Monday, June 16, 2014




Complete DHS Report for June 16, 2014

Daily Report

Top Stories

 • A June 11 fire and propane tank explosion at a Bailey Farms International hay plant in Tremonton, Utah, caused between $8 million and $10 million in damage. – KSL 5 Salt Lake City

8. June 12, KSL 5 Salt Lake City – (Utah) $10M hay fire 'going to burn for a long time,' fire marshal says. A fire broke out June 11 at a Bailey Farms International hay plant in Tremonton and spread to a propane tank outside the structure, causing an explosion that ignited piles of hay. Fire officials stated that the fire caused between $8 million and $10 million in damage and that it is unlikely a cause will be determined due to size and intensity of the blaze. Source: http://www.ksl.com/?nid=148&sid=30280899

 • Officials at St. Joseph Health of Sonoma County in Santa Rosa, California, reported June 12 that a thumb drive containing personal and medical information of 33,702 patients was stolen during a burglary at an outpatient radiology facility June 2. – KPIX 5 San Francisco

18. June 12, KPIX 5 San Francisco – (California) Records of more than 33,000 patients stolen from Santa Rosa radiology facility. Officials at St. Joseph Health of Sonoma County in Santa Rosa reported June 12 that a thumb drive containing X-ray records of 33,702 patients was stolen during a burglary at an outpatient radiology facility June 2. Patients’ personal information was saved on the thumb drive which was taken from a staff member’s storage locker. Source: http://sanfrancisco.cbslocal.com/2014/06/12/records-of-more-than-33000-patients-stolen-from-santa-rosa-radioligy-facility/

 • A researcher discovered a new trojan, Pandemiya, which contains about 25,000 lines of fresh code and has the ability to steal data from forms, take screen shots to send back to the botmasters who deploy it, and create fake web pages. – The Register See item 21 below in the Information Technology Sector

 • Time Warner Cable representatives reported its Road Runner email service was down affecting 10 percent of its customers in cities across the U.S. for several days, and stated that its engineers were working to restore service. – WLTX 19 Columbia See item 25 below in the Communications Sector

 Financial Services Sector

3. June 13, The Register – (International) Hacker claims PayPal loophole generates FREE MONEY. A man turned white hat reported a loophole in PayPal’s system that can be exploited to earn free money by funneling cash into a mule account before filing for a transaction refund. The company stated that the vulnerability is an issue with its protection policy and did not give additional information about its ability to prevent one-off instances of the scam. Source: http://www.theregister.co.uk/2014/06/13/hacker_claims_paypal_loophole_generates_free_money/

For another story, see item 22 below in the Information Technology Sector

Information Technology Sector

21. June 13, The Register – (International) Entirely new trojan quietly wheeled into black hat forums. A researcher from RSA reportedly discovered a new trojan, Pandemiya, which contains about 25,000 lines of fresh code and has the ability to steal data from forms, take screen shots to send back to the botmasters who deploy it, and create fake web pages. Pandemiya can be removed by tweaking registry and command line action. Source:  http://www.theregister.co.uk/2014/06/13/pricey_ground_up_built_malware_constantly_infects_everything/

  22. June 13, Vallejo Times Herald – (California; Utah) San Jose: Utah woman indicted in embezzlement of $1.34 million from Mountain View software firm. A federal grand jury indicted a former Symantec Corp. employee June 11 on 26 charges of wire fraud and 10 counts of money laundering for allegedly embezzling $1.34 million in funds from the California-based company while working at its Lindon, Utah office between January 2010 and May 2012. The former employee allegedly charged unauthorized personal expenses to company payment cards and made unapproved financial transfers to a shell company used to reallocate funds into her personal bank account. Source: http://www.timesheraldonline.com/news/ci_25956029/san-jose-utah-woman-indicted-embezzlement-1-34

23. June 12, Securityweek – (International) Cisco fixes XSS vulnerability in AsyncOS management interface. Cisco advised customers to update their AsyncOS installations in order to address a cross-site scripting (XSS) vulnerability impacting the Web management interface of the operating system. The flaw affects Cisco Email Security Appliance (ESA) 8.0 and earlier, Cisco Web Security Appliance (WSA) 8.0 and earlier, as well as Content Security Management Appliance (SMA) 8.3 and earlier. Source: http://www.securityweek.com/cisco-fixes-xss-vulnerability-asyncos-management-interface

24. June 12, Securityweek – (International) Cybercriminals targeting cloud-based PoS systems via browser attacks. IntelCrawler researchers dubbed a form of malware, POSCLOUD, which targets vulnerabilities in major Web browsers to compromise cloud-based PoS software typically used by grocery stores, retailers, and other small businesses. The malware relies on keylogging and screenshots to steal personal information and financial data. Source: http://www.securityweek.com/attackers-targeting-cloud-based-pos-systems-browser-attacks

See Item 25 below in the Communications Sector

Communications Sector

25. June 12, WLTX 19 Columbia – (National) TWC’s Road Runner email service trouble widespread. Time Warner Cable representatives reported its Road Runner email service was down affecting 10 percent of its customers in cities across the U.S. for several days. The company stated the issues were intermittent and its engineers were working to restore service. Source: http://www.wltx.com/story/tech/2014/06/12/twcs-road-runner-email-service-trouble-widespread/10389201/