Wednesday, October 22, 2014



Complete DHS Report for October 22, 2014

Daily Report

Top Stories

 · Crews recovered 2,550 barrels of crude oil October 20 from a 4,000-barrel spill caused by a broken Sunoco Logistics-owned pipeline near Mooringsport, Louisiana, October 13 that has killed dozens of mainly aquatic animals.– Shreveport Times

1. October 20, Shreveport Times – (Louisiana) Oil spill cleanup reaches 2,550 of 4,000 barrels. Crews recovered 2,550 barrels of crude oil October 20 from a 4,000-barrel spill caused by a broken Sunoco Logistics-owned pipeline near Mooringsport that has killed 139 fish, amphibians, reptiles, and crawfish. The affected Mid-Valley Pipeline segment remains shut down until the portion of the failed pipe is replaced. Source: http://www.shreveporttimes.com/story/news/local/2014/10/20/oil-spill-cleanup-reaches-barrels/17637575/

 · The National Highway Traffic Safety Administration issued a notice October 20 advising owners of more than 4.7 million BMW, General Motors, Honda, Mazda, Nissan, and Toyota vehicles fitted with airbags equipped by Takata to have their vehicles inspected immediately due to airbag defects. – Washington Post

8. October 20, Washington Post – (National) Airbag defect spurs recall of 4.7 million vehicles. The National Highway Traffic Safety Administration issued a recall notice October 20 advising owners of over 4.7 million BMW, General Motors, Honda, Mazda, Nissan, and Toyota vehicles equipped with Takata airbags to check if their vehicles are covered by recalls for airbag inflators that could cause the vehicles’ airbags to produce shrapnel upon inflation. At least four people have died in incidents related to the defective airbag inflators. Source: http://www.washingtonpost.com/blogs/dr-gridlock/wp/2014/10/20/airbag-defect-spurs-recall-of-4-7-million-vehicles/

 · Repairs for a 48-inch damaged water main were expected to start October 21 after a well driller struck the main beneath a ranch near Forestville, California, October 20 spilling an estimated 610,000 gallons of water into the surrounding landscape and saturating the soil. – Santa Rosa Press Democrat

15. October 21, Santa Rosa Press Democrat – (California) Water line break spills 610,000 gallons in west Sonoma County. Repairs for a 48-inch damaged water main were expected to start October 21 after a well driller struck the main beneath a ranch near Forestville October 20 spilling an estimated 610,000 gallons of water into the surrounding landscape and saturating the soil. There was no interruption in water service or immediate risk to local wildlife as crews worked to drain the pipeline before starting repairs. Source: http://www.pressdemocrat.com/news/2999656-181/water-line-break-spills-610000#page=0

 · A former receptionist at a Kearny, New Jersey medical office pleaded guilty October 20 for embezzling over $446,000 in checks paid by insurance companies to the medical practice for patient services and spending more than $200,000 using fraudulent credit cards between 2007 and 2011.– Jersey Journal (See item 17)

17. October 20, Jersey Journal – (New Jersey) Receptionist at Kearny medical practice pleads guilty to stealing $446K: authorities. The U.S. Attorney’s Office announced October 20 that a receptionist at a Kearny, New Jersey medical practice pleaded guilty to embezzling over $446,000 and spending more than $200,000 with fraudulent credit cards by using her position at the practice to take and cash checks paid by insurance companies to the medical practice for patient services between 2007 and 2011. The former receptionist would conceal the amount of the check and keep a large portion for herself in addition to the 10 credit cards she obtained in the name of the principal of the medical practice in order to use them to purchase personal goods and services. Source: http://www.nj.com/hudson/index.ssf/2014/10/receptionist_at_kearny_medical_practice_admits_in_court_to_stealing_446k_authorities.html

Financial Services Sector

See items 17 above in Top Stories and 27 below from the Commercial Facilities Sector

27. October 21, Softpedia – (International) Staples investigates possible card data breach. Officials at retail chain Staples are investigating to determine if the payment processing systems of 11 stores in 7 States were compromised after receiving reports from several financial intuitions of fraudulent activity being recorded on payment cards held by Staples customers. Source: http://news.softpedia.com/news/Staples-Investigates-Possible-Card-Data-Breach-462670.shtml

Information Technology Sector

24. October 21, IDG News Service – (International) One week after patch, Flash vulnerability already exploited in large-scale attacks. Researchers identified an exploit kit sold on underweb forums known as Fiesta that is bundled with an exploit for a recently-patched Flash Player vulnerability. Users were advised to apply the patch that was issued October 14. Source: http://www.networkworld.com/article/2836733/one-week-after-patch-flash-vulnerability-already-exploited-in-largescale-attacks.html

25. October 21, Securityweek – (International) Cisco products vulnerable to POODLE attacks. Cisco is analyzing its products to determine which may be affected by the POODLE vulnerability in Secure Sockets Layer (SSL) and released a list of confirmed vulnerable products, which includes Cisco Webex Social, Cisco ACE, Cisco Wireless LAN Controller, and several other products. Source: http://www.securityweek.com/cisco-products-vulnerable-poodle-attacks

26. October 21, The Register – (International) Palo Alto Networks boxes spray firewall creds across the net. A researcher found that misconfigured Palo Alto Networks firewalls could allow attackers to gain user and domain names and passwords, potentially exposing customer services such as VPNs and webmail. Palo Alto Network advised users to apply best practice guidelines developed by the company. Source: http://www.theregister.co.uk/2014/10/21/palo_alto_customers_spray_net_with_firewall_creds/

Communications Sector

Nothing to report