Tuesday, December 9, 2014



Complete DHS Report for December 9, 2014

Daily Report

Top Stories

 • The New Mexico Environment Department issued over $54 million in penalties to the U.S. Department of Energy December 6 accusing the agency of more than 30 violations of State permits at the Waste Isolation Pilot Plant and at Los Alamos National Laboratory. – Associated Press

14. December 6, Associated Press – (New Mexico) Mishaps at nuke repository lead to $54M in fines. The New Mexico Environment Department issued over $54 million in penalties to the U.S. Department of Energy December 6 accusing the agency of more than 30 violations of State permits at the Waste Isolation Pilot Plant and at Los Alamos National Laboratory that included mixing incompatible radioactive waste, failure to notify State regulators about changes in waste handling procedures, and treating waste without a permit. Source: http://www.stardem.com/ap/national/article_e977b196-ad26-57b0-8f79-447b2641e4c1.html

 • A December 8 fire at the under-construction DaVinci apartment complex in Los Angeles damaged nearby buildings, including a city government facility, and shutdown the 110 Freeway for several hours. – Los Angeles Times

21. December 8, Los Angeles Times – (California) Huge fire in downtown L.A.: ‘It looked like a bomb had just exploded’. Authorities are investigating a December 8 fire at the under-construction DaVinci apartment complex in downtown Los Angeles that engulfed almost 1 million square feet and a city block, damaged nearby buildings, including a city government facility, and shutdown a portion of northbound and southbound lanes of the 110 Freeway for several hours while firefighters worked to put out the blaze and hot spots. Source: http://www.latimes.com/local/lanow/la-me-ln-massive-downtown-la-fire-closes-freeways-20141208-story.html

 • An intentional chlorine gas leak left 19 people hospitalized and evacuated thousands of people for 2 hours from the Hyatt hotel in Rosemont, Illinois, December 7 during an annual convention. – Chicago Tribune

24. December 7, Chicago Tribune – (Illinois) 19 hospitalized, thousands evacuated in “intentional” gas leak at Rosemont hotel. An intentional chlorine gas leak left 19 people hospitalized with symptoms of nausea and dizziness, and evacuated thousands of people for 2 hours from the Hyatt hotel in Rosemont, Illinois, December 7 during an annual convention. Authorities found a substance consistent with powdered chlorine in a stairwell at the hotel and decontaminated the area. Source: http://www.msn.com/en-us/news/other/19-hospitalized-thousands-evacuated-in-intentional-gas-leak-at-rosemont-hotel/ar-BBgswJR

 • Two people were killed and twelve others were poisoned by carbon monoxide at a Streets Rehearsal Studios-rented warehouse in Passaic, New Jersey, December 6. – WCBS 2 New York City; Associated Press

25. December 6, WCBS 2 New York City; Associated Press – (New Jersey) 2 dead, 12 sickened by carbon monoxide poisoning in Passaic building. Authorities are investigating after 2 people were killed and 12 others were poisoned by carbon monoxide at a Streets Rehearsal Studios-rented warehouse used as a recording studio in Passaic, New Jersey, December 6. Source: http://newyork.cbslocal.com/2014/12/06/2-found-dead-in-passaic-building/

Financial Services Sector

4. December 8, Securityweek – (International) New variant of Neverquest banking trojan targets North America. Researchers with IBM Trusteer reported December 5 that they have observed a new variant of the Neverquest banking trojan being used predominantly against financial institutions in North America, with some additional targets in the media, gaming, and social networking industries. The malware has been distributed by drive-by downloads using exploit kits as well as by the Chaintor and Zemot trojan downloaders. Source: http://www.securityweek.com/new-variant-neverquest-banking-trojan-targets-north-america

5. December 5, New York Times – (New York) Pizza orders reveal credit card scheme, and a secondhand market. Police in New York City conducted a sweep that led to 14 arrests November 13-14 after it was found that criminals using stolen payment card information were placing orders through a Domino’s mobile app in order to test which stolen card numbers were able to be charged to. Card numbers that were able to be successfully charged to were then used for larger fraudulent purchases. Source: http://www.nytimes.com/2014/12/06/nyregion/pizza-orders-reveal-credit-card-scheme-and-a-secondhand-market.html

6. December 5, Indianapolis Business Journal – (Indiana) Hamilton County man arrested for investment scheme. A Hamilton County, Indiana man was arrested on criminal charges December 4 for allegedly operating his firm, Guaranty Reserves Trust LLC, as a fraud scheme that defrauded 16 investors of around $6 million from 2010 to 2013. The man was previously indicted on civil charges for the same alleged fraud. Source: http://www.ibj.com/articles/50819-hamilton-county-man-arrested-for-investment-scheme

For another story, see item 22 below from the Commercial Facilities Sector

22. December 8, Tampa Tribune – (Florida) Fugitive arrested in Tampa credit-card fraud ring. Federal authorities announced December 8 that the alleged leader of a payment card skimming and fraud ring in Tampa that stole more than $650,000 from financial institutions by using keyloggers on point of sale terminals was arrested after more than a year as a fugitive. Several co-conspirators were previously convicted and sentenced for their roles in the fraud ring. Source: http://tbo.com/news/crime/fugitive-arrested-in-tampa-credit-card-fraud-ring-20141208/

Information Technology Sector

18. December 8, Securityweek – (International) Google App Engine plagued by tens of vulnerabilities: Researchers. Security Explorations researchers reported identifying several vulnerabilities in the Google App Engine platform-as-a-service (PaaS) product, including issues that could be used to achieve a complete sandbox escape. Google confirmed that it received the researchers’ report and was analyzing the reported issues. Source: http://www.securityweek.com/google-app-engine-plagued-tens-vulnerabilities-researchers

19. December 8, IDG News Service – (International) Attackers knock PlayStation Network offline for hours. Sony Computer Entertainment America acknowledged that some users of its Sony Playstation Network (PSN) were unable to access the service for several hours December 7 due to an apparent attack. Attackers identifying themselves as the Lizard Squad group claimed credit for the disruption. Source: http://www.networkworld.com/article/2856673/attackers-knock-playstation-network-offline-for-hours.html

For another story, see item 4 above in the Financial Services Sector

Communications Sector

20. December 6, Los Angeles Times – (National) CBS, Dish Network strike deal after 12-hour blackout marathon talks. Negotiations were reached December 6 between CBS and Dish Network following a 12 hour outage of 2 CBS-owned television stations that impacted nearly 500,000 Dish Network customers in the Los Angeles-area. Source: http://www.latimes.com/entertainment/envelope/cotown/la-et-ct-cbs-blackout-ends-dish-contract-20141204-story.html