Thursday, January 29, 2015



Complete DHS Report for January 29, 2015

Daily Report

Top Stories

 • Health officials warned January 27 that an individual diagnosed with measles may have exposed as many as 195 children to the disease at the Phoenix Children’s East Valley Center between January 20 and 21. – Arizona Republic

19. January 28, Arizona Republic – (Arizona) Arizona measles outbreak reaches ‘critical point’. Two additional cases of measles were confirmed in Arizona January 27 and public health officials warned that one of the confirmed cases may have exposed as many as 195 children to the disease at the Phoenix Children’s East Valley Center between January 20 and 21. Source: http://www.usatoday.com/story/news/2015/01/28/arizona-measles-disneyland-outbreak-phoenix-children/22452491/

 • Police are searching for a man who planted an explosive device inside a Marshall’s store in Visalia, California, January 27 and waited for the device to detonate before he fled the scene with stolen merchandise. – Visalia Times-Delta

30. January 28, Visalia Times-Delta – (California) Explosive device planted in Visalia Marshall's. Police are searching for a man who planted an explosive device inside a Marshall’s store in Visalia January 27 and waited for the device to detonate before he used an emergency exit to flee the scene with stolen merchandise. Authorities are working to identify the explosive substance but believe the suspect may have placed dry ice in a plastic soda bottle and sealed the lid causing the bottle to expand and explode. Source: http://www.visaliatimesdelta.com/story/news/local/2015/01/28/explosive-device-planted-visalia-marshalls/22465081/

 • Police are investigating after gunshots shattered windows and caused thousands of dollars in damage at the Great American Tower at Queen City Square in Cincinnati, Ohio, over four separate occasions between January 19 and 26. – WXIX 19 Newport

32. January 27, WXIX 19 Newport – (Ohio) Police search for gunman shooting up Cincinnati's tallest skyscraper. Police are investigating after gunshots shattered windows and caused thousands of dollars in damage at Great American Tower at Queen City Square in Cincinnati over four separate occasions between January 19 and January 26, all of which have occurred after business hours. Police temporarily closed the Lytle Tunnel on northbound Interstate 71 January 26 and 27 and are working to determine if the shootings are coming from an area of the highway that routes along downtown Cincinnati and Fort Washington Way. Source: http://www.fox10tv.com/story/27947814/lytle-tunnel-shut-down-2nd-night-in-row-after-gunshots-fired

 • Three men crashed a vehicle into the Wells Fargo History Museum in downtown San Francisco January 27 with one suspect holding a guard at gunpoint while the others collected about $10,000 worth of gold nuggets before fleeing the scene. – Los Angeles Times

33. January 27, Los Angeles Times – (California) Masked men crash SUV into S.F. museum, steal 10 ounces of gold. Three masked men crashed a stolen vehicle into the Wells Fargo History Museum in downtown San Francisco January 27 with one suspect holding a guard at gunpoint while the others collected about $10,000 worth of historic gold nuggets before fleeing the scene in a second vehicle driven by an accomplice. Wells Fargo officials reported that the museum would reopen at a later date while police are investigating if the incident is related to similar smash-and-grab thefts involving vehicles in the area since May 2014. Source: http://www.latimes.com/local/lanow/la-me-ln-san-francisco-gold-nugget-heist-20150127-story.html

Financial Services Sector

5. January 27, Milwaukee Journal-Sentinel – (Wisconsin) Watertown insurance agent Loren Holzhueter ran $10 million Ponzi scheme, feds allege. A Watertown insurance agent and one of his companies were charged with five counts of securities fraud in federal court in Madison by the U.S. Securities and Exchange Commission for running a $10 million Ponzi scheme and failing to provide correct information to at least 122 investors on how their money was being used. Source: http://www.jsonline.com/business/holzhueter-ran-10-million-ponzi-scheme-feds-allege-b99434251z1-290003131.html

For another story, see item 31 below from the Commercial Facilities Sector

31. January 28, WBIW 1340 AM Bedford – (Indiana) French Lick Resorts report credit card breach. French Lick Resort officials warned some visitors that their personal and financial information may have been compromised after malware was introduced into the company’s payment system. The malware has since been removed and officials warned that only those visitors who used a payment card at the resort between April 23, 2014 and January 21, 2015 could be at risk. Source: http://www.wbiw.com/local/archive/2015/01/french-lick-resorts-reports-credit-card-breach.php

Information Technology Sector

25. January 28, Softpedia– (International) D-Link routers vulnerable to unauthorized DNS changing. A recently published proof-of-concept exploit from a security researcher at Ethical Hacker, illustrated a vulnerability found in DSL router model D-Link DSL-2740R, which allows remoter hackers to change the device’s domain name system (DNS) settings and redirect users to malicious online locations hosting malware or phishing pages. Source: http://news.softpedia.com/news/D-Link-Routers-Vulnerable-to-Unauthorized-DNS-Changing-471480.shtml

26. January 28, Securityweek – (International) Flash Player update patches two critical vulnerabilities. Adobe released an update in Flash Player to version 16.0.0.296 to address a zero-day vulnerability, CVE-2015-0311, the second of two previously unreported critical flaws that have been patched in the last week, that allows attackers to install malware by visiting compromised websites or malicious ads in their browsers. Source: http://www.securityweek.com/flash-player-update-patches-two-critical-vulnerabilities

27. January 28, Securityweek – (International) Serious vulnerability in Blackphone exposed messages, location. A security flaw in Silent Text, an instant messaging app available on the privacy-focused Blackphone, could be exploited by a remote attacker to execute arbitrary code and enable the complete control of a targeted device. The vulnerability has been closed by Blackphone and its developer Silent Circle. Source: http://www.securityweek.com/serious-vulnerability-blackphone-exposed-messages-location

28. January 27, Securityweek – (International) Apple to Patch Thunderstrike, vulnerabilities disclosed by Google. Apple released updates for its OS X operating system that includes patches for several vulnerabilities including a flaw in the software that enabled the Thunderstrike boot kit attack. Source: http://www.securityweek.com/apple-patch-thunderstrike-vulnerabilities-disclosed-google

For another story, see item 31 above in the Financial Services Sector

Communications Sector 

29. January 28, Contra Costa Times – (California) Antioch: Construction crew causes cable, Internet outage, Comcast says. Construction crews working near the border of Antioch and Pittsburg damaged several fiber optic cables causing cable service and Internet outages for an unknown number of Comcast customers in east Contra Costa for more than 6 hours January Source: http://www.contracostatimes.com/antioch/ci_27407764/antioch-construction-crew-causes-cable-internet-outage-comcast

Wednesday, January 28, 2015



Complete DHS Report for January 28, 2015

Daily Report

Top Stories

 · Nearly 8,000 flights throughout the U.S. were cancelled through January 29 due to a severe winter storm in the Northeast. – USA Today

11. January 27, USA Today – (National) Boston, coast take brunt of mighty Northeast storm. Nearly 8,000 flights throughout the U.S. were cancelled through January 29 due to a severe winter storm in the Northeast that prompted the evacuation of residents in Massachusetts, cancelled schools for millions of kids, knocked out power for thousands, shut down the New York subway system for several hours, and prompted driving bans for several States January 26. Source: http://www.usatoday.com/story/news/2015/01/27/bracing-for-blizzard-millions-hunker-down-across-northeast/22388241/

 · An estimated 46,000 gallons of sewage was dumped into Gwynns Falls in Maryland due to a clogged Baltimore City sewer line January 26. – Baltimore Brew

18. January 26, Baltimore Brew – (Maryland) Second sewer spill reported along the Gwynns Falls. An estimated 46,000 gallons of sewage was dumped into Gwynns Falls due to a clogged Baltimore City sewer line January 26. This is the second spill in Gwynns Falls following a January 15-16 spill that released an estimated 19,000 gallons of sewage due to blocked sewer pipes. Source: https://www.baltimorebrew.com/2015/01/26/second-sewer-spill-reported-along-the-gwynns-falls/

 · The U.S. Federal Communications Commission announced January 26 that Verizon will pay a $5 million penalty in a settlement after the company admitted that it failed to investigate whether its rural customers were able to receive long distance and wireless phone calls. – Ars Technica See item 31 below in the Communications Sector

 · Propel Braddock Hills High School in Pennsylvania was closed January 27 after the school went on lockdown January 26 while 2 students were arrested for allegedly bringing guns on campus. – WTAE 4 Pittsburgh

22. January 27, WTAE 4 Pittsburgh – (Pennsylvania) Guns found at Propel school in Braddock Hills; 2 students arrested. Propel Braddock Hills High School in Pennsylvania was closed January 27 after the school went on lockdown January 26 while 2 students were arrested for allegedly bringing guns on campus prompting a police response. Police recovered one loaded gun and a second unloaded gun after a search. Source: http://www.wtae.com/news/3-handcuffed-outside-propel-school-in-braddock-hills/30927490

Financial Services Sector

8. January 27, Baton Rouge Advocate – (National) Secret Service investigating ATM thefts along I-10 corridor. Whitney Bank Louisiana warned its customers and anyone who may have used their ATMs about a fraud scheme after it detected unauthorized activity at several ATM locations along the Interstate 10 corridor January 24 that may have also affected cities in Texas, Mississippi, Alabama, and Florida. The bank deactivated and will reissue approximately 7,100 debit cards as authorities are continue to investigate. Source: http://theadvocate.com/news/neworleans/neworleansnews/11434700-123/secret-service-investigating-atm-thefts

9. January 26, Bucks Local News – (Pennsylvania) Bucks County family accused of using massive insurance fraud scheme to finance life of luxury. A Buckingham Township woman, four members of her family, and two others were arrested and charged January 22 for allegedly conspiring to defraud insurance companies in excess of $20 million for personal use. Approximately $7 million in assets were seized as a result of an investigation that was initiated following an October 2013 fire at the family’s home, the third fire at the residence in 5 years. Source: http://www.buckslocalnews.com/articles/2015/01/26/bucks_news/doc54c25e7ecb11f863886711.txt?viewmode=fullstory

10. January 27, Philadelphia Business Journal – (Pennsylvania) Nifty Fifty’s accountant pleads guilty to tax fraud scheme. The accountant for the restaurant chain Nifty Fifty’s, pleaded guilty in federal court January 26 for his role in a conspiracy to commit tax evasion to avoid paying millions of dollars in personal and employment taxes by failing to properly account for more than $15 million gross receipts. Five individuals previously pleaded guilty to charges for their roles in the fraud scheme. Source: http://www.theintell.com/news/local/nifty-fifty-accountant-pleads-guilty-in-tax-fraud-scheme/article_277be81f-f089-56bb-9532-0d82407925ce.html

Information Technology Sector

27. January 27, Securityweek – (International) Super Bowl fans warned about vulnerable NFL mobile app. Researchers at Wandera, a mobile gateway company, reported a vulnerability in the official National Football League (NFL) mobile apps for iOS and Android that exposes users’ personal information immediately after the user signs into the mobile app in a secondary unencrypted API call, and can be intercepted through man-in-the-middle (MitM) attacks. Source: http://www.securityweek.com/super-bowl-fans-warned-about-vulnerable-nfl-mobile-app
28. January 27, Softpedia – (International) Regin cyber-espionage platform manned by the NSA. Researchers at Kaspersky Lab discovered a link in the keylogger dubbed QWERTY, a plugin for the WARRIORPRIDE malware framework, to be identical in functionality to Regin malware plugin 50251, responsible for kernel-mode hooking. The Regin platform targets telecommunication companies, government organizations and political entities, financial institutions, academia and specific individuals. Source: http://news.softpedia.com/news/Regin-Cyber-Espionage-Platform-Manned-by-the-NSA-471349.shtml
29. January 27, Help Net Security – (International) Supposedly clean Office documents download malware. Bitdefender is warning Microsoft Office users of a new spam campaign that resembles a tax return, a remittance, or form of bill from a bank and carries a Microsoft Word or Excel attachment that will automatically execute a piece of malware with a macro code disguised to bypass traditional antivirus if downloaded. Source: http://www.net-security.org/malware_news.php?id=2947
30. January 27, Help Net Security – (International) Android Wi-Fi Direct DoS vulnerability discovered. A researcher from the CoreLabs Team discovered a Denial of Service (DoS) vulnerability in some Android devices that could allow an attacker to send a specially crafted 802.11 Probe Response frame causing the Dalvik subsystem to reboot because of an Unhandle Exception on WiFiMonitor class. The Android security team was informed of the flaw in September 2014. Source: http://www.net-security.org/secworld.php?id=17874

Communications Sector

31. January 26, Ars Technica – (National) Verizon punished for failing to investigate phone problems in rural areas. The U.S. Federal Communications Commissions announced January 26 that Verizon will pay a $5 million penalty in a settlement after the company admitted that it failed to investigate whether its rural customers were able to receive long distance and wireless phone calls. As part of the settlement, Verizon will pay a $2 million fine to the U.S. Department of the Treasury and commit another $3 million over the next 3 years to address the issue of rural call completion on a company and industry-wide basis. Source: http://arstechnica.com/business/2015/01/verizon-punished-for-failing-to-investigate-phone-problems-in-rural-areas/

For another story, see item 28 above in the Information Technology Sector