Wednesday, April 2, 2014




Complete DHS Report for April 2, 2014

Daily Report

Details

 • An explosion at the Williams Northwest Pipeline natural gas processing facility near Plymouth, Washington, left 5 workers injured and prompted the voluntary evacuation of roughly 400 people from nearby homes and farms while the plant emitted a cloud of black smoke March 31. – Associated Press

2. March 31, Associated Press – (Washington) Blast rocks Washington gas plant; 5 workers hurt. An explosion at the Williams Northwest Pipeline natural gas processing facility near Plymouth, Washington, left 5 workers injured and prompted the voluntary evacuation of roughly 400 people from nearby homes and farms while the plant emitted a cloud of black smoke March 31. The explosion sparked a fire and punctured one of the facility’s liquefied natural gas storage tanks, allowing a small amount of gas to leak to a containment area. Source: http://www.miamiherald.com/2014/03/31/4030349/1-hurt-in-natural-gas-blast-at.html

 • General Motors announced March 31 that it is recalling 1.3 million Chevrolet, Saturn, and Pontiac vehicles from model years between 2004 and 2010 due to faulty power steering units. – Yahoo Autos

9. March 31, Yahoo Autos – (National) GM recalls 1.3 million cars for power steering defect already fixed once. General Motors announced March 31 that it is recalling 1.3 million Chevrolet, Saturn, and Pontiac vehicles from model years between 2004 and 2010 due to faulty power steering units. The defect was the target of a previous recall that included a smaller amount of vehicles equipped with the faulty units. Source: https://autos.yahoo.com/blogs/motoramic/gm-recalls-1-6-million-cars-for-power-steering-defect-already-fixed-once-205009529.html

 • A fight between 2 gangs at the Hinds County Detention Center in Raymond, Mississippi, left 1 inmate dead and at least 5 others injured March 31. – WAPT 16 Jacksonville

27. April 1, WAPT 16 Jackson – (Mississippi) Inmate stabbed to death in jail gang fight; Body found in cell. A fight between 2 gangs at the Hinds County Detention Center in Raymond left 1 inmate dead and at least 5 others injured March 31. The jail resumed accepting new inmates April 1. Source: http://www.wapt.com/news/disturbance-shuts-down-hinds-county-jail/25257500

 • Researchers at Symantec reported finding 487 groups actively using the njRAT remote access trojan (RAT) for malicious uses, with around 24,000 machines infected worldwide. – V3.co.uk See item 33 below in the Information Technology Sector

Financial Services Sector

11. March 31, Los Angeles Times – (California) Two men accused of trading on inside information from their wives. Two California men accused by the U.S. Securities and Exchange Commission (SEC) of engaging in insider trading using nonpublic information overheard from their spouses agreed to settlements with the SEC to resolve the charges. A Los Gatos man agreed to pay $300,000 to settle charges of trading on nonpublic information concerning Oracle Corp., and Acme Packet Inc., while a San Jose man agreed to pay $280,000 over allegedly shorting Informatica stocks based on nonpublic information ahead of an earnings report. Source: http://www.latimes.com/business/money/la-fi-mo-two-men-accused-of-trading-on-their-wives-inside-information-20140331,0,875774.story

12. March 31, Press of Atlantic City – (New Jersey) Pair arrested at Borgata in $500,000 credit card-fraud scheme. Two New York men were arrested March 29 in Atlantic City and charged with running a credit card fraud scheme that allegedly used fraudulent credit cards to purchase prepaid debit cards, with around $500,000 in funds then deposited into the suspects’ American Express accounts. Source: http://www.pressofatlanticcity.com/news/breaking/pair-arrested-at-borgata-in-credit-card-fraud-scheme/article_ca78d95a-b8ea-11e3-a5cb-001a4bcf887a.html

13. March 31, Cherry Hill Patch – (New Jersey) Voorhees man pleads guilty to over $1 million in insurance fraud. A former insurance broker at Aconorate Insurance Agency in Hammonton pleaded guilty to his role in the company’s defrauding of over $1 million from commercial liability insurance clients by inflating premiums between June 2004 and July 2006. Source: http://cherryhill.patch.com/groups/police-and-fire/p/voorhees-man-pleads-guilty-to-over-1-million-in-insurance-fraud

Information Technology Sector

31. April 1, Softpedia – (International) Experts unhappy with Oracle’s Java Cloud patching process, vulnerability details published. Researchers at Security Explorations published details of 30 vulnerabilities in Oracle Java Cloud Service, about half of which can be used to break the Java security sandbox. The vulnerabilities were previously reported to Oracle in January. Source: http://news.softpedia.com/news/Experts-Unhappy-with-Oracle-s-Java-Cloud-Patching-Process-Vulnerability-Details-Published-435125.shtml

32. April 1, IDG News Service – (International) CryptoDefense ransomware leaves decryption key accessible. Symantec researchers analyzed the CryptoDefense encryption ransomware and found that the decryption key needed to undo the malware’s file encryption is also left on the victim’s computer, potentially allowing victims to decrypt the files held for ransom themselves. Source: http://www.computerworld.com/s/article/9247348/CryptoDefense_ransomware_leaves_decryption_key_accessible

33. April 1, V3.co.uk – (International) Middle Eastern hackers use remote access trojan to infect 24,000 machines worldwide. Researchers at Symantec reported finding 487 groups actively using the njRAT remote access trojan (RAT) for malicious uses, with around 24,000 machines infected worldwide. Symantec reported that most attacks using njRAT originate in the Middle East and that the majority of the RAT’s command and control servers are located in the Middle East and North Africa. Source: http://www.v3.co.uk/v3-uk/news/2337382/middle-eastern-hackers-use-remote-access-trojan-to-infect-24-000-machines-worldwide

34. April 1, Softpedia – (International) Email marketing service Mad Mimi hit by DDoS attacks, blackmailed. Email marketing service Mad Mimi reported that it was the target of a distributed denial of service (DDoS) attack March 30, which caused intermittent issues. An attack claiming to be behind the DDoS attack demanded a ransom to stop the attack but was refused. Source: http://news.softpedia.com/news/Email-Marketing-Service-Mad-Mimi-Hit-by-DDOS-Attacks-Blackmailed-435152.shtml

35. March 31, SC Magazine – (International) Smartphones at risk of malicious code injection through HTML5-based apps. Researchers at Syracuse University published a paper detailing how HTML5-based smartphone apps could allow for devices to be targeted with a new Cross-Device Scripting (XDS) attack that could inject malicious code via WiFi scanning, SMS messaging, or other means. Source: http://www.scmagazine.com/smartphones-at-risk-of-malicious-code-injection-through-html5-based-apps/article/340513/

Communications Sector

Nothing to report