Thursday, July 21, 2014




Complete DHS Report for July 24, 2014

Daily Report

Top Stories



 · The Pennsylvania auditor general released a report stating that the Pennsylvania Department of Environmental Protection’s oil and gas program was lacking due to inconsistencies in several key tasks. – Pittsburgh Business Times



1. July 22, Pittsburgh Business Times – (Pennsylvania) Auditor general finds fault with DEP’s gas well oversight. The Pennsylvania auditor general released a report stating that the Pennsylvania Department of Environmental Protection’s oil and gas program was lacking due to inconsistencies with cleaning up impacted water supplies, an ineffective complaint-tracking system, and that the department could not provide assurances that shale-gas wells were inspected in a timely manner, among other findings. The department responded stating that recommendations presented in the audit were being implemented. Source: http://www.bizjournals.com/pittsburgh/blog/energy/2014/07/auditor-general-finds-fault-with-deps-gas-well.html

 · Health officials issued a warning July 22 to the public in Palolo Valley, Hawaii, to stay out of several bodies of water and surf sites after more than 103,000 gallons of raw sewage leaked into Palolo Steam from an intentionally clogged sewer line. – Honolulu Star-Advertiser

18. July 22, Honolulu Star-Advertiser – (Hawaii) ‘Maliciously’ clogged Palolo manhole sends sewage to ocean. Health officials issued a warning July 22 to the public in Palolo Valley to stay out of Palolo Stream, Ala Wai Canal, Magic Island, and surf sites Bamburas, Ala Moana Bowl, Rock pile, In Betweens, and Kaisers after more than 103,000 gallons of raw sewage leaked into Palolo Steam from an intentionally clogged sewer line. Authorities continued to unclog the manhole which was deliberately plugged with clothes and tricycle parts. Source: http://www.staradvertiser.com/news/breaking/20140722_Maliciously_clogged_Palolo_manhole_sends_sewage_to_ocean.html

  · A July 22 fire at the Animo South Los Angeles Charter High School in California caused extensive damage to the building after a partial roof collapse. – KTLA 5 Los Angeles

20. July 22, KTLA 5 Los Angeles – (California) Fire causes roof collapse at Charter school in south Los Angeles area. A July 22 fire at the Animo South Los Angeles Charter High School in California caused extensive damage to the building after a partial roof collapse. Green Dot Public Schools announced that a contingency plan would be in place once classes begin August 12. Source: http://ktla.com/2014/07/22/massive-fire-causes-roof-collapse-at-los-angeles-charter-school/

  · Data collected and analyzed by CloudPhysics found that 40 percent of organizations surveyed remain vulnerable to the Heartbleed vulnerability in OpenSSL. – Help Net Security See item 30 below in the Information Technology Sector


Financial Services Sector

6. July 22, WIVB 4 Buffalo – (New York; Pennsylvania) Three charged in $850K credit card scheme. Three individuals were charged with using information from 95 credit card accounts to allegedly make fraudulent purchases from retail stores in Pennsylvania and New York between July 2013 and February 2014, which cost financial institutions over $850,000. One of the accused allegedly solicited three other individuals previously charged to make the purchases. Source: http://wivb.com/2014/07/22/three-charged-in-850k-credit-card-scheme/

7. July 22, U.S. Securities and Exchange Commission – (International) Spanish trader agrees to pay disgorgement and a penalty to settle insider trading case. A Spanish citizen and former official at Banco Santander agreed to pay around $2 million to settle U.S. Securities and Exchange Commission charges that he traded on inside information ahead of the public announcement that the Banco Santander would advise and help underwrite BHP Billiton’s proposed acquisition of Potash Corporation. The settlement includes the disgorgement of $960,806 in illicit profits and a $960,806 in civil penalties. Source: http://www.sec.gov/litigation/litreleases/2014/lr23048.htm

Information Technology Sector

28. July 23, The Register – (International) Android ransomware demands 12x more cash, targets English-speakers. Researchers at ESET identified a new version of the Simplocker ransomware for Android that displays a fake law enforcement ransom note in English and demands a higher ransom than previous versions that were written in Russian and demanded payment in Ukrainian hryvnias. The new version of the ransomware contains additional features such as the encryption of more types of files on victims’ devices and actions that make it more difficult to remove. Source: http://www.theregister.co.uk/2014/07/23/android_ransomware_simplocker_revamp/

29. July 23, Securityweek – (International) Mozilla fixes 11 vulnerabilities with release of Firefox 31. Mozilla released new versions of its Firefox Web browser and Thunderbird email client July 22, closing 11 vulnerabilities, including 3 rated as critical. Source: http://www.securityweek.com/mozilla-fixes-11-vulnerabilities-release-firefox-31

30. July 23, Help Net Security – (International) 40% of orgs running VMware still susceptible to Heartbleed. Data collected and analyzed by CloudPhysics found that 57 percent of deployed VMware vCenter servers and 58 percent of ESXi hypervisor hosts remain vulnerable to the Heartbleed vulnerability in OpenSSL, affecting 40 percent of organizations in the CloudPhysics data set. Source: http://www.net-security.org/secworld.php?id=17159

31. July 23, Help Net Security – (International) Internet Explorer vulnerabilities increase 100%. An analysis by Bromium Labs surveyed vulnerabilities in popular Web browsers and common software and found that vulnerabilities in Internet Explorer increased by more than 100 percent in the first quarter of 2014. Other findings included that Action Script Sprays were leveraged in zero day attacks and that zero day vulnerabilities in Java have declined greatly in the first quarter of 2014 compared to 2013. Source: http://www.net-security.org/secworld.php?id=17158

Communications Sector

32. July 22, KQCD 7 Dickinson – (National) Internet outage affects Midcontinent customers. About 30,000 Midcontinent Communications business and residential customers experienced a 2-hour Internet outage July 22 due to a problem with one of the cards on a mid-ring that provides services to the network. Source: http://www.kqcd.com/story/26084497/internet-outage-affects-midcontinent-customers

Wednesday, July 23, 2014





Complete DHS Report for July 23, 2014

Daily Report

Top Stories



· Sysco Corporation entered into an agreement with the State of California and will pay $19.4 million in restitution settle reports that the company stored over 400,000 meat, produce, and dairy products in unsafe conditions. – Food Poisoning Bulletin


11. July 20, Food Poisoning Bulletin – (California) Sysco pays $19.4 million for dangerous food storage practices. Sysco Corporation entered into an agreement with the State of California and will pay $19.4 million in restitution settle reports that the company stored over 400,000 meat, produce, and dairy products in unsafe conditions, including unrefrigerated and dirty storage units, between July 2009 and August 2013. An investigation by health officials also revealed that the products were delivered to restaurants, hospitals, and schools in unrefrigerated cars, and there were 25 unregistered and unrefrigerated drop sites from Sacramento to San Diego. Source: http://foodpoisoningbulletin.com/2014/sysco-pays-19-4-million-for-dangerous-food-storage-practices/

 · Crews reached 75 percent containment July 21 of the Buzzard Complex series of fires after it burned 396,000 acres in Oregon. – KGW 8 Portland; Associated Press



16. July 21, KGW 8 Portland; Associated Press – (Oregon) Oregon’s largest fire complex 396,000 acres. Crews reached 75 percent containment July 21 of the Buzzard Complex after burning 396,000 acres in Oregon. Fire departments worked to contain several other complex fires in the State that combined burned more than 200,000 acres by July 20. Source: http://www.kgw.com/news/Largest-Oregon-wildfire-burning-nearly-400000-acres-267962211.html

 · Police are searching for two masked robbers that stole over $180,000 from the Caesars Atlantic City casino in New Jersey July 21. – WCAU 10 Philadelphia



22. July 22, WCAU 10 Philadelphia – (New Jersey) Masked robbers steal over $180K from Caesars casino. Police are searching for two masked robbers that stole over $180,000 from the Caesars Atlantic City casino in New Jersey July 21 when at least one suspect brandished a gun and both individuals stole two plastic cash boxes holding the money. Source: http://www.nbcphiladelphia.com/news/local/Masked-Robbers-Steal-Over-180K-From-Caesars-Casino-268027331.html

 · Authorities are investigating the cause of a 3-alarm fire that damaged or destroyed 35 units and affected 15 more at a Houston apartment complex July 21, displacing up to 135 residents. – KPRC 2 Houston



24. July 21, KPRC 2 Houston – (Texas) Dozens displaced after 3-alarm apartment fire in northwest Houston. Authorities are investigating the cause of a 3-alarm fire that damaged or destroyed 35 units and affected 15 more at a Houston apartment complex July 21. No injuries were reported and up to 135 residents were displaced by the blaze. Source: http://www.click2houston.com/news/breaking-3alarm-apartment-fire-in-northwest-houston/27052920

Financial Services Sector

2. July 22, Securityweek – (International) Attackers bypass 2FA systems used by banks in ‘Operation Emmental’. Researchers with Trend Micro released a report July 22 detailing a cybercrime campaign targeting banks in Europe and Japan dubbed “Operation Emmental” that uses computer and Android mobile device malware to steal users’ banking credentials and two-factor authentication (2FA) tokens. The malware used in the campaign can install fake Secure Sockets Layer (SSL) certificates, delete itself after use, and perform other actions to trick users. Source: http://www.securityweek.com/attackers-bypass-2fa-systems-used-banks-operation-emmental

3. July 21, Krebs on Security – (National) Banks: Card breach at Goodwill Industries. Goodwill Industries stated that it is working with the U.S. Secret Service to investigate a possible breach of payment card data from some of its U.S. stores. The company stated that it became aware of a possible breach July 18 after they were contacted by a payment card industry fraud investigation unit and federal authorities. Source: http://krebsonsecurity.com/2014/07/banks-card-breach-at-goodwill-industries/


4. July 21, KVTK 3 Phoenix – (California) 147 fraudulent debit, credit cards seized; 2 people arrested. Two people were arrested July 21 in Blythe, California, by Yuma Sector Border Patrol agents after 147 fraudulent debit and pre-paid cards were found during a vehicle stop. Source: http://www.azfamily.com/news/147-fraudulent-debit-credit-cards-seized-2-people-arrested-267992761.html

5. July 21, NextGov – (National) Significant deficiencies found in Treasury’s computer security. Two reports by the Government Accountability Office released the week of July 14 found new computer security vulnerabilities at the U.S. Department of the Treasury’s Bureau of Fiscal Service and existing security issues at the Federal Deposit Insurance Corporation that remain unaddressed from 2012 which could compromise reporting efficiency or the security of data. Source: http://www.nextgov.com/cybersecurity/2014/07/significant-deficiencies-found-treasurys-computer-security/89144/
  
Information Technology Sector

20. July 22, Securityweek – (International) iOS backdoors expose personal data: Researcher. A security researcher presenting at a security conference reported that Apple’s iOS mobile operating system contains several undocumented services which could be used in some circumstances to access email, location data, media, and other personal data. Apple stated that the services are used for diagnostic purposes and can only be used to access data with user approval. Source: http://www.securityweek.com/ios-backdoors-expose-personal-data-researcher

21. July 21, V3.co.uk – (International) Fresh threat to critical infrastructure found in Havex malware. Researchers at FireEye analyzed a variant of the Havex malware (also known as Fertger or Peacepipe) and found that it contained an open-platform communication (OPC) scanner that could be used to target supervisory control and data acquisition (SCADA) systems used by several industries, including power plants and water utilities. Source: http://www.v3.co.uk/v3-uk/news/2356410/fresh-threat-to-critical-infrastructure-found-in-havex-malware

Communications Sector

Nothing to report