water advisory issued for Folsom.

May 30, Chambersburg Public Opinion

May 30, Chambersburg Public Opinion – (Pennsylvania) Overturned trailer closes I-81, prompts hazmat cleanup.

Nine Members of Cybercrime Ring Sentenced to a Total of 24 Years for Attacks on Banks

Nine members of cybercrime ring sentenced to a total of 24 years for attacks on banks. Nine men found guilty of stealing around $2.1 million from Barclays and Santander banks were sentenced by a U.K. court to serve a total of 24 years and 9 months. The group used keyboard, video, mouse (KVM) switches to transfer money from the banks, and also intercepted around one million letters to obtain payment cards that were then used to make fraudulent purchases.

Horizon Scan 2014 Survey Report

This is an international survey of business designed to identify and categories the threats to business continuity operations. The greatest threats remain IT and communications related. Source: http://www.thebci.org/index.php/news#/news/threats-on-the-horizon-78845.

Horizon Scan 2014 Survey Report

This is an international survey of business designed to identify and categories the threats to business continuity operations. The greatest threats remain IT and communications related.

April 9, Ars Technica - (International) Man behind Carder.su racketeering, other cybercrime, pleading guilty.

A Georgia man associated with the Carder.su identity theft, payment card fraud, and cybercrime organization agreed to plead guilty to federal racketeering charges according to court documents released April 9. As many as 55 alleged members of the group that caused $50 million in losses have also been charged, with 8 pleading guilty and many remaining at large. Source: http://arstechnica.

Connect With Us

FAQ

News Archive