Monday, June 30, 2014




Complete DHS Report for June 30, 2014

Daily Report

Top Stories

 • A leak from a tank of liquid petroleum in Tequesta, Florida that began June 26 due to an issue with the pressure release valve was sealed June 27 and residents of roughly 600 homes were allowed to return after 12 hours. – WPTV 5 West Palm Beach

1. June 27, WPTV 5 West Palm Beach – (Florida) Tequestra propane leak finally sealed after 12 hours; thousands of residents allowed to return home. Officials announced that a leak from an AmeriGas-owned 30,000-gallon tank of liquid petroleum in Tequesta that began June 26 due to an issue with the pressure release valve was sealed June 27. Residents of roughly 600 homes were allowed to return after 12 hours and fire rescue authorities reported that air quality levels were safe. Source: http://www.wptv.com/news/region-n-palm-beach-county/tequesta/a-propane-leak-in-tequesta-forces-thousands-to-evacuate

  • The improper storage of materials caused a chemical release at the New Life Chemical and Equipment Inc. plant in Greenville City, South Carolina, June 27 and prompted a 6-hour evacuation of homes and businesses in the area. – WYFF 4 Greenville

7. June 27, WYFF 4 Greenville – (South Carolina) All clear given after hazardous situation at plant. Authorities responded to the New Life Chemical and Equipment Inc., plant in Greenville City June 27 after sodium hydrosulfate was stored in the wrong container and was exposed to humidity, creating a chemical release. Homes and businesses were voluntarily evacuated for about 6 hours as a precaution while crews snuffed out the smoking chemical with soda ash. Source: http://www.wyff4.com/news/dispatch-chemical-fire-reported-in-greenville/26690862

  • The Caruthersville, Missouri City Hall was closed through June 27 after a man entered the city’s water department office and stabbed an employee 13 times June 26 due to his water service being shut off. –KFVS 12 Cape Girardeau 

24. June 27, KFVS 12 Cape Girardeau – (Missouri) Caruthersville man facing multiple charges after city employee stabbed. The Caruthersville, Missouri City Hall was closed through June 27 after a man entered the city’s water department office and stabbed an employee 13 times June 26 due to his water service being shut off. Police arrested the man at his home, who confessed to the crime. Source: http://www.kfvs12.com/story/25880050/police-investigate-stabbing-at-caruthersville-city-hall

 • Researchers revealed that an integer overflow bug in the Lempel-Ziv-Oberhumer compression and decompression algorithm has been present for as long as 20 years, leaving software using the algorithm vulnerable to remote code execution and denial of service attacks. – Softpedia See item 31 below in the Information Technology Sector


Financial Services Sector

10. June 27, Associated Press – (National) FBI: 9 charged in $15 million Tenn. fake coal company fraud scheme. The FBI stated that nine individuals from five States were charged with allegedly defrauding investors of $15 million by soliciting investments in a coal mining company based in Johnson City, Tennessee, that does not exist. Source: http://www.lex18.com/news/fbi-9-charged-in-15-million-tenn-fake-coal-company-fraud-scheme/

For another story, see item 28 below in the Information Technology Sector

Information Technology Sector

28. June 27, Securityweek – (International) Pony Loader 2.0 malware source code for sale. Researchers with Damballa stated that the source code for version 2.0 of the Pony Loader information-stealing trojan has been seen for sale in underweb markets. The trojan was offered for sale starting in May and allows attackers to steal information such as passwords as well as virtual currency such as Bitcoin and others. Source: http://www.securityweek.com/pony-loader-20-malware-source-code-sale

29. June 27, The Register – (International) Android SMS worm punts dodgy downloads…from your MATES. AdaptiveMobile researchers reported finding a piece of Android malware known as Selfmite that spreads like a worm by sending out SMS messages to infected users’ contacts that contain a link that attempts to get users to install the Mobogenie app in a likely pay-per-install scheme. The malware was first observed on mobile networks in the U.S. and has since spread to several other countries. Source: http://www.theregister.co.uk/2014/06/27/selfmite_android_self_replicating_sms_worm/

30. June 27, Securityweek – (International) RIG Exploit Kit used in Flash-based malvertising campaign. Researchers with Malwarebytes stated June 26 that they have detected a malvertising campaign that attempts to lure users to a malicious Web site containing the RIG Exploit Kit, which then attempts to use Adobe Flash and Microsoft Silverlight vulnerabilities to spread a trojan identified a Trojan.Agent.ED. Source: http://www.securityweek.com/rig-exploit-kit-used-flash-based-malvertising-campaign

31. June 27, Softpedia – (International) LZO algorithm patched after 20 years. The CEO of Lab Mouse Security revealed that an integer overflow bug in the Lempel-Ziv-Oberhumer (LZO) compression and decompression algorithm has been present for as long as 20 years, leaving software using the algorithm vulnerable to remote code execution and denial of service attacks. The algorithm has been integrated into a variety of software, including the Linux kernel, some Android phones, medical equipment, and others, though the variety of applications means that attackers would need to build custom malicious payloads in order to exploit the issue. Source: http://news.softpedia.com/news/LZO-Algorithm-Patched-After-20-Years-448641.shtml

32. June 27, The Register – (International) Yet another WordPress vuln: Image furtler plugin lets BADNESS in. Security researchers warned users of the TimThumb plugin for Wordpress that a vulnerability exists in the plugin that could allow attackers to inject code or create, remove, and modify files. The vulnerability exists in the plugin’s Webshot option, which is turned off by default. Source: http://www.theregister.co.uk/2014/06/27/wordpress_0day/

 33. June 26, Softpedia – (International) VMware implements Apache Struts security fixes in vCOps. VMware released an update for its vCenter Operations Management Suite (vCOps) that close several vulnerabilities affecting the Apache Struts Java application framework. Source: http://news.softpedia.com/news/VMware-Implements-Apache-Struts-Security-Fixes-in-vCOps-448501.shtml

 Communications Sector

34. June 26, Radioink.com – (Pennsylvania) Poorly fenced-in antennas turn into $12,000 fine. The Federal Communications Commission fined Birach Broadcasting in Canonsburg $12,000 for failing to properly enclose WWCS-AM’s two antenna structures due to the fence being in need of repair and the company not properly reporting or completing the repair. Source: http://www.radioink.com/article.asp?id=2808541&spid=24698

For another story, see item 29 above in the Information Technology Sector

Friday, June 27, 2014




Complete DHS Report for June 27, 2014

Daily Report

Top Stories

 • An Indianapolis, Indiana man pleaded guilty June 25 to defrauding 5,000 investors from 50 countries by running a fake credit union, costing investors around $15 million. – Associated Press See item 5 below in the Financial Services Sector


 • Regions Bank and the U.S. Securities and Exchange Commission stated June 25 that the bank agreed to pay a $51 million penalty to end an inquiry where three former senior bank executives were charged with intentionally misclassifying $168 million in commercial loans in 2009. – Birmingham News See item 7 below in the Financial Services Sector


 • Albertsons was ordered June 24 to pay $3.4 million in penalties to settle allegations that the grocery store chain illegally transported, stored, managed, and disposed of hazardous waste at its 188 stores and distribution centers in California. – Los Angeles Times 

20. June 24, Los Angeles Times – (California) Albertsons to pay $3.4 million to settle illegal disposal case. Albertsons was ordered June 24 to pay $3.4 million in penalties to settle allegations that the grocery store chain illegally transported, stored, managed, and disposed of hazardous waste at its 188 stores and distribution centers in California. Waste generated at the locations included over-the-counter medications, pharmaceuticals, aerosol products, ignitable liquids, batteries, electronic devices, pool chemicals and other products. Source: http://www.latimes.com/local/lanow/la-me-ln-albertsons-settlement-20140624-story.html

 • Heavy rains June 23 caused about 300,000 gallons of partially treated wastewater to overflow onto the grounds of the Port Wentworth, Georgia water treatment plant adjacent to the Savannah National Wildlife Refuge. – Savannah Morning News

21. June 26, Savannah Morning News – (Georgia) Heavy rain triggers major sewage spill in Port Wentworth. Heavy rains June 23 caused about 300,000 gallons of partially treated wastewater to overflow onto the grounds of the Port Wentworth water treatment plant adjacent to the Savannah National Wildlife Refuge. The same storm caused an additional 9,100 gallons of sewage to spill at a lift station in Port Wentworth. Source: http://savannahnow.com/news/2014-06-25/heavy-rain-triggers-major-sewage-spill-port-wentworth

Financial Services Sector

4. June 26, Help Net Security – (International) Data breaches in 2013 exposed 14% of all debit cards. PULSE released the results of a study which found that 14 percent of debit cards from institutions in the study were affected by data breaches in 2013, and that consumers are continuing to shift to electronic payments, among other findings. Source: http://www.net-security.org/secworld.php?id=17055

5. June 25, Associated Press – (International) Indiana man pleads guilty in fake credit union. An Indianapolis man pleaded guilty June 25 to defrauding 5,000 investors from 50 countries by running a fake credit union, Oxford International Credit Union, costing investors around $15 million. Source: http://www.wsbt.com/news/local/indiana-man-pleads-guilty-in-fake-credit-union/26667086

6. June 25, Associated Press – (California) 13 arrested in scheme to stage car crashes for insurance money. Thirteen people were arrested June 25 for their alleged involvement in a Riverside County-based auto insurance fraud scheme that staged fake accidents or submitted fraudulent accident reports, costing insurers over $300,000. Source: http://losangeles.cbslocal.com/2014/06/25/13-arrested-for-allegedly-staging-car-crashes-for-insurance-money/

7. June 25, Birmingham News – (Alabama) Regions Bank to pay $51 million for 2009 fraud by executives. Regions Bank and the U.S. Securities and Exchange Commission stated June 25 that the bank agreed to pay a $51 million penalty to end an inquiry where three former senior bank executives were charged with intentionally misclassifying $168 million in commercial loans in 2009. Source: http://www.al.com/business/index.ssf/2014/06/regions_bank_to_pay_51_million.html

8. June 25, Reuters – (National) U.S. brokerage must pay athletes $13.7 mln for Ponzi fraud - FINRA. The Financial Industry Regulatory Authority (FINRA) stated June 25 that it ordered Success Trade Securities and its CEO to be ejected from the securities industry and repay $13.7 million in restitutions to investors that were defrauded in an alleged Ponzi scheme. FINRA found that the CEO and company sold investors $19.4 million in promissory notes by misrepresenting or omitting information in order to hide the company’s dire financial condition. Source: http://www.reuters.com/article/2014/06/25/wealth-investment-fraud-idUSL2N0P61LK20140625

9. June 25, U.S. Securities and Exchange Commission – (New York) SEC charges former brokers with trading ahead of IBM-SPSS acquisition. The U.S. Securities and Exchange Commission filed charges in federal court in New York City June 25 against two former traders for allegedly trading on nonpublic information ahead of the 2009 acquisition of SPSS Inc., by IBM Corporation. The charges allege that the accused made around $300,000 in illicit profits and seeks the return of the ill-gotten gains. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370542161708

10. June 24, Nashville Tennessean – (National) S.C. lawyer charged in Springfield insurance fraud case. A Blythewood, South Carolina lawyer was charged June 24 for allegedly aiding other defendants in a $28 million fraud scheme that sold fake health insurance policies to over 17,000 people across the country. Six others were previously charged in the alleged fraud ring. Source: http://www.tennessean.com/story/money/2014/06/24/sc-lawyer-charged-springfield-insurance-fraud-case/11336509/

For another story, see item 28 below from the Commercial Facilities Sector

28. June 25, Greenwich Time – (Connecticut) Splash Car Wash reports security breach. Splash Car Wash stated June 25 that the company experienced a payment card breach that affected around 1,400 customers at several of its locations, including Fairfield, Shelton, Greenwich, Cos Cob, Bridgeport, and West Haven. The company stated that malware was found on company systems and stole financial information between February 28 and May 16. Source: http://www.greenwichtime.com/business/article/Splash-Car-Wash-reports-security-breach-5579561.php

 Information Technology Sector

23. June 26, NetworkWorld – (International) Hackers found controlling malware and botnets from the cloud. Researchers at Trend Micro released a blog post detailing the company’s findings regarding botnets and malware being hosted and controlled through cloud servers. The researchers reported that they observed a malicious command and control server hosted on DropBox in order to disguise its traffic as legitimate corporate traffic, among other findings. Source: http://www.networkworld.com/article/2369887/cloud-security/hackers-found-controlling-malware-and-botnets-from-the-cloud.html

24. June 25, Securityweek – (International) 22 vulnerabilities found in Oracle Database Java VM implementation. Security Explorations researchers reported finding 22 vulnerabilities affecting the Java Virtual Machine implementation used in Oracle Database which can be leveraged by an attacker to escalate privileges and execute arbitrary Java code on vulnerable Oracle Database servers. Six of the vulnerabilities have been fixed in the main codeline and are scheduled for a future Critical Patch Update. Source: http://www.securityweek.com/22-vulnerabilities-found-oracle-database-java-vm-implementation

Communications Sector

Nothing to report