Friday, September 5, 2014




Complete DHS Report for September 5, 2014

Daily Report

Top Stories

  · Ten workers safely shut off liquid fertilizer chemical tanks and evacuated the Kugler Company fertilizer plant in Sterling, Colorado, September 3 after a welding accident sparked a fire that consumed nearly 95 percent of the building. – KCNC 4 Denver

12. September 3, KCNC 4 Denver – (Colorado) Massive fire destroys fertilizer plant in sterling. Ten workers safely shut off liquid fertilizer chemical tanks and evacuated the Kugler Company fertilizer plant in Sterling September 3 after a welding accident sparked a fire that consumed nearly 95 percent of the building. A reverse 9-1-1 call was transmitted to 200 households warning residents that a small amount of anhydrous ammonia leaked out of pipes during the blaze and could pose health risks to individuals with respiratory problems. Source: http://denver.cbslocal.com/2014/09/03/massive-fire-destroys-fertilizer-plant-in-sterling/
 
· A broken sewer line at the wastewater treatment plant in Storm Lake, Iowa, September 3 caused about 90,000 gallons of partially treated and raw sewage to leak, including the release of 10,000 gallons into Outlet Creek. – KTIV 4 Sioux City

16. September 4, KTIV 4 Sioux City – (Iowa) DNR officials are monitoring a creek in Storm Lake, IA after a sewage leak. Contractors inadvertently hit and broke a sewer line at the wastewater treatment plant in Storm Lake September 3 and caused about 90,000 gallons of partially treated and raw sewage to leak. Crews contained the leak and built three temporary dams to prevent further leaking after 10,000 gallons of the sewage flowed into Outlet Creek. Source: http://www.ktiv.com/story/26448111/2014/09/04/dnr-officials-are-monitoring-a-creek-in-storm-lake-ia-after-a-sewage-leak
 
· Thirteen people were injured September 3 after a chemical explosion during a routine science exhibition at the Terry Lee Wells Discovery Museum in Reno, Nevada. – Associated Press

32. September 4, Associated Press – (Nevada) 13 hurt, mostly kids, in chemical blast at museum. Seven children and 2 adults were transported to an area hospital while 4 others were treated at the scene September 3 after a chemical explosion during a routine science exhibition at the Terry Lee Wells Discovery Museum in Reno. The museum was evacuated and a HAZMAT team responded to the scene to test the air quality. Source: http://news.msn.com/us/13-hurt-mostly-kids-in-chemical-blast-at-museum
 
· Seven individuals were injured and 54 residents were displaced in a 9-alarm fire that caused a roof collapse at the 12 Harvard Terrace apartment building in Boston September 3. – Boston Herald

33. September 4, Boston Herald – (Massachusetts) Allston fire injures 7, leaves 54 homeless. Seven individuals, including 5 firefighters, were injured and 54 residents were displaced in a 9-alarm fire that caused a roof collapse at the 12 Harvard Terrace apartment building in the Allston area of Boston September 3. The cause of the fire that officials believe caused millions of dollars in damage is under investigation. Source: http://bostonherald.com/news_opinion/local_coverage/2014/09/allston_fire_injures_7_leaves_54_homeless

Financial Services Sector

4. September 4, Softpedia – (International) Updated Vawtrak banking malware strain expands target list. Researchers with PhishLabs identified a new variant of the Vawtrak financial malware (also known as Neverquest) that has added features in the last month enabling it to expand its targets to users in the U.S., Canada, and Europe. The malware targets financial institutions as well as social networks, online retailers, gaming portals, and analytics firms and can steal credentials and automate fraudulent transactions. Source: http://news.softpedia.com/news/Updated-Vawtrak-Banking-Malware-Strain-Expands-Target-List-457656.shtml

5. September 3, Associated Press – (International) Immigration lawyer charged with investment fraud. A Los Angeles immigration lawyer was indicted in federal court September 3 for allegedly defrauding 94 foreigners seeking green cards through an immigrant investor program of around $47 million by claiming to recruit investors for an ethanol production project. The lawyer, his wife, and a law partner were also charged by the U.S. Securities and Exchange Commission in the case and the lawyer was arrested by Korean authorities on similar charges. Source: http://www.utsandiego.com/news/2014/sep/03/immigration-lawyer-charged-with-investment-fraud/

6. September 3, Chicago Tribune – (Illinois) FBI: ‘Hooded Bandit’ serial robber hits bank in Elk Grove Village. The FBI stated that the man who robbed a First Merit Bank branch in Elk Grove Village September 3 was believed to be a suspect known as the “Hooded Bandit” responsible for six other bank robberies in the northwest suburbs of Chicago. Source: http://www.chicagotribune.com/news/local/breaking/chi-fbi-hooded-bandit-serial-robber-hits-bank-in-elk-grove-village-20140903-story.html

For another story, see item 28 below in the Information Technology Sector
Information Technology Sector

26. September 4, Softpedia – (International) Old Slider Revolution vulnerability massively exploited. Researchers at Sucuri found that attackers began heavily exploiting an old vulnerability in unpatched versions of the Slider Revolution Premium plugin for WordPress during August, which could allow a Local File Inclusion (LFI) attack. The vulnerability was fixed in February and all users were advised to update to the latest version as soon as possible. Source: http://news.softpedia.com/news/Old-Slider-Revolution-Vulnerability-Massively-Exploited-457607.shtml

27. September 4, Securityweek – (International) CERT warns of Android apps vulnerable to MitM attacks. The Computer Emergency Response Team Coordination Center at Carnegie Mellon University (CERT/CC) published a list of popular Android apps that expose users to man-in-the-middle (MitM) attacks due to the apps not properly validating SSL certificates. CERT/CC released its findings in a spreadsheet detailing their results and is attempting to contact the authors of every app that failed the organization’s tests. Source: http://www.securityweek.com/cert-warns-android-apps-vulnerable-mitm-attacks

28. September 4, Softpedia – (International) Home router DNS settings changed via Web-based attack. Kaspersky Lab researchers identified a Web-based attack that uses Web pages with malicious scripts to attempt to change users’ home router Domain Name System (DNS) settings in order to redirect users to phishing pages of financial institutions. The attack was mostly observed in Brazil but also targeted some users in the U.S., Canada, Mexico, and other countries. Source: http://news.softpedia.com/news/Home-Router-DNS-Settings-Changed-Via-Web-Based-Attack-457668.shtml

29. September 4, The Register – (International) VirusTotal mess means YOU TOO can track Comment Crew! A researcher released findings on how he was able to use structured data and analysis to identify a subgroup of the Comment Crew group and an unnamed Iranian group using Google’s VirusTotal service to test new versions of malware against security software and check for detection rates. Source: http://www.theregister.co.uk/2014/09/04/virustotal_blue_means_you_too_can_track_comment_crew/

30. September 3, Help Net Security – (International) Semalt botnet hijacked nearly 300k computers. Incapsula researchers reported that the Semalt botnet is spreading quickly and is currently made up of around 290,000 infected machines. The botnet is linked to a Ukrainian search engine optimization (SEO) service and spams millions of Web sites in a referrer spam campaign designed to fraudulently boost a site’s search engine ranking. Source: http://www.net-security.org/malware_news.php?id=2857

For another story, see item 4 above in the Financial Services Sector

Communications Sector

31. September 4, Peninsula Daily News – (Washington, Oregon, California) Internet outage hits north Olympic Peninsula and beyond. CenturyLink and Wave Broadband customers in Washington, Oregon, and California reported either Internet, phone, or television service outages that lasted several hours September 3 and affected many businesses. Officials reported that the Wave Broadband outage was caused by a boat that cut through a major fiber-optic cable while the cause of the CenturyLink outage remained under investigation. Source: http://www.peninsuladailynews.com/article/20140904/NEWS/309049991/internet-outage-hits-north-olympic-peninsula-and-beyond