Complete DHS Report for January 14, 2015
Daily Report
Top Stories
· A fire
that sparked several explosions at the AirGas Mid South facility in Wichita,
Kansas, January 12 prompted an evacuation of the business and caused an
estimated $1.7 million in damage to the structure and its contents. – KWCH
12 Hutchinson
2. January
13, KWCH 12 Hutchinson – (Kansas) Cause of fire at AirGas Mid
South undetermined. A fire that sparked several explosions at the AirGas
Mid South facility in Wichita January 12 prompted an evacuation of the business
and caused an estimated $1.7 million in damage to the structure and its
contents. The cause of the fire that started where roof work was being done was
ruled undetermined, and operations were expected to resume January 13. Source: http://www.kwch.com/news/local-news/fire-working-at-airgas-mid-south-evacuation-ordered/30665224
· Authorities
are investigating the cause of smoke that filled the L’Enfant Plaza subway
station in Washington D.C. January 12, causing the death of 1 person and
injuries to 84 others. – Fox News; Washington Post; Associated Press
6. January
13, Fox News; Washington Post; Associated Press – (Washington, D.C.)
NTSB investigating after smoke at Washington Metro station kills 1, injures
84. The National Transportation Safety Board is investigating the cause of
smoke that filled the L’Enfant Plaza subway station in Washington D.C. January
12 and caused the death of 1 person and injuries to 84 others, many of whom
were aboard a Yellow Line train that stopped suddenly and began to fill with
smoke after departing the platform. Source: http://www.foxnews.com/us/2015/01/13/smoke-at-lenfant-plaza-station/
· Preliminary
lab results found a synthetic drug in a holiday bread after 40 individuals were
sickened after consuming rosca de reyes holiday bread from Cholula’s Bakery in
Santa Ana, California. – Orange County Register
13. January
13, Orange County Register – (California) Tainted Three Kings Day
bread may have sickened 10 more in Mission Viejo. Preliminary lab results
found a synthetic drug in a holiday bread after 40 individuals were sickened
after consuming rosca de reyes holiday bread from Cholula’s Bakery in Santa
Ana. Police are investigating at least 10 additional reports of illness that
may be connected to the tainted bread which was distributed to 9 stores in
Orange County and one in Long Beach. Source: http://www.ocregister.com/articles/bread-647897-police-mission.html
·
The U.S. Central Command (CENTCOM) announced January 12 that its military
networks were not compromised and there was no operational impact after
attackers claiming allegiance to the Islamic State temporarily took control of
CENTCOM’s Twitter and YouTube accounts. – Washington Post
27. January
12, Washington Post – (International) U.S. military social media
accounts apparently hacked by Islamic State sympathizers. The U.S. Central
Command (CENTCOM) announced January 12 that its military networks were not
compromised and there was no operational impact to CENTCOM after hackers
claiming allegiance to the Islamic State took control of CENTCOM’s Twitter and
YouTube accounts posting threatening messages and propaganda videos, along with
military documents. Both accounts were taken offline and authorities are
investigating. Source: http://www.washingtonpost.com/news/checkpoint/wp/2015/01/12/centcom-twitter-account-apparently-hacked-by-islamic-state-sympathizers/
Financial Services Sector
5. January
12, U-T San Diego – (California; Arizona; Utah) ‘Bombshell
Bandit’ pleads guilty to bank robberies. A Union City, California woman
known as the “Bombshell Bandit” pleaded guilty January 12 to robbing four banks
in Utah, Arizona, and California during 2014. Source: http://www.utsandiego.com/news/2015/jan/12/bombshell-bandit-pleads-guilty-bank-robberies/
For another story, see item 23 below
from the Healthcare and Public Health Sector
23. January
12, WFMZ 69 Allentown – (Pennsylvania) Former Lehigh County Prison
doctor pleads guilty to defrauding IRS. The former medical director of
Lehigh County Prison in Pennsylvania pleaded guilty January 12 to defrauding
the Internal Revenue Service (IRS), the U.S. Department of Education, and the
U.S. Department of Health and Human Services out of hundreds of thousands of
dollars and was ordered to pay a fine up to nearly $2.9 million and restitution
to the victims. The former medical director tried to defraud the IRS to avoid
paying over $200,000 in personal income taxes, filed false applications to the
U.S. Department of Education for financial aid for his four children, and tried
to file a fraudulent claim for Social Security disability benefits. Source: http://www.wfmz.com/news/news-regional-lehighvalley/former-prison-doc-pleads-guilty-to-defrauding-irs/30666518
Information Technology Sector
34. January
13, Securityweek – (International) Google discloses new unpatched Windows 8.1
privilege escalation flaw. Researchers with Google disclosed a privilege
escalation flaw in Windows 8.1 January 11 and released a proof of concept (PoC)
for the vulnerability. Researchers confirmed that the vulnerability also
affects Windows 7. Source: http://www.securityweek.com/google-discloses-new-unpatched-windows-81-privilege-escalation-flaw
35. January
13, Securityweek – (International) Unpatched security flaws impact Corel
software products. Core Security researchers released information on DLL
hijacking vulnerabilities that could allow attackers to execute arbitrary
commands in Corel DRAW, Photo Paint X7, PaintShop Pro X7, CAD 2014, Painter
2015, PDF Fusion, VideoStudio Pro X7, and Fast Flick products. The researchers
initially identified and reported the vulnerabilities in December. Source: http://www.securityweek.com/core-security-discloses-security-vulnerabilities-corel-software-products
36. January
13, Softpedia – (International) Wall charger steals keystrokes from Microsoft
wireless keyboards. A security researcher developed a device dubbed
KeySweeper that is a wall charger modified to intercept and transmit keystrokes
from a nearby Microsoft keyboard using an RF chip, the keyboard’s
communications frequency, and a 2G SIM card with SMS support. Source: http://news.softpedia.com/news/Wall-Charger-Steals-Keystrokes-from-Microsoft-Wireless-Keyboards-469851.shtml
37. January
13, The Register – (International) Crayola red-faced after yellow-belly Facebook
hijackers post blue jokes. Crayola stated that it regained control of its
Facebook account January 11 after unknown attackers took control of it and
posted inappropriate content. Source: http://www.theregister.co.uk/2015/01/13/facebook_hackers_work_blue_on_crayola_coloring_page/
38. January
13, The Register – (International) Insert ‘Skeleton Key’, unlocks Microsoft
Active Directory. Simples - hackers. Dell SecureWorks researchers
identified a piece of malware known as Skeleton Key that can bypass
authentication on Microsoft Active Directory (AD) systems, allowing attackers
to authenticate as any corporate user. The malware must be redeployed when a
domain controller is restarted and requires domain administrator credentials
for initial deployment. Source: http://www.theregister.co.uk/2015/01/13/skeleton_key_malware/
39. January
12, Securityweek – (International) Number of IE vulnerabilities fixed by
Microsoft doubled in 2014: Report. ESET released a report on
vulnerabilities closed by Microsoft in 2014 and found that the majority of the
vulnerabilities affected the Internet Explorer browser. The report stated that
7 out of 240 security vulnerabilities were zero-days exploited by attackers
before they were patched, and that the total number of Internet Explorer
vulnerabilities doubled compared to 2013, among other findings. Source: http://www.securityweek.com/number-ie-vulnerabilities-fixed-microsoft-doubled-2014-report
40. January
12, The Register – (International) Malware coders adopt DevOps to target smut
sites. A researcher with ESET reported that the attackers behind the
Windigo malware campaign which infected around 25,000 Unix and Linux servers
since 2013 began making several changes to the malware and their targets in
response to security researcher efforts to combat the malware, including
switching exploit kits and restricting targets to smaller adult content Web
sites in order to avoid attention. Source: http://www.theregister.co.uk/2015/01/12/linux_vxers_hit_devs_where_it_hurts_p0rn_sites/
For another story, see item 27 below from the Government Facilities Sector
27. January
12, Washington Post – (International) U.S. military social media
accounts apparently hacked by Islamic State sympathizers. The U.S. Central
Command (CENTCOM) announced January 12 that its military networks were not
compromised and there was no operational impact to CENTCOM after hackers
claiming allegiance to the Islamic State took control of CENTCOM’s Twitter and
YouTube accounts posting threatening messages and propaganda videos, along with
military documents. Both accounts were taken offline and authorities are
investigating. Source: http://www.washingtonpost.com/news/checkpoint/wp/2015/01/12/centcom-twitter-account-apparently-hacked-by-islamic-state-sympathizers/
Communications Sector
41. January 11, Brownsville
Herald – (Texas) Public radio station experiences outages. The
Upper Rio Grande Valley public radio KHID-FM 00.1 serving Hidalgo County
experienced a broadcasting outage January 8-9. The station confirmed the outage
and stated that an engineer was working on the issue. Source: http://www.brownsvilleherald.com/news/valley/article_8a731cdc-9948-11e4-8923-bfe686920ffd.html