Friday, February 21, 2014




Complete DHS Report for February 21, 2014

Daily Report

Details

 • Four people sought treatment for symptoms while nearly 2,000 residents of Northwood, Iowa, were evacuated after a chemical fire broke out at a fertilizer storage facility on the grounds of the Northwood Municipal Airport February 20. – Waterloo Cedar Falls Courier

2. February 20, Waterloo Cedar Falls Courier – (Iowa) Four seek treatment after Northwood fire; hospital on alert for more. Nearly 2,000 residents of the city of Northwood were evacuated and a section of Highway 105 was blocked off after a chemical fire broke out at a fertilizer storage facility located on the grounds of the Northwood Municipal Airport February 20. Four residents were treated at an area hospital for exposure. Source: http://wcfcourier.com/news/local/update-four-seek-treatment-after-northwood-fire-hospital-on-alert/article_592abb8c-9a4b-11e3-9423-0019bb2963f4.html

 • Phoenix-based Banner Health suffered a widespread computer outage February 19 that forced hospitals and doctors in several States to use a backup paper system to provide care for patients. – Arizona Republic

17. February 19, Arizona Republic – (Arizona; Colorado; Nevada) Computer woes slam Banner hospital staffs. Phoenix-based Banner Health suffered a widespread computer outage February 19 that forced hospitals and doctors in Arizona, Colorado, and Nevada to use a backup paper system to provide care for patients. The health system worked to reboot its computer systems through a series of sequential fixes in order to restore service. Source: http://www.azcentral.com/business/consumer/articles/20140219banner-health-widespread-computer-outage.html

 • The University of Maryland reported that its records database was breached February 18 when an outside source gained access to 309,079 personal records for faculty, staff, and students who have received identification cards. – Washington Post

21. February 19, Washington Post – (Maryland) U-Md computer security attack exposes 300,000 records. Officials from the University of Maryland reported that the university’s secure records database was breached February 18 when an outside source gained access to 309,079 personal records for faculty, staff, and students who have received identification cards at the school dating back to 1998. Authorities are investigating the breach, which included Social Security numbers, dates of birth, and names. Source: http://www.washingtonpost.com/local/college-park-shady-grove-campuses-affected-by-university-of-maryland-security-breach/2014/02/19/ce438108-99bd-11e3-80ac-63a8ba7f7942_story.html

 • Microsoft released a security advisory and a Fix it tool temporarily mitigating the IE zero-day vulnerability actively exploited in attacks in the wild until a patch is released. – Help Net Security See item 26 below in the Information Technology Sector

Financial Services Sector

Nothing to report

Information Technology Sector

26. February 20, Help Net Security – (International) Microsoft issues Fix it for critical IE 0-day exploited in attacks. Microsoft released a security advisory and a Fix it tool temporarily mitigating the IE zero-day vulnerability actively exploited in attacks in the wild until a patch is released. Source: http://www.net-security.org/secworld.php?id=16392

27. February 20, IDG News Service – (International) Cisco fixes flaws in several products. Cisco Systems released security updates addressing serious vulnerabilities in a range of products including its Unified Computing System (UCS) Director, Intrusion Prevention System, Unified SIP Phone 3905, and Firewall Services module products. Source: http://www.computerworld.com/s/article/9246466/Cisco_fixes_flaws_in_several_products

28. February 20, Help Net Security – (International) Major vulnerability in Tinder dating app allowed user tracking. Tinder issued a fix for a vulnerability found in its app which allowed users to potentially track each other’s exact geo-location for much of 2013. Source: http://www.net-security.org/secworld.php?id=16391

Communications Sector

Nothing to report