Tuesday, December 2, 2014



Complete DHS Report for December 2, 2014

Daily Report

Top Stories

 · DuPont officials reported November 29 that about 23,000 pounds of methyl mercaptan was released at the company’s La Porte, Texas chemical facility in November marking an increase from the company’s original estimate that 100 pounds of the gas was released. – Texas Tribune

1. November 29, Texas Tribune – (Texas) DuPont says plant leaked 23,000 pounds of toxic gas. DuPont officials reported November 29 that about 23,000 pounds of methyl mercaptan was released inside a process building at the company’s La Porte chemical facility in November marking an increase from the company’s original estimate that 100 pounds of the gas was released. Company officials revised its initial estimate after reviewing the amount of gas in the plant’s pipes and vessels before and after the incident, and updated its report to the Texas Commission on Environmental Quality. Source: http://www.texastribune.org/2014/11/29/dupont-says-plant-leaked-23000-pounds-toxic-gas/

 · An attacker group known as FIN4 has targeted high-level figures at various financial services companies, advisory firms, and regulators in order to obtain inside information on business decisions for possible use in stock trading since 2013. – Securityweek See item 2 below in the Financial Services Sector

 · A Nordstrom store in Chicago reopened November 30 after the retailer closed November 28 following a domestic-related shooting inside the store that left one worker and the gunman dead. – Chicago Tribune

19. November 30, Chicago Tribune – (Illinois) Two days after fatal shooting, Nordstrom again opens its doors. The Nordstrom store at the Shops at North Bridge mall in Chicago reopened November 30 after the retailer closed following a domestic-related shooting inside the store November 28. The shooter fatally wounded one worker before he died of a self-inflicted gunshot wound. Source: http://www.chicagotribune.com/news/local/breaking/chi-chicago-nordstrom-shooting-murder-20141130-story.html

 · SP+ officials reported November 28 that hackers uploaded malware onto its servers accessing 17 parking facilities in Illinois, Ohio, Pennsylvania, and Washington, and warned customers that their personal data may have been compromised. – DNAinfo

20. November 29, DNAinfo – (National) Data breach reported at Chicago, Evanston parking garages. Representatives from SP+, a parking garage management company, reported November 28 that hackers uploaded malware onto its servers accessing 17 parking facilities in Illinois, Ohio, Pennsylvania, and Washington, and warned customers who used payment cards at the locations on specific dates that their personal information may have been compromised. The malware which is believed to have been installed via a remote access tool has since been disabled. Source: http://www.dnainfo.com/chicago/20141129/downtown/data-breach-reported-at-chicago-evanston-parking-garages

Financial Services Sector

2. December 1, Securityweek – (International) FIN4 attack group targets firms for stock market profit. FireEye researchers published a report on a group of attackers known as FIN4 that have targeted high-level figures at various financial services companies, advisory firms, and regulators in order to obtain inside information on business decisions for possible use in stock trading. The group has been active since mid-2013 and uses visual basic applications (VBA) macros in Microsoft Word documents and links to fake Outlook Web App login pages in order to obtain user names and passwords. Source: http://www.securityweek.com/fin4-attack-group-targets-firms-stock-market-profit

For another story, see item 7 below from the Transportation Systems Sector

7. November 28, Securityweek – (International) 118 online airline fraud suspects arrested in international operation. Law enforcement agencies in several countries coordinated by Europol, Ameripol, and Interpol conducted a 2 day operation in 45 countries that led to the arrest of 118 individuals who allegedly purchased airline tickets using stolen or fraudulent payment card data. Source: http://www.securityweek.com/118-online-airline-fraud-suspects-arrested-international-operation

Information Technology Sector

16. December 1, IDG News Service – (International) Officials seize 292 domain names to protect consumers during holiday season. U.S. authorities, Europol, and law enforcement agencies in 19 countries seized 292 domain names as part of a coordinated operation to shut down Web sites selling counterfeit goods in order to protect consumers, Europol reported December 1. Source: http://www.networkworld.com/article/2853714/officials-seize-292-domain-names-to-protect-consumers-during-holiday-season.html

Communications Sector

17. November 28, Broadcasting & Cable – (Utah) FCC dials up $35,000 fine for Newport. Newport Television of Salt Lake City was fined $35,000 by the U.S. Federal Communications Commission for broadcasting a private phone conversation in a news report without first telling the person that the call was being recorded and would be broadcast. Source: http://www.broadcastingcable.com/news/washington/fcc-dials-35000-fine-newport/135978