Tuesday, April 15, 2014


Complete DHS Report for April 15, 2014

Daily Report

Details

 • DTE Energy crews worked to restore power to 100,000 customers around Detroit April 14 after an April 12 storm producing strong winds knocked out electricity. – WDIV 4 Detroit

1. April 14, WDIV 4 Detroit – (Michigan) DTE: 100,000 customers without power. DTE Energy crews worked to restore power to 100,000 customers around Detroit April 14 after an April 12 storm produced strong winds and knocked out electricity. Source: http://www.clickondetroit.com/weather/dte-60000-customers-without-power-after-spring-storm/25455788

 • The U.S. Department of Justice unsealed an indictment against nine individuals for allegedly being involved in a criminal organization that used the Zeus banking trojan to steal millions of dollars. – Softpedia  See item 7 below in the Financial Services Sector

 • Police arrested and charged a suspect believed to be responsible for opening fire and killing three individuals April 13 outside of the Jewish Community Center of Greater Kanas City, then again outside the Village Shalom Jewish retirement community in Overland Park. – Associated Press

30. April 14, Associated Press – (Kansas) Official IDs supremacist as Kansas attacks suspect. Police arrested and charged a suspect believed to be responsible for opening fire and killed three individuals April 13 outside of the Jewish Community Center of Greater Kanas City, then again outside the Village Shalom Jewish retirement community in Overland Park. Three individuals were killed during the attacks. Source: http://news.msn.com/crime-justice/official-ids-supremacist-as-kansas-attacks-suspect

 • A 5-alarm fire April 12 at a commercial building in Berkeley, California, destroyed or damaged several businesses, knocked out power to 1,500 PG&E customers, and led to the evacuation of nearby businesses and residents. – KGO 7 San Francisco

32. April 13, KGO 7 San Francisco – (California) 5-alarm fire destroys multiple businesses in Berkeley. A 5-alarm fire that broke out April 12 at a commercial building in Berkeley destroyed or damaged several businesses, and knocked out power to 1,500 PG&E customers, prompting the evacuation of nearby businesses and residents. The blaze caused significant traffic delays in both directions along Interstate 80 and service at two local Amtrak stations was halted due to fire hoses being run across the tracks. Source: http://abclocal.go.com/kgo/story?section=news/local/east_bay&id=9501921

Financial Services Sector

7. April 12, Softpedia – (International) Nine people accused of stealing millions of dollars with Zeus malware. The U.S. Department of Justice unsealed an indictment against nine individuals for allegedly being involved in a criminal organization that used the Zeus banking trojan to steal millions of dollars. The alleged scheme used Zeus to steal account information and then transfer stolen money to accounts belonging to ‘mules’ who withdrew and transferred the money. Source: http://news.softpedia.com/news/Nine-People-Accused-of-Stealing-Millions-of-Dollars-with-ZeuS-Malware-437311.shtml

8. April 11, U.S. Securities and Exchange Commission – (International) SEC charges Indiana man for defrauding investors in “credit union” Ponzi scheme. The U.S. Securities and Exchange Commission filed charges April 11 against an Indianapolis man and two entities under his control for allegedly running a Ponzi scheme that defrauded around 5,000 investors from the U.S. and abroad of around $12.8 million dollars. Criminal charges were also unsealed by the U.S. Attorney’s Office for the Eastern District of Virginia in a parallel action. Source: http://www.sec.gov/litigation/litreleases/2014/lr22972.htm

Information Technology Sector

26. April 14, IDG News Service – (International) Akamai admits issuing faulty OpenSSL patch, reissues keys. Akamai Technologies stated April 13 that a patch issued by the company designed to protect its customers from the Heartbleed vulnerability contained a fault, making it ineffective. The company then began reissuing all Secure Sockets Layer (SSL) certificates and security keys for affected sites. Source: http://www.computerworld.com/s/article/9247650/Akamai_admits_issuing_faulty_OpenSSL_patch_reissues_keys

27. April 14, Help Net Security – (International) Jetpack pushes update to close critical security hole. The creators of the Jetpack plugin for WordPress published an update for the popular plugin that closes a vulnerability discovered during a security audit that could allow an attacker to bypass a site’s access controls. Source: http://www.net-security.org/secworld.php?id=16683

28. April 12, Softpedia – (International) Google rewards experts for XXE vulnerability in Toolbar Button Gallery. Google awarded two Detectify researchers $10,000 after they identified and reported an XML External Entity (XXE) vulnerability in the Google Toolbar Button Gallery that could have allowed an attacker to gain access to data on the company’s production servers. The vulnerability was closed soon after being reported. Source: http://news.softpedia.com/news/Google-Rewards-Experts-for-XXE-Vulnerability-in-Toolbar-Button-Gallery-437290.shtml

Communications Sector

29. April 12, KSTU 13 Salt Lake City – (Utah) Damages from outage-causing car crash 
estimated at more than $100,000. Weber County residents suffered over a 9 hour Comcast Internet service outage April 12 after a fiber line was impaired when a car hit a power line, causing more than $100,000 worth of damage to the provider’s resources. Source: http://fox13now.com/2014/04/12/car-crash-causes-power-outage-in-weber-county/

For another story, see item 25 from the Emergency Services Sector below:

25. April 12, Associated Press – (Washington) 7-hour Washington 911 outage blamed on vendor. CenturyLink reported April 11 that a 7 hour Statewide 9-1-1 service outage in Washington April 10 was caused by a technical error by a third-party vendor. Source: http://www.jacksonsun.com/viewart/20140412/NEWS/140412004/7-hour-Washington-911-outage-blamed-vendor-