Complete DHS Report for July 30, 2014
Daily Report
Top Stories
· One
subcontractor was killed and three others were injured July 28 when the top
blew off a fish oil storage tank under repair at the Omega Protein fish
processing facility in Moss Point, Mississippi, prompting a 2-day closure of
the plant. – Jackson Clarion-Ledger
10.
July 28, Jackson Clarion-Ledger –
(Mississippi) Mississippi fish oil plant explosion kills 1, injures 3. One
subcontractor was killed and three others were injured July 28 when the top
blew off a fish oil storage tank under repair at the Omega Protein fish
processing facility in Moss Point. The facility was closed through July 30
while authorities investigate the incident. Source: http://www.usatoday.com/story/news/nation/2014/07/28/mississippi-fish-oil-plant-explosion/13285737
· Seven East Bay,
California communities and the East Bay Municipal Utility District reached an
agreement with the U.S. Environmental Protection Agency July 28 to pay $1.5
million in fines for past sewage discharges into the San Francisco Bay. – U.S.
Department of Justice
16.
July 28, U.S. Department of Justice –
(California) Historic clean water act settlement will prevent millions of
gallons of sewage discharges into San Francisco Bay. Seven East Bay
communities and the East Bay Municipal Utility District reached an agreement
with the U.S. Environmental Protection Agency July 28 to pay $1.5 million in
fines for past sewage discharges into the San Francisco Bay. The district and
the communities will also upgrade their 1,500 mile-long sewer system over a
21-year period in order to help eliminate millions of gallons of sewage
overflows. Source: http://www.justice.gov/opa/pr/2014/July/14-enrd-790.html
· Data was
stolen from a National Oceanic and Atmospheric Administration (NOAA)
contractor’s personal computer in 2013, which allowed a hacker to extract data
from NOAA’s National Environmental Satellite, Data, and Information Service system
through a remote connection. – Nextgov
23.
July 28, Nextgov – (National) Hacker
breached NOAA satellite data from contractor’s PC. A report released by the
Office of the Inspector General found that satellite data was stolen from a
National Oceanic and Atmospheric Administration (NOAA) contractor’s personal
computer in 2013, which allowed a hacker to extract data from NOAA’s National
Environmental Satellite, Data, and Information Service system through a remote
connection. The report found the administration had several security
deficiencies and security bugs in its satellite software that remained unfixed,
among other findings. Source: http://www.nextgov.com/cybersecurity/2014/07/hacker-breached-noaa-satellite-data-contractors-pc/89771/
· Police are
searching for two suspects connected to a July 28 shooting in the parking lot
of the Northwoods Mall in North Charleston, South Carolina, which prompted the
mall to go on lockdown for about 5 hours and injured one person. – WCSC 5
Charleston
29.
July 29, WCSC 5 Charleston – (South
Carolina) NCPD: Teenage suspects identified in mall shooting, search
underway. Police are searching for two suspects believed to be connected to
a July 28 shooting in the parking lot of the Northwoods Mall in North
Charleston which prompted the mall to go on lockdown for about 5 hours while a
SWAT team cleared the scene. One person was injured in the incident. Source: http://www.foxcarolina.com/story/26130308/dispatch-police-responding-to-report-of-shooting-at-northwoods-mall
Financial Services Sector
5. July
29, U.S. Commodity Futures Trading Commission – (National) CFTC
charges J.P. Morgan Securities LLC with repeatedly submitting inaccurate large
trader reports and imposes a $650,000 civil monetary penalty. J.P. Morgan
Securities LLC, a subsidiary of JPMorgan Chase & Co., agreed July 29 to pay
$650,000 in penalties to resolve charges by the U.S. Commodity Futures Trading
Commission that it submitted inaccurate reports about positions held by certain
large traders. Source: http://www.cftc.gov/PressRoom/PressReleases/pr6968-14
6. July
28, WWJ 62 Detroit – (Michigan) $11K reward offered for help to
catch Dearborn serial bank robber. Authorities asked for the public’s help
in identifying a serial bank robber who has robbed three separate banking
institutions in Dearborn between May and July. Source: http://detroit.cbslocal.com/2014/07/28/11k-reward-offered-for-help-to-catch-dearborn-serial-bank-robbery/
For another story, see item 21 below
from the Government Facilities Sector
21. July
28, St. Louis Post-Dispatch – (Missouri) Ballwin woman gets 51
months for Medicare fraud, bank fraud. A Ballwin woman was sentenced July
28 and ordered to pay $200,000 in restitution after pleading guilty to
directing nurses and staff from her healthcare company, Better Way Home Care in
Ellisville, to boost billing by falsifying hundreds of records to inflate the
number of therapy visits to patients and directed them to document false
diagnoses and exaggerate patients’ conditions in order to defraud Medicare.
Source: http://www.stltoday.com/news/local/crime-and-courts/ballwin-woman-gets-months-for-medicare-fraud-bank-fraud/article_15b95383-2e8d-5533-aa40-0cb2226313af.html
Information Technology Sector
25. July 29, The Register – (International) Only ‘3% of web servers in tops corps’
fully fixed after Heartbleed snafu. A study by Venafi Labs found that only
3 percent of machines have been fully protected against the Heartbleed Open SSL
vulnerability which includes patching servers and changing private keys, as
well as being issued with new SSL certificates and having the old ones revoked.
Source: http://www.theregister.co.uk/2014/07/29/only_3_of_top_firms_fully_patched_against_heartbleed_flaw/
26. July 28, Securityweek – (International) Cybercriminals abuse Amazon cloud to
host Linux DDoS Trojans. Kaspersky Lab reported that Amazon cloud services
and other companies are being abused by cybercriminals to host distributed
denial of service (DDoS) bots, including a sophisticated Linux trojan capable
of conducting domain name system (DNS) amplification DDoS attacks. The
attackers are able to access the servers by exploiting vulnerabilities in
versions 1.1.x of Elasticsearch. Source: http://www.securityweek.com/cybercriminals-abuse-amazon-cloud-host-linux-ddos-trojans
27. July 28, Securityweek – (International) Kaspersky analyzes distribution
network for Koler mobile ransomware. Kaspersky Lab published findings on
the Koler ransomware which targets Android and Internet Explorer users stating
that dozens of automatically generated sites redirect traffic to a central hub
using a traffic distribution system where users are again redirected. The
distribution infrastructure relies on a network of at least 48 malicious adult
Web sites linked to Keitaro traffic redirection system. Source: http://www.securityweek.com/kaspersky-analyzes-distribution-network-koler-mobile-ransomware
28. July 28, Softpedia – (International) I2P networking tool patched against
de-anonymization. Developers of the I2P network released the 0.9.14 patch
which integrates repairs for cross-site-scripting (XSS) and remote execution
vulnerabilities addressing flawed components in Tails operating system enabling
de-anonymization of a client. The release contains several bug fixes in
i2ptunnel, i2psnark, and other updates. Source: http://news.softpedia.com/news/I2P-Networking-Tool-Patched-Against-De-Anonymization-452464.shtml
For another story, see item 23 above in Top Stories
Communications Sector
See
item 24 below from the Emergency Services Sector
24. July 28, Ashville Citizen-Times – (North Carolina) Landline phone outage reported in Cherokee County. Emergency 9-1-1 service was down indefinitely in Cherokee County, North Carolina, July 28 due to a Frontier Communications’ landline outage. Source: http://www.citizen-times.com/story/news/local/2014/07/28/landline-phone-outage-reported-cherokee-county/13280621/
No comments:
Post a Comment