Tuesday, December 16, 2014




Complete DHS Report for December 16, 2014



Daily Report



Top Stories



 · Heavy rains starting December 12 flooded several roadways in southern California and caused a mudslide that closed a stretch of the Pacific Coast Highway in Ventura County, while rail service in the area was suspended. – KNBC 4 Los Angeles



10. December 12, KNBC 4 Los Angeles – (California) SoCal roadways closed by mud and floods, snarling commute. Several freeways were closed in southern California December 12 after heavy rains flooded northbound lanes of 170 Freeway in North Hollywood and a stretch of the Pacific Coast Highway in Ventura County due to a mudslide. The severe weather conditions also led to a suspension of the Amtrak Pacific Surfliner service and a downed tree caused delays for the Gold Line railway in Pasadena. Source: http://www.nbclosangeles.com/news/local/Mud-and-Floods-Close-SoCal-Freeways-in-Morning-Storm-285608191.html



· A gas leak from an ice-resurfacing machine at the Poppy Waterman Ice Arena in Lake Delton, Wisconsin, sent 81 people to area hospitals for carbon monoxide poisoning after experiencing nausea, dizziness, and headaches December 13. – Milwaukee Journal Sentinel; Associated Press



26. December 14, Milwaukee Journal Sentinel; Associated Press – (Wisconsin) Dozens sickened by carbon monoxide at Lake Delton ice rink. At least 81 individuals at the Poppy Waterman Ice Arena in Lake Delton were treated for symptoms related to carbon monoxide exposure December 13 due to a leak that was discovered coming from one of the rink’s propane-fueled resurfacing machines. Authorities are investigating the incident and an inspection of the equipment was scheduled. Source: http://www.jsonline.com/news/wisconsin/dozens-reportedly-sickened-by-carbon-monoxide-at-lake-delton-ice-rink-b99408550z1-285749581.html



· Between 3,000 and 5,000 staff and visitors were evacuated from the American Museum of Natural History in New York City December 12 after a fire sparked by maintenance work on an air conditioning unit outside of the building sent smoke into the museum. – WCBS 2 New York City



30. December 12, WCBS 2 New York City – (New York) Small fire prompts evacuation of American Museum of Natural History. Between 3,000 and 5,000 staff and visitors were evacuated from the American Museum of Natural History in New York City December 12 while firefighters ventilated the building following a small fire that was sparked during maintenance work on an air conditioning unit mounted outside of the museum. The museum suffered minor water damage from the building’s sprinkler system and was expected to reopen December 13. Source: http://newyork.cbslocal.com/2014/12/12/small-fire-prompts-evacuation-of-american-museum-of-natural-history/



· Several thousand U.S. retailers using older models of Equinox Payments’ Hypercom credit card payment terminals experienced an outage December 7 when a security mechanism was triggered by the expiration of the products’ cryptographic certificate that was created in 2004 with a 10-year expiry date. – Krebs on Security



33. December 12, Krebs on Security – (National) ‘Security by antiquity’ bricks payment terminals. Equinox Payments officials reported that U.S. retailers using certain models of its Hypercom credit card payment terminals experienced an outage December 7 when a security mechanism was triggered by the expiration of the products’ cryptographic certificates that were assigned a 10 year expiry date in 2004. Company officials are working to replace the certificates and return thousands of the bricked terminals to an operational state. Source: http://krebsonsecurity.com/2014/12/security-by-antiquity-bricks-payment-terminals/



Financial Services Sector



5. December 13, Associated Press – (Pennsylvania) Bail bondsman charged with writing fraudulent bonds. A Berks County bail bondsman and three other employees of Ace Bail Bonds were charged December 12 for allegedly writing $2 million in fraudulent bail bonds between August and September. Source: http://www.nbcphiladelphia.com/news/local/Bail-Bondsman-Charged-With-Writing-Fraudulent-Bonds-285656571.html



6. December 12, Chicago Tribune – (Illinois) ‘Play-Along Bandit’ sought by the FBI. The FBI asked for the public’s help in finding a suspect known as the “Play-Along Bandit” suspected in at least five Chicago bank robberies since October 18. The most recent robbery tied to the suspect took place at a Harris Bank branch December 7. Source: http://www.chicagotribune.com/news/local/breaking/chi-playalong-bandit-sought-by-the-fbi-20141212-story.html



7. December 12, U.S. Securities and Exchange Commission – (New York) Court orders former managing director of the NASDAQ Stock Market to disgorge more than $898,000 in insider trading profits. A former managing director of the NASDAQ Stock Market was ordered to disgorge $898,107.92 in illicit profits plus interest for engaging in insider trading using nonpublic information entrusted to him by NASDAQ and listed companies ahead of nine announcements between August 2006 and July 2009. Source: http://www.sec.gov/litigation/litreleases/2014/lr23156.htm



8. December 12, U.S. Securities and Exchange Commission – (New York) SEC charges Manhattan-based attorney with conducting Ponzi scheme. The U.S. Securities and Exchange Commission filed charges December 12 against a New York City-based attorney for allegedly conducting a $5 million Ponzi scheme that purported to invest clients’ investments in an investment fund that the attorney was not in fact affiliated with. Parallel criminal charges were also filed by the U.S. Attorney’s Office for the Southern District of New York. Source: http://www.sec.gov/News/PressRelease/Detail/PressRelease/1370543693087



Information Technology Sector



20. December 15, Softpedia – (International) CloudFlare SSL certificate used for phishing scam. A researcher with Malwarebytes identified a new phishing email campaign that utilized a free CloudFlare certificate in order to make a malicious link appear more trustworthy. CloudFlare has since revoked the certificate. Source: http://news.softpedia.com/news/CloudFlare-SSL-Certificate-Used-For-Phishing-Scam-467356.shtml



21. December 15, Softpedia – (International) SoakSoak malware campaign affects over 100,000 websites. A Sucuri researcher reported that malware delivered from the Russian Web site soaksoak.ru has affected over 100,000 WordPress Web sites adding a code that adds a malicious JavaScript on every page viewed on the affected sites. Google then blacklisted more than 11,000 domains connected to the malware. Source: http://news.softpedia.com/news/SoakSoak-Malware-Campaign-Affects-Over-100-000-Websites-467506.shtml



22. December 12, Securityweek – (International) Ursnif malware steals data, infects files in US, UK. Trend Micro researchers detected an increase in the number of Ursnif malware infections caused by a variant known as PE_URSNIF.A-O that is capable of infecting files as well as stealing passwords and other information. The largest number of the new infections were found in the U.S. and U.K. Source: http://www.securityweek.com/ursnif-malware-steals-data-infects-files-us-uk



23. December 12, The Register – (International) Batten down the patches: New vuln found in Docker container tech. A security researcher identified an arbitrary code execution vulnerability in Docker that was introduced in a November patch and could be exploited by including malicious .xz binaries in image files. The developers of Docker released a new patch that closes the vulnerability, and all users were advised to apply the patch as soon as possible. Source: http://www.theregister.co.uk/2014/12/12/docker_vulnerability/



Communications Sector



24. December 13, WNYT 13 Albany – (New York) 911 services restored in Canajoharie. All phone services, including 9-1-1 service, were restored December 13 to Frontier Communications customers in Canajoharie after a small fire from a gas leak damaged a line and knocked out service December 12. Source: http://wnyt.com/article/stories/s3648721.shtml