Friday, February 27, 2015



Complete DHS Report for February 27, 2015

Daily Report

Top Stories

 · A 30-mile stretch of northbound Interstate 95 between Newport and Bangor, Maine was closed for approximately 5 hours February 25 due to a multi-vehicle crash caused by heavy snowfall that injured at least 17 people. – WLBZ 2 Bangor; Associated Press

6. February 25, WLBZ 2 Bangor; Associated Press – (Maine) I-95 in Maine partially reopened after 75-vehicle pileup. A 30-mile stretch of northbound Interstate 95 between Newport and Bangor was closed for approximately 5 hours February 25 due to a multi-vehicle crash caused by heavy snowfall that involved at least 75 vehicles and left at least 17 people injured. Source: http://www.usatoday.com/story/news/nation/2015/02/25/interstate-95-crash-maine/23989051/

 · About 12 ships, including a cruise ship, were stranded in the Gulf of Mexico outside Tampa Bay, Florida, while 10 cargo ships were unable to leave from Port Tampa Bay February 24 due to sea fog February 23 that prompted the port to come to a near standstill. – Tampa Tribune

8. February 24, Tampa Tribune – (Florida) Cruise ship returns as fog halts port traffic. Nearly a dozen ships, including a cruise ship, were stranded in the Gulf of Mexico outside Tampa Bay while 10 cargo ships were unable to leave from Port Tampa Bay February 24 due to sea fog February 23 that prompted the port to come to a near standstill. The Royal Caribbean cruise ship was escorted to the port by U.S. Coast Guard vessels while freighters and tankers were ordered to remain in the Gulf until the fog cleared. Source: http://tbo.com/news/transportation/fog-closes-tampa-port-strands-cargo-ships-buckeye-cruise-20150224/

 · Officials announced February 26 that vandalism caused an Internet, cellphone, and landline outage in northern Arizona for more than 6 hours February 25 after CenturyLink employees and Phoenix police found a cut cable. – Associated Press

17. February 26, Associated Press – (Arizona) Arizona authorities probe vandalism that cut off Internet, phones for hours. Officials announced February 26 that vandalism caused an Internet, cellphone, and landline outage in northern Arizona for more than 6 hours February 25 after CenturyLink employees and Phoenix police found a cut fiber-optic cable. Crews restored services that impacted a 100-mile area stretching between Phoenix to Flagstaff. Source: http://www.foxnews.com/us/2015/02/26/arizona-authorites-probe-vandalism-that-cut-off-internet-phones/

 · A frozen water pipe burst inside the David Stott building in Detroit, Michigan, between February 22-23 causing about 2 million gallons of water ran throughout the structure unnoticed for approximately 1 day. – WWJ 62 Detroit

18. February 26, WWJ 62 Detroit – (Michigan) Cleanup continues at flooded David Stott building in Detroit. Cleanup crews continued working February 26 after a frozen water pipe ruptured inside the David Stott building in Detroit between February 22-23 and millions of gallons of water ran throughout the building unnoticed for approximately 1 day. About 2 million gallons of water was pumped from the building into the city’s sewer system February 25, while the bottom floor of the structure was reportedly still under water. Source: http://detroit.cbslocal.com/2015/02/26/cleanup-continues-at-flooded-david-stott-building-in-detroit/

Financial Services Sector

3. February 25, Associated Press – (Massachusetts) Founder accused of defrauding investors in $40M mutual fund. A Massachusetts financier was charged with securities fraud, wire fraud, aggravated identify theft, and obstruction of justice February 25 for allegedly issuing fictitious consumer loans as co-portfolio manager of GL Beyond Income Fund, and diverting the fund’s assets for use on business and personal expenses. Source: http://abcnews.go.com/US/wireStory/founder-accused-defrauding-investors-40m-mutual-fund-29226096

4. February 25, Reuters – (National) MetLife unit to pay $123.5 million for alleged mortgage fraud. The U.S. Department of Justice announced February 25 that Met Life Home Loans LLC will pay $123.5 million to resolve accusations that the company, doing business as MetLife Bank at the time of the alleged infractions, knowingly violated the False Claims Act from September 2008 to March 2012 by originating and underwriting mortgage loans insured by the Federal Housing Administration (FHA) that did not meet underwriting requirements. MetLife was allegedly aware of the accused violations through its internal quality control measures and reportedly downgraded its sub-standard FHA loans to appear to have fewer issues. Source: http://www.reuters.com/article/2015/02/25/us-metlife-usa-loans-idUSKBN0LT1ZR20150225

Information Technology Sector

16. February 26, Securityweek – (International) Lizard Squad hijacks Lenovo website, emails. Lizard Squad hackers hijacked the Lenovo Web site and email servers by using CloudFlare IP addresses to modify DNS records in Lenovo domain registrar accounts and redirect users to defacement pages, and changed mail server records to allow the group to intercept emails sent to Lenovo email addresses. The hijacking mirrored a similar attack that targeted Google Vietnam during the week of February 23. Source: http://www.securityweek.com/lizard-squad-hijacks-lenovo-website-emails

Communications Sector

17. February 26, Associated Press – (Arizona) Arizona authorities probe vandalism that cut off Internet, phones for hours. Officials announced February 26 that vandalism caused an Internet, cellphone, and landline outage in northern Arizona for more than 6 hours February 25 after CenturyLink employees and Phoenix police found a cut fiber-optic cable. Crews restored services that impacted a 100-mile area stretching between Phoenix to Flagstaff. Source: http://www.foxnews.com/us/2015/02/26/arizona-authorites-probe-vandalism-that-cut-off-internet-phones/

For another story, see item 15 below from the Emergency Services Sector

15. February 26, Yavapai County Daily Courier; Chino Valley Review – (Arizona) Prescott-area police, fire, 911 service hit hard by outage. Emergency 9-1-1 calls to the Prescott Regional Communications Center in Arizona were rerouted February 25 to the backup dispatching center at the Yavapai County Sheriff’s Office after a CenturyLink fiber cable near New River was damaged causing an Internet and telephone outage. The Chino Valley Police Department was also impacted by the outage, along with the sheriff’s office in Yavapai County which suffered landline and Internet outages. Source: http://dcourier.com/main.asp?SectionID=1&SubSectionID=1&ArticleID=142272

Thursday, February 26, 2015



Complete DHS Report for February 26, 2015

Daily Report

Top Stories

 · The Federal Aviation Administration allowed Southwest Airlines Co., February 24 to continue flying 128 planes that were grounded due to missed inspections, as long as the planes are checked within 5 days. – Associated Press (See item 4)

4. February 25, Associated Press – (National) FAA: Southwest for now can use planes that missed inspection. The Federal Aviation Administration allowed Southwest Airlines Co., February 24 to continue flying 128 planes that were grounded due to missed inspections of backup hydraulic systems used to control the rudder, as long as the planes are checked within 5 days. The airline stated that they canceled about 80 flights after the discovery and expected to cancel up to 19 more February 25 during inspections. Source: http://www.msn.com/en-us/news/us/faa-southwest-for-now-can-use-planes-that-missed-inspection/ar-BBhWx5Q

 · A water main break at the University of Pittsburgh at Bradford in Pennsylvania, February 23 caused about 18,000 customers including businesses and schools to lose water service or have low water pressure, prompting a boil advisory. – WGRZ 2 Buffalo

13. February 24, WGRZ 2 Buffalo – (Pennsylvania) Pipe replaced, but water problems continue in Bradford. A February 23 break of a 24-inch water main at the University of Pittsburgh at Bradford caused an estimated 18,000 people in the city to lose water service or have low water pressure, prompting a boil advisory. The university and city schools and businesses were closed through February 27 due to the outage. Source: http://www.wgrz.com/story/news/local/2015/02/23/bradford-water-main-break-boil-water/23908573/

 · Anthem Inc., announced February 24 that 8.8 million to 18.8 million members of other Blue Cross Blue Shield health insurance plans may have been affected by a breach reported by the company in February. – Reuters (See item 14)

14. February 24, Reuters – (National) Anthem says hack may affect more than 8.8 million other BCBS members. Anthem Inc., announced February 24 that 8.8 million to 18.8 million members of other Blue Cross Blue Shield health insurance plans may have been affected by a breach reported by the company in February. Anthem updated the total number of records accessed in the database to 78.8 million customers, including 14 million incomplete records. Source: http://www.reuters.com/article/2015/02/25/us-anthem-cybersecurity-idUSKBN0LS2CS20150225

 · Government offices in 50 northern Georgia counties were closed and a state of emergency was declared, as well as in Alabama and Tennessee due to a winter storm that also prompted schools across southern U.S. States to close February 25. – CNN

15. February 25, CNN – (National) Groan with the wind: The south gets hit with another winter storm. State government offices in 50 northern Georgia counties were closed and a state of emergency was declared, as well as in Alabama and Tennessee due to a winter storm that also prompted schools across southern U.S. States to close February 25. Approximately 1,330 flights in and out of the U.S. were also canceled due to the impending storm. Source: http://www.cnn.com/2015/02/25/us/winter-weather/index.html

Financial Services Sector

3. February 24, U.S. Department of Justice – (California) Los Angeles-area executive arrested in $9 million bank fraud scheme. An executive of Ontario, California based Eastern Tools and Equipment was arrested February 24 following an October 2014 indictment for his role in a scheme to defraud United Commercial Bank and East West Bank of more than $9 million. The executive and his co-conspirators allegedly overstated Eastern Tools’ accounts receivable to increase the company’s line of credit with the banks then shifted money from the company’s bank accounts into about 20 shell companies before siphoning the money into their personal accounts. Source: http://www.fbi.gov/losangeles/press-releases/2015/los-angeles-area-executive-arrested-in-9-million-bank-fraud-scheme

Information Technology Sector

21. February 25, Securityweek – (International) Mozilla fixes 17 vulnerabilities in Firefox 36. Mozilla released version 36 of its Firefox browser closing 17 vulnerabilities and flaws, including 4 rated as critical. Source: http://news.softpedia.com/news/Firefox-36-Fixes-Long-List-of-Security-Bugs-474150.shtml

22. February 25, Help Net Security – (International) New DDoS attack and tools use Google Maps plugin as proxy. PLXsert security researchers discovered that attackers are exploiting a known vulnerability in Joomla’s Google Maps plugin by spoofing the sources of requests, causing results to be sent from proxies to their denial of service (DDoS) targets. Researchers identified more than 150,000 potential Joomla reflectors on the internet, many of which remain vulnerable to be used for this type of attack. Source: http://www.net-security.org/secworld.php?id=18002

23. February 25, Threatpost – (International) Ramnit botnet shut down. Europol Cybercrime Centre (EC3) investigators, Microsoft, AnubisNetworks, and Symantec carried out an operation to shut down the Ramnit botnet’s 7 command and control (C&C) servers and redirected traffic from 300 domains used by the botnet. EC3 estimated that more than 3.2 million Windows computers have been infected with the botnet via spam campaigns, phishing scams, and drive-by downloads that installed malicious code to grant attackers access to banking credentials and other log-in information. Source: http://threatpost.com/ramnit-botnet-shut-down/111254

24. February 24, Securityweek – (International) McAfee: Popular mobile apps remain vulnerable to MitM flaws found last year. Intel Security’s McAfee Labs reported that almost 75 percent of the most popular mobile apps found vulnerable to man-in-the-middle (MitM) attacks remain exposed to attacks since they were first identified in a September 2014 analysis by the Computer Emergency Response Team (CERT) at Carnegie Mellon University. Source: http://www.securityweek.com/mcafee-popular-mobile-apps-remain-vulnerable-mitm-flaws-found-last-year

Communications Sector

Nothing to report