Thursday, June 19, 2014




Complete DHS Report for June 19, 2014

Daily Report

Top Stories

 • Anhydrous ammonia began to leak from a DHT Logistics semi-truck in Shelby County, Ohio, June 17 causing about 5,000 homes and businesses to evacuate and a portion of Interstate 75 near Sidney to close for 6 hours while crews cleared the scene. – Dayton Daily News

2. June 17, Dayton Daily News – (Ohio) Anhydrous ammonia leak on I-75 has been contained. A pressure regulator failed on a DHT Logistics semi-truck transporting approximately 20 tons of anhydrous ammonia from Lima to Versailles, Ohio, causing the chemical to leak from the top of a tank in Shelby County June 17. Approximately 5,000 homes and businesses within a 1-mile radius were evacuated, several roadways were closed, and a portion of Interstate 75 near Sidney was closed for 6 hours while crews cleared the scene. Source: http://www.daytondailynews.com/news/news/chemical-leak-reported-highway/ngMfD/

 • A severe storm passed through southeastern South Dakota, southwest Minnesota, and northwest Iowa June 16, swelling rivers and causing flood waters to shut down part of Interstate 29 near Sioux City. – NBC News

6. June 17, NBC News – (South Dakota; Minnesota; Iowa) Flood waters close South Dakota highway, trap city. A severe storm passed through southeastern South Dakota, southwest Minnesota, and northwest Iowa June 16, swelling rivers and causing flood waters to shut down part of Interstate 29 near Sioux City, South Dakota. Source: http://www.nbcnews.com/news/weather/flood-waters-close-south-dakota-highway-trap-city-n133096

 • Smithfield Packing’s pork processing plant in North Carolina was closed and production was halted indefinitely after a hot water tower collapsed and severed an ammonia container June 17. – Fayetteville Observer

12. June 17, Fayetteville Observer – (North Carolina) Deputy: Hot water tower collapse severed ammonia line at Smithfield Packing; minor injuries reported. Smithfield Packing’s pork processing plant in North Carolina was closed and production was halted indefinitely after a hot water tower collapsed and severed an ammonia container June 17, prompting the evacuation of more than 2,400 employees and the medical treatment of up to 40 workers. Authorities closed a 5-mile stretch of North Carolina Route 87 for about 4 hours while crews worked to cap the leak and officials inspected the facility. Source: http://www.fayobserver.com/news/local/article_adad233a-708b-57e7-a8a2-9b1852bd0e8a.html

 • A 12-inch water main break in Ames, Iowa, June 17 caused a loss of approximately 1 million gallons of water and prompted officials to block off Lincoln Way for several hours. – Iowa State Daily

15. June 17, Iowa State Daily – (Iowa) Water main breaks on Lincoln Way. A 12-inch water main break in the city of Ames June 17 caused a loss of approximately 1 million gallons of water and prompted officials to block off Lincoln Way for several hours as well as offer solutions to customers who experienced rusty water in other parts of the city due to the break. Source: http://www.iowastatedaily.com/news/article_356285f8-f64f-11e3-9ae8-001a4bcf887a.html

Financial Services Sector

3. June 18, Sacramento Business Journal – (California; Oklahoma) Another man pleads guilty in Loomis Wealth Solutions mortgage fraud case. A Yorba Linda, California man pleaded guilty June 17 to his involvement in a mortgage fraud scheme connected to Loomis Wealth Solutions that caused over $10 million in damages. The man controlled an escrow company and prepared fraudulent mortgage documents to further the fraud in Mission Viejo and Tulsa, Oklahoma. Source: http://www.bizjournals.com/sacramento/news/2014/06/18/another-man-pleads-guilty-in-loomis-wealth.html

4. June 17, ABC News – (National) Alleged church Ponzi schemer arrested on federal fraud charges. The former CEO of City Capital Corporation was arrested June 17 on a federal indictment that charged him with allegedly running an investment fraud scheme that targeted church congregations in several States and cost investors over $5 million. The former chief operating officer of the company was also charged in the alleged fraud. Source: http://abcnews.go.com/US/alleged-church-ponzi-schemer-arrested-federal-fraud-charges/story?id=24182271

Information Technology Sector

25. June 18, Softpedia – (International) Zbot variant poorly detected by AV engines. An AppRiver researcher discovered a variant of the Zeus/Zbot trojan being distributed in spam emails inside a password-protected .zip file, allowing it to evade many security programs and filters. The researcher reported that the malware was identified by 5 of 52 antivirus engines. Source: http://news.softpedia.com/news/Password-Protected-Zbot-Variant-Poorly-Detected-by-AV-Engines-447373.shtml

26. June 18, Help Net Security – (International) Microsoft patches DoS flaw in its Malware Protection Engine. Microsoft released an update for its Malware Protection Engine that closes a vulnerability that could allow an attacker to use a specially-created file to trigger a denial of service (DoS) attack. Source: http://www.net-security.org/secworld.php?id=17022

27. June 18, Threatpost – (International) Belkin patches directory traversal bug in wireless router. Belkin released a firmware update for its N150 wireless home routers in order to close a serious directory traversal vulnerability that could allow a remote, unauthenticated attacker to read system files on the router. Users were advised to update their firmware as soon as possible. Source: http://threatpost.com/blekin-patches-directory-traversal-bug-in-wireless-router

28. June 18, Softpedia – (International) Symantec Web Gateway 5.2 susceptible to SQL injection and XSS attacks. Symantec advised users of its Symantec Web Gateway product running version 5.2 of its appliance management console to update to the newest 5.2.1 build after a SQL injection and a cross-site scripting (XSS) vulnerability were found in 5.2. The vulnerabilities could enable unauthorized privileged access to databases and the hijacking of user sessions. Source: http://news.softpedia.com/news/Symantec-Web-Gateway-5-2-Susceptible-to-SQL-Injection-and-XSS-Attacks-447241.shtml

29. June 18, Softpedia – (International) Tumblr blogs compromised to redirect to diet pill spam. A Symantec researcher found that several Tumblr blogs and Pinterest accounts have been hijacked in order to redirect visitors to a spam Web site promoting diet pills. Source: http://news.softpedia.com/news/Tumblr-Blogs-Compromised-to-Redirect-to-Diet-Pill-Spam-447395.shtml

30. June 17, SC Magazine – (International) Researchers detect spike in “snowshoe” spam attacks using .club gTLD. Researchers with Symantec reported an increase in spam attacks utilizing multiple IP addresses and generic top-level domains (gTLD) to attempt to prevent detection by spam filters, known as “snowshoe” attacks. The increase was first observed June 12, with the attacks using .club domains. Source: http://www.scmagazine.com/researchers-detect-spike-in-snowshoe-spam-attacks-using-club-gtld/article/356258/

31. June 17, Securityweek – (International) TowelRoot vulnerability could lead to attacks on Android devices: Researcher. Researchers with Lacoon Mobile Security reported that a Linux vulnerability exploited in the TowelRoot rooting tool for Android devices could also be used by attackers to gain root/administrator privileges and bypass Android security controls. Source: http://www.securityweek.com/towelroot-vulnerability-could-lead-attacks-android-devices-researcher

Communications Sector

See items 23 from the Government Facilities Sector below and 24 from the Emergency Services Sector below

23. June 16, U.S. Attorney’s Office, Northern District of Illinois – (International) Alleged associate of NullCrew arrested on federal hacking charge involving cyber attacks on companies and universities. The FBI arrested a Tennessee man June 11 and charged him with federal computer hacking for allegedly conspiring to launch cyberattacks on two universities and three companies, and releasing information from previously hacked computers causing significant financial damage to the institutions. The suspect is believed to be an associate of the NullCrew hacking group. Source: http://www.fbi.gov/chicago/press-releases/2014/alleged-associate-of-nullcrew-arrested-on-federal-hacking-charge-involving-cyber-attacks-on-companies-and-universities

24. June 18, KOIN 6 Portland – (Oregon) Verizon: Cell service restored in Portland area. Thousands of Verizon customers in the Portland area were unable to call 9-1-1 from their cell phones for 2 hours June 18 due to an outage affecting multiple carriers caused by a Sprint fiber line that was cut. Source: http://koin.com/2014/06/18/portland-area-experiencing-verizon-sprint-att-outages/