Wednesday, September 3, 2014




Complete DHS Report for September 3, 2014

Daily Report

Top Stories

 · Nine people were injured in multiple collisions involving about 50 vehicles on Interstate 82 near Kennewick, Washington, August 30 due to a dust storm which shut down the interstate for several hours while authorities investigated. – Kennewick Tri-City Herald

10. August 30, Kennewick Tri-City Herald – (Washington) Dust storm leads to about 50 vehicles in collisions on I-82. Nine people were injured in multiple collisions involving about 50 vehicles on Interstate 82 near Kennewick, Washington, August 30 due to a dust storm which shut down the interstate for several hours while authorities investigated. Source: http://www.bellinghamherald.com/2014/08/30/3828939/interstate-82-entrance-closed.html


· The Charlotte Mecklenburg Utility Department reported August 29 that an estimated 15,000 gallons of sewage spilled into Briar Creek in North Carolina August 27 after a blockage of grease in a pipe. – Charlotte Observer

21. August 29, Charlotte Observer – (North Carolina) 100 dead fish found in Charlotte creek after sewage spill. The Charlotte Mecklenburg Utility Department reported August 29 that an estimated 15,000 gallons of sewage spilled into Briar Creek in North Carolina August 27 after a blockage of grease in a pipe. Crews cleared the pipe and also found 100 dead fish in the creek due to the spill. Source: http://www.charlotteobserver.com/2014/08/29/5137606/100-dead-fish-found-in-charlotte.html
 
· Fire crews reached 15 percent containment September 1 of the Happy Camp Complex Fire in Siskiyou County, California, which grew to more than 63,847 acres. – KHSL 12 Chico

25. September 1, KHSL 12 Chico – (California) Happy Camp Complex Fire continues to grow. Fire crews reached 15 percent containment September 1 of the Happy Camp Complex Fire in Siskiyou County, California, which grew to more than 63,847 acres. Mandatory and advisory evacuation orders remained in place or were expanded to include additional areas around the Klamath National Forest. Source: http://www.actionnewsnow.com/news/happy-camp-complex-fire-continues-to-grow-72160/
 
· Officials in Tennessee continued searching for the remaining 17 out of 32 teenagers who escaped from the Woodlawn Hills Youth Development Center in Nashville September 1 by crawling under a weak spot in a fence. – Associated Press

27. September 2, Associated Press – (Tennessee) More than 30 teen felons escape from Tennessee detention center. Officials in Tennessee continued searching for the remaining 17 out of 32 teenagers who escaped from the Woodlawn Hills Youth Development Center in Nashville September 1 by crawling under a weak spot in a fence. Authorities stated that the teens broke out during a shift change and order was restored by September 2. Source: http://www.foxnews.com/us/2014/09/02/official-more-than-30-teens-escape-from-nashville-detention-center-17-still-at/

Financial Services Sector

3. September 1, KNBC 4 Los Angeles – (National) “AK-47 Bandit” wanted in SoCal bank robberies suspected in Nebraska heist. The FBI stated that the man responsible for the August 22 robbery of a First National Bank branch in southeast Nebraska matched the description of a suspect known as the “AK-47 Bandit” wanted in connection with several bank robberies in California, Washington, and Idaho beginning in 2012. The suspect was seen in bank robberies wielding an assault rifle and was involved in the shooting of a Chino, California police officer during a February 2012 robbery. Source: http://www.nbclosangeles.com/news/local/AK-47-Bandit-Who-Shot-Chino-Officer-May-Have-Robbed-Nebraska-Bank-273425161.html

4. September 1, WBBM 2 Chicago – (Illinois) Cicero police nab ‘No Boundaries Bandit’ suspect. Police in Cicero arrested a man August 31 believed to be the “No Boundaries Bandit” responsible for 12 bank robberies in the Chicago metro area. Source: http://chicago.cbslocal.com/2014/09/01/cicero-police-nab-no-boundaries-bandit-suspect/

For additional stories, see items 26 below from the Government Facilities Sector and 39 below from the Commercial Facilities Sector

26. August 29, New Orleans Times-Picayune – (Louisiana) Louisiana experiences second data breach with state-issued debit cards. JP Morgan Chase notified Louisiana’s government that the company’s security system was breached and hackers may have accessed the personal information of residents using prepaid debit cards issued by 3 State agencies. Source: http://www.nola.com/politics/index.ssf/2014/08/louisiana_experiences_second_d.html

39. August 29, Reuters – (Florida) Man charged with wire fraud in $1 million Miami Heat ticket scam. Florida authorities charged a man already incarcerated in Ohio on real estate fraud charges, for operating an investment scheme that defrauded investors and the Miami Heat NBA team out of millions of dollars. The man allegedly used a false identity to purchase a Miami Heat ticket package and obtained a loan and millions of dollars from investors for a fake investment opportunity. Source: http://news.yahoo.com/man-charged-wire-fraud-1-million-miami-heat-171621060--nba.html

 Information Technology Sector

28. September 2, Softpedia – (International) FBI starts investigation of celeb photo hack. The FBI stated that it began an investigation to identify and apprehend the individuals behind a leak of personal photos belonging to several celebrities that were stored in Apple’s iCloud service. Source: http://news.softpedia.com/news/FBI-Starts-Investigation-of-Celeb-Photo-Hack-457278.shtml

29. September 2, The Register – (International) SHARE ‘N’ SINK: OneDrive corrupting Office 2013 files. Users of Microsoft’s OneDrive cloud service began reporting August 27 that some Microsoft Office 2013 files stored on OneDrive were inaccessible. Users found that only individuals running Windows 8.1 appeared to be affected and that syncing OneDrive to a computer running Windows 7 would make the files accessible again. Source: http://www.theregister.co.uk/2014/09/02/share_n_sink_onedrive_corrupting_office_2013_files/

30. September 2, The Register – (International) iOS phone phlaw can UNMASK anonymous social media users. Researchers found that users of iOS devices could have their phones forced to dial numbers without prompting or have photos taken through their phone’s cameras due to a feature in iOS that is not properly implemented in several popular services such as Twitter, Google, and Facebook. Source: http://www.theregister.co.uk/2014/09/02/crap_ios_schema_can_reveal_anonymous_social_media_users/

31. September 2, IDG News Service – (International) Namecheap says accounts compromised in hacking incident. Hosting provider Namecheap reported September 1 that several of its users’ accounts were compromised using brute force attacks to gain control of accounts. Source: http://www.computerworld.com/article/2600779/security/namecheap-says-accounts-compromised-in-hacking-incident.html

32. September 1, Securityweek – (International) Tor-enabled Bifrose variant used in targeted attack. Trend Micro researchers identified a new variant of the Bifrose backdoor after it was used in an attack on an unnamed device manufacturer. The new variant uses the Tor network for command and control communications and can perform actions including downloading and uploading files, deleting content, and performing actions as the infected user. Source: http://www.securityweek.com/tor-enabled-bifrose-variant-used-targeted-attack

33. August 29, Softpedia – (International) MangaGamer alerts customers of security breach. Games distributor MangaGamer informed its customers that it was the victim of a data breach that may have exposed customers’ email addresses, usernames, and passwords. The company advised users to change their passwords and indicated that no financial information was compromised. Source: http://news.softpedia.com/news/MangaGamer-Alerts-Customers-of-Security-Breach-456948.shtml

34. August 29, SC Magazine – (International) Syrian Malware Team makes use of enhanced BlackWorm RAT. FireEye researchers reported that a hacktivist group known as the Syrian Malware Team has used an enhanced version of the BlackWorm remote access trojan (RAT) known as “Dark Edition” in its campaigns. The new variant allows attackers to bypass user account control (UAC) features, spread itself over network drives, and disable firewalls. Source: http://www.scmagazine.com/syrian-malware-team-makes-use-of-enhanced-blackworm-rat/article/368902/

For another story, see item 2 below from the Critical Manufacturing Sector

2. September 1, IDG News Service – (International) Rigged industrial software site points to watering hole attack. Researchers at AlienVault reported that the Web site of an unnamed industrial software company was compromised with a piece of reconnaissance malware called Scanbox that collected information on visitors to the site, including visitors’ IP addresses, language, operating system, and security programs. The unnamed company produces system engineering and simulation software for several industries including manufacturing, automotive, and aerospace firms. Source: http://www.computerworld.com/article/2600767/security/rigged-industrial-software-site-points-to-watering-hole-attack.html

Communications Sector

Nothing to report