Friday, December 12, 2014



Complete DHS Report for December 12, 2014

Daily Report

Top Stories

 • Officials reported December 10 that work to clean up an estimated 8,000-gallon gasoline leak from a pipeline near Belton, South Carolina, will continue for 2 to 3 weeks after the pipeline was shut off December 8. – Greenville News
4. December 10, Greenville News – (South Carolina) EPA: 8,000-gallon gas pipeline cleanup to last weeks. Officials reported December 10 that work to clean up an estimated 8,000-gallon gasoline leak from a 26-inch pipeline owned by the Plantation Pipe Link Company near Belton will continue for 2 to 3 weeks after the pipeline was shut off December 8 following a leak. Service was expected to resume December 11 while authorities continue to investigate the cause of the leak. Source: http://www.greenvilleonline.com/story/news/local/2014/12/10/gas-leak-near-belton-sparks-cleanup/20189533/

 • Service on the Sounder Northline commuter train was suspended until at least December 15 due to debris from a mudslide that occurred from a slope adjacent to the main rail line between Seattle and Everett in Washington December 10. – Seattle Times; Associated Press
13. December 10, Seattle Times; Associated Press – (Washington) Mudslide: Sounder Northline suspended until at least Monday. Company officials stated that service on the Sounder Northline commuter train is suspended until at least December 15 due to debris from a mudslide that occurred from a slope adjacent to the main rail line between Seattle and Everett December 10. Crews will assess the slide and slope stability in order to determine when to resume service. Source: http://blogs.seattletimes.com/today/2014/12/mudslide-south-of-everett-blocks-railroad-track/

 • A mandatory water conservation order was enacted for Castine, Maine, after the Castine Water Department discovered an unknown leak causing a loss of between 20,000-25,000 gallons a day out of the town’s water supply. – Castine Patriot
20. December 11, Castine Patriot – (Maine) ‘Unidentified system leak’ forces mandatory water conservation. A mandatory water conservation was enacted by the Board of Selectmen for the town of Castine after the Castine Water Department discovered an unknown leak causing a loss of between 20,000-25,000 gallons a day out of the town’s water supply. Crews continued to search for the source of the leak while customers were urged to limit daily consumption. Source: http://castinepatriot.com/news/2014/dec/11/unidentified-system-leak-forces-mandatory-water-co/

 • San Francisco and Oakland Unified School Districts closed all public schools as well as some private schools in the Bay Area December 11 as a precautionary measure due to an expected storm in northern California. – Associated Press
23. December 10, Associated Press – (California) Northern California schools to close due to storm. San Francisco and Oakland Unified School Districts closed public schools in both San Francisco and Oakland as well as some private schools in the Bay Area December 11 as a precautionary measure due to an expected storm in northern California that could impact school operations. Source: http://www.contracostatimes.com/california/ci_27110628/northern-california-schools-close-due-storm

Financial Services Sector

8. December 10, Bloomberg News – (Nebraska) Former TierOne Bank CEO indicted on fraud charges. The former CEO of Lincoln, Nebraska-based TierOne Bank was indicted on federal charges December 10 for allegedly concealing the failed bank’s financial condition to regulators by maintaining two sets of books and other documentation to conceal tens of millions of dollars in delinquent loans. Source: http://www.bloomberg.com/news/2014-12-10/former-tierone-bank-ceo-indicted-on-fraud-charges.html

9. December 10, U.S. Securities and Exchange Commission – (New York) SEC announces fraud charges against Buffalo-based firm and co-owners accused of misleading investors in hedge fund. The U.S. Securities and Exchange Commission announced charges December 10 against Buffalo-based Reliance Financial Advisors and its two co-owners for allegedly directing investors to invest in a hedge fund run by a manager whose experience was greatly exaggerated, causing their clients to lose most of their $12 million in investments. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370543672264

For another story, see item 27 below in the Information Technology Sector

Information Technology Sector

26. December 11, Softpedia – (International) OphionLocker, the new ransomware on the block. Researchers with Trojan7Malware identified a new piece of ransomware known as OphionLocker that uses elliptic curve cryptography (ECC) to encrypt the data on victims’ systems and demand a ransom to decrypt the files. The ransomware was observed in the wild being spread by the RIG exploit kit in drive-by download attacks. Source: http://news.softpedia.com/news/OphionLocker-the-New-Ransomware-on-the-Block-467197.shtml

27. December 11, The Register – (International) Elderly zombie Asprox botnet STILL mauling biz bods, says survey. A report by Palo Alto Networks found that the Asprox botnet (also known as Kuluoz) was responsible for around 80 percent of recorded attacks during October across almost 2,000 organizations in sectors including the healthcare, financial services, and retail industries. The botnet malware plants malicious code in vulnerable Web sites via SQL injection attacks and has been used in phishing, malware distribution, and other attacks. Source: http://www.theregister.co.uk/2014/12/11/asprox_malware_mauls_business/

28. December 11, Softpedia – (International) Patch against critical flaw in HD FLV Player still leaves the plug-in vulnerable. A researcher with Sucuri reported that a recent patch closing a vulnerability that could have allowed unauthenticated arbitrary file downloads in the HD FLV Player component for Joomla, WordPress, and custom Web sites did not close a similar vulnerability that could allow an unauthenticated attacker to send out emails from an affected site. Source: http://news.softpedia.com/news/Patch-Against-Critical-Flaw-in-HD-FLV-Player-Still-Leaves-the-Plug-in-Vulnerable-467156.shtml

29. December 11, The Register – (International) FreeBSD developers VANQUISH Demon bug. Researchers with Norse identified and reported a vulnerability in FreeBSD that could have allowed an attacker to inject malicious code into systems running the software. The developers of FreeBSD released a patch after receiving the report, closing the vulnerability. Source: http://www.theregister.co.uk/2014/12/11/freebsd_security_bug_patched/

30. December 11, Threatpost – (International) Black Energy malware may be exploiting patched WinCC flaw. The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) issued an update to a previous alert concerning the Black Energy malware seen targeting human-machine interface (HMI) products, which stated that the malware may be exploiting vulnerabilities in the Siemens SIMATIC WinCC software that was patched by Siemens November 11. Source: http://threatpost.com/black-energy-malware-may-be-exploiting-patched-wincc-flaw/109835

31. December 10, The Register – (International) Taxi app Uber plugs ‘privacy-threatening’ web security flaw. Ride-sharing service Uber closed a cross-site scripting (XSS) vulnerability in its Web site after a security researcher identified and reported the issue. The vulnerability could have exposed users’ cookies, personal information, browser history, and authentication credentials. Source: http://www.theregister.co.uk/2014/12/10/uber_xss_security_bug/

32. December 10, The Register – (International) ‘Critical’ security bugs dating back to 1987 found in X Window. The developers of the X Window System for Linux and other Unix operating systems issued patches closing several vulnerabilities that could be exploited to crash the system or run malicious code as the root user after they were identified and reported by a researcher at IOActive. Source: http://www.theregister.co.uk/2014/12/10/x_window_system_bugs/

Communications Sector

33. December 11, Associated Press – (New Hampshire; Vermont) Widespread FairPoint outage in New Hampshire, Vermont. FairPoint Communications’ crews worked to resolve a widespread outage that disrupted high-speed Internet service for an unknown amount of customers in New Hampshire and Vermont December 11 that also affected municipal Web sites in Nashua and Manchester. Source: http://www.eagletribune.com/news/new_hampshire/widespread-fairpoint-outage-in-new-hampshire-vermont/article_24d09bd1-5338-5afe-bc3f-404bf217324a.html