Wednesday, October 22, 2014



Complete DHS Report for October 22, 2014

Daily Report

Top Stories

 · Crews recovered 2,550 barrels of crude oil October 20 from a 4,000-barrel spill caused by a broken Sunoco Logistics-owned pipeline near Mooringsport, Louisiana, October 13 that has killed dozens of mainly aquatic animals.– Shreveport Times

1. October 20, Shreveport Times – (Louisiana) Oil spill cleanup reaches 2,550 of 4,000 barrels. Crews recovered 2,550 barrels of crude oil October 20 from a 4,000-barrel spill caused by a broken Sunoco Logistics-owned pipeline near Mooringsport that has killed 139 fish, amphibians, reptiles, and crawfish. The affected Mid-Valley Pipeline segment remains shut down until the portion of the failed pipe is replaced. Source: http://www.shreveporttimes.com/story/news/local/2014/10/20/oil-spill-cleanup-reaches-barrels/17637575/

 · The National Highway Traffic Safety Administration issued a notice October 20 advising owners of more than 4.7 million BMW, General Motors, Honda, Mazda, Nissan, and Toyota vehicles fitted with airbags equipped by Takata to have their vehicles inspected immediately due to airbag defects. – Washington Post

8. October 20, Washington Post – (National) Airbag defect spurs recall of 4.7 million vehicles. The National Highway Traffic Safety Administration issued a recall notice October 20 advising owners of over 4.7 million BMW, General Motors, Honda, Mazda, Nissan, and Toyota vehicles equipped with Takata airbags to check if their vehicles are covered by recalls for airbag inflators that could cause the vehicles’ airbags to produce shrapnel upon inflation. At least four people have died in incidents related to the defective airbag inflators. Source: http://www.washingtonpost.com/blogs/dr-gridlock/wp/2014/10/20/airbag-defect-spurs-recall-of-4-7-million-vehicles/

 · Repairs for a 48-inch damaged water main were expected to start October 21 after a well driller struck the main beneath a ranch near Forestville, California, October 20 spilling an estimated 610,000 gallons of water into the surrounding landscape and saturating the soil. – Santa Rosa Press Democrat

15. October 21, Santa Rosa Press Democrat – (California) Water line break spills 610,000 gallons in west Sonoma County. Repairs for a 48-inch damaged water main were expected to start October 21 after a well driller struck the main beneath a ranch near Forestville October 20 spilling an estimated 610,000 gallons of water into the surrounding landscape and saturating the soil. There was no interruption in water service or immediate risk to local wildlife as crews worked to drain the pipeline before starting repairs. Source: http://www.pressdemocrat.com/news/2999656-181/water-line-break-spills-610000#page=0

 · A former receptionist at a Kearny, New Jersey medical office pleaded guilty October 20 for embezzling over $446,000 in checks paid by insurance companies to the medical practice for patient services and spending more than $200,000 using fraudulent credit cards between 2007 and 2011.– Jersey Journal (See item 17)

17. October 20, Jersey Journal – (New Jersey) Receptionist at Kearny medical practice pleads guilty to stealing $446K: authorities. The U.S. Attorney’s Office announced October 20 that a receptionist at a Kearny, New Jersey medical practice pleaded guilty to embezzling over $446,000 and spending more than $200,000 with fraudulent credit cards by using her position at the practice to take and cash checks paid by insurance companies to the medical practice for patient services between 2007 and 2011. The former receptionist would conceal the amount of the check and keep a large portion for herself in addition to the 10 credit cards she obtained in the name of the principal of the medical practice in order to use them to purchase personal goods and services. Source: http://www.nj.com/hudson/index.ssf/2014/10/receptionist_at_kearny_medical_practice_admits_in_court_to_stealing_446k_authorities.html

Financial Services Sector

See items 17 above in Top Stories and 27 below from the Commercial Facilities Sector

27. October 21, Softpedia – (International) Staples investigates possible card data breach. Officials at retail chain Staples are investigating to determine if the payment processing systems of 11 stores in 7 States were compromised after receiving reports from several financial intuitions of fraudulent activity being recorded on payment cards held by Staples customers. Source: http://news.softpedia.com/news/Staples-Investigates-Possible-Card-Data-Breach-462670.shtml

Information Technology Sector

24. October 21, IDG News Service – (International) One week after patch, Flash vulnerability already exploited in large-scale attacks. Researchers identified an exploit kit sold on underweb forums known as Fiesta that is bundled with an exploit for a recently-patched Flash Player vulnerability. Users were advised to apply the patch that was issued October 14. Source: http://www.networkworld.com/article/2836733/one-week-after-patch-flash-vulnerability-already-exploited-in-largescale-attacks.html

25. October 21, Securityweek – (International) Cisco products vulnerable to POODLE attacks. Cisco is analyzing its products to determine which may be affected by the POODLE vulnerability in Secure Sockets Layer (SSL) and released a list of confirmed vulnerable products, which includes Cisco Webex Social, Cisco ACE, Cisco Wireless LAN Controller, and several other products. Source: http://www.securityweek.com/cisco-products-vulnerable-poodle-attacks

26. October 21, The Register – (International) Palo Alto Networks boxes spray firewall creds across the net. A researcher found that misconfigured Palo Alto Networks firewalls could allow attackers to gain user and domain names and passwords, potentially exposing customer services such as VPNs and webmail. Palo Alto Network advised users to apply best practice guidelines developed by the company. Source: http://www.theregister.co.uk/2014/10/21/palo_alto_customers_spray_net_with_firewall_creds/

Communications Sector

Nothing to report

Tuesday, October 21, 2014



Complete DHS Report for October 21, 2014

Daily Report

Top Stories

 · A chemical leak at a Phillips 66 refinery in Linden, New Jersey, was contained October 20 after a solution of ethylaluminum dichloride was released and plant employees were ordered to shelter in place.– WABC 7 New York City 

1. October 20, WABC 7 New York City – (New Jersey) Hazmat teams respond to chemical leak at Linden refinery. A chemical leak October 20 at the Philips 66 – Bayway refinery in Linden was contained after authorities issued a shelter-in-place for the surrounding area following the release of a 15 percent solution of ethylaluminum dichloride used in the refining process. Officials are investigating the incident. Source: http://7online.com/news/hazmat-teams-respond-to-chemical-leak-at-linden-refinery/357813/

 · Cleanup crews contained and recovered 300 barrels of oil and water at a XTO Energy Incorporated well near Watford City, North Dakota, October 17 after a leak was discovered October 16 due to a mechanical failure at a wellhead. – Associated Press 

2. October 17, Associated Press – (North Dakota) North Dakota well leaking oil, gas and water. North Dakota regulators reported October 17 that 300 barrels of oil and water were contained and recovered at a XTO Energy Incorporated-owned well near Watford City that began leaking October 16 due to a mechanical failure. Crews worked to stop the leak at the oil well. Source: http://abcnews.go.com/US/wireStory/north-dakota-leaking-oil-gas-water-26284040

 · About 50 gallons of diesel spilled after a semi-truck struck a bridge and caught fire on 15 Freeway north near Baker, California, and prompted the closure of the freeway for 10 hours while crews cleaned up the spill October 19. – Riverside Press-Enterprise 

9. October 19, Riverside Press-Enterprise – (California) Mohave Desert: Big rig crash, fuel spill close 15 Freeway. A semi-truck that caught fire after striking a bridge on the 15 Freeway north near Baker spilled about 50 gallons of diesel and closed the freeway for 10 hours while crews cleaned up the spill October 19. Source: http://www.pe.com/articles/freeway-752318-chp-log.html

 · Thirty individuals were injured and 14 arrests were made October 19 when a riot broke out during an annual pumpkin festival in Keene, New Hampshire. – WCVB 5 Boston 

41. October 19, WCVB 5 Boston – (New Hampshire) Arrests after Keene pumpkin festival turns to mayhem. At least 30 individuals were injured when riots involving hundreds of individuals broke out October 18 following the Keene Pumpkin Festival in New Hampshire. Police arrested at least 14 individuals in connection with the incident. Source: http://www.wcvb.com/news/arrests-after-keene-pumpkin-festival-turns-to-mayhem/29220936

Financial Services Sector

7. October 17, Times of San Diego – (California) Ex-banker admits taking big bribes in J.P. Morgan Chase case. A former banker at J.P. Morgan Chase in San Diego pleaded guilty October 17 to receiving over $200,000 in bribes from the owner of mortgage investment firms Ocean 18 LLC and Note Tracker Corp., in exchange for ensuring that certain customers won on bids to purchase mortgage notes. The former banker also admitted to tax fraud for not reporting the illegal payments to the Internal Revenue Service. Source: http://timesofsandiego.com/business/2014/10/17/another-banker-pleads-guilty-bribery-charge-mortgage-scheme/

Information Technology Sector

33. October 20, The Register – (International) Microsoft pulls another dodgy patch. Microsoft stated that it is investigating a patch for Windows 7 and Windows Server 2008 R2 after some users reported experiencing issues with their systems after installation. Microsoft advised users experiencing problems to uninstall the patch. Source: http://www.theregister.co.uk/2014/10/20/microsoft_pulls_ianotheri_dodgy_patch/

34. October 18, Softpedia – (International) Dropbox users are served a phishing page delivered over SSL. A researcher with Symantec stated that attackers are using a phishing campaign with a page hosted on Dropbox to attempt to steal users’ Dropbox and email credentials. The phishing page uses the secure sockets layer (SSL) protocol of its host in order to appear legitimate. Source: http://news.softpedia.com/news/Dropbox-Users-Are-Served-A-Phishing-Page-Delilvered-Over-SSL-462514.shtml

35. October 17, The Register – (International) Apple releases MEGA security patch round for OS X, Server and iTunes. Apple released a round of patches for several of its products, including OS X, OS X Server, and iTunes, addressing 150 issues including patches to close the POODLE and Shellshock vulnerabilities. Source: http://www.theregister.co.uk/2014/10/17/apple_releases_mega_security_patch_round_for_osx_server_and_itunes/

36. October 17, Softpedia – (International) Modular malware for OS X relies on open-source keylogger code. Kaspersky Lab researchers identified a piece of modular malware for Apple OS X known as Ventir that uses the legitimate LogKext keylogging software in order to steal information from infected systems. Source: http://news.softpedia.com/news/Modular-Malware-for-OS-X-Relies-On-Open-Source-Keylogger-Code-462473.shtml

37. October 17, SC Magazine – (International) Sandworm vulnerability seen targeting SCADA-based systems. An advisory issued by Trend Micro stated that researchers have identified attackers using the Sandworm vulnerability to target systems running the GE Intelligent Platform’s CIMPLICITY human-machine interface (HMI) solution used in supervisory control and data acquisition (SCADA) systems. The attackers appear to be using the vulnerability in the first stage of an advanced persistent threat (APT) targeted attack and use the vulnerability to install the Black Energy malware. Source: http://www.scmagazineuk.com/sandworm-vulnerability-seen-targeting-scada-based-systems/article/377846/

Communications Sector

Nothing to report