Complete DHS Report for January 22, 2015
Daily Report
Top Stories
· Authorities
are assessing the total amount of damage and how long it will take before the
Southcross Energy Natural Gas Plant near Gregory, Texas, will resume operations
following an explosion at the plant January 20. – KRIS 6 Corpus Christi
1. January
21, KRIS 6 Corpus Christi – (Texas) Plant fire near Gregory sends
fireballs high into the sky. Authorities are assessing the total amount of
damage and how long it will take before the Southcross Energy Natural Gas Plant
near Gregory, Texas, will resume operations following an explosion at the plant
January 20. Pipelines that provide gas to the facility were shut off and the
fire burned itself out after several hours. Source: http://www.kristv.com/news/plant-fire-near-gregory-sends-fireballs-high-into-the-sky/
· The U.S.
Centers for Disease Control and Prevention reported January 19 that elevated
levels of benzene were found in water samples from a treatment plant that
serves approximately 6,000 people in Glendive, Montana, following a Yellowstone
River pipeline spill January 17. – Associated Press
17. January
20, Associated Press – (Montana) Cancer-causing agent detected in water after
pipeline spill. The U.S. Centers for Disease Control and Prevention
reported January 19 that elevated levels of benzene were found in water samples
from a treatment plant that serves approximately 6,000 people in the community
of Glendive, Montana, after 50,000 gallons of oil spilled from the Bridger
Pipeline Co.-owned Poplar pipeline into the Yellowstone River January 17.
Operations at the water treatment plant were halted indefinitely. Source: http://news.yahoo.com/cancer-causing-agent-detected-water-pipeline-spill-143731937.html
· A gunman
died from a self-inflicted gunshot wound after shooting and killing a doctor at
Brigham and Women’s Hospital in Boston January 20. – CNN
18. January
21, CNN – (Massachusetts) Boston doctor dies after hospital
shooting; suspect dead. A gunman died from a self-inflicted gunshot wound
after shooting and killing a doctor at Brigham and Women’s Hospital in Boston
January 20. The suspect entered the hospital and asked to speak with the doctor
prior to the shooting. Source: http://www.cnn.com/2015/01/20/justice/boston-hospital-shooting/
· Three
New York residents, including 1 former U.S. Department of Justice and Internal
Revenue Service (IRS) employee, were charged in federal court in Brooklyn
January 15 for defrauding the U.S. government of more than $3.4 million by
filing false claims. – Yuma Arizona News
21. January
17, Yuma Arizona News – (New York) FDA employee, former
corrections officer, and former IRS employee charged in multimillion dollar tax
refund conspiracy. Three New York residents, including 1 former U.S.
Department of Justice and Internal Revenue Service (IRS) employee, were
indicated in federal court in Brooklyn January 15 for defrauding the U.S. government
more than $3.4 million by filing false claims. Source: http://www.yumanewsnow.com/index.php/news/latest/9378-fda-employee-former-corrections-officer-and-former-irs-employee-charged-in-multimillion-dollar-tax-refund-conspiracy
Financial Services Sector
4. January
20, McAllen Monitor – (Texas) Former McAllen-based CEO admits to
$26M wire fraud. A former chief executive of USA Dry Van Logistics, a McAllen-based
trucking company, pleaded guilty January 20 to his role in a wire fraud scheme
that defrauded GE Capital Corporation out of more than $26 million between
March 2008 and January 2010. The former executive admitted to falsifying
documentation to hide his company’s true financial condition in order to borrow
hundreds of thousands of dollars every week and allow the company to appear
profitable. Source: http://www.themonitor.com/news/local/former-mcallen-based-ceo-admits-to-m-wire-fraud/article_b70aa4e8-a10b-11e4-8775-57d016f0fc44.html
5. January
20, KLTV 7 Tyler – (Texas) ‘Loan Ranger Bandit’ pleads guilty to
13 bank robberies. A suspect known as the “Loan Ranger Bandit” pleaded
guilty to 13 counts of bank robbery in federal court in Waco, Texas, January
16. The suspect admitted to 11 bank robberies in Texas and 2 bank robberies in
Arkansas, and is suspected of additional bank robberies in Kentucky,
Mississippi, and Texas. Source: http://www.kltv.com/story/27895106/loan-ranger-bandit-pleads-guilty-to-13-bank-robberies
6. January
20, Credit Union Times – (Michigan) Michigan police bust card
fraud ring. Three suspects in connection to a payment card fraud ring were
arraigned in Jackson County District Court January 12 on 1 count of criminal
enterprise, racketeering proceeds and 5 counts of illegal use of sale of a
financial device that caused more than 300 fraud complaints and $100,000 in
bogus charges on member credit and debit cards from American 1 Credit Union.
Source: http://www.cutimes.com/2015/01/20/michigan-police-bust-card-fraud-ring
Information Technology Sector
24. January
21, Securityweek – (International) Siemens fixes vulnerabilities in SCALANCE,
SIMATIC solutions. Siemens released firmware updates for the SCALANCE X-300
switch family and SCALANCE X408 running firmware versions prior to 4.0 to
address denial of service (DoS) vulnerabilities that can be exploited by an
unauthenticated attacker to cause a device to reboot by sending malformed HTTP
requests or sending specifically crafted network packets to the device’s FTP
server. Source: http://www.securityweek.com/siemens-fixes-vulnerabilities-scalance-simatic-solutions
25. January
21, Softpedia – (International) Ransomware incidents on an upward trend, FBI
warns. The FBI issued an alert January 20 and warned computer users of a
newer variant of the CrytoWall data encryption malware that infects computers
and restricts users’ access to files until a fee is paid and the files are
unlocked. The malware has been spotted in the wild, featuring localized ransom
messages and trying to connect to decryption services hidden in the Invisible
Internet Project (I2P) network. Source: http://news.softpedia.com/news/Ransomware-Incidents-On-An-Upward-Trend-FBI-Warns-470683.shtml
26. January
21, Krebs on Security – (International) Java patch plugs 19
security holes. Oracle released its quarterly patch update for Java,
closing at least 19 security vulnerabilities including 13 flaws that are
remotely exploitable. Source: http://krebsonsecurity.com/2015/01/java-patch-plugs-19-security-holes/
27. January
21, Threatpost – (International) Hard-coded FTP credentials found in Schneider
Electric SCADA Gateway. Schneider Electric released an update to address 2
flaws for their ETG3000 FactoryCast HMI Gateway, which is used in
manufacturing, energy, water, and other industries as a Web-based SCADA system
that could allow unauthenticated remote access to the device’s FTP server and
configuration files. Source: http://threatpost.com/hard-coded-ftp-credentials-found-in-schneider-electric-scada-gateway/110565
28. January
19, Threatpost – (International) Potential code execution flaw haunts PolarSSL
library. Researchers at Certified Secure discovered a vulnerability in
PolarSSL, an open-source SSL library, which could enable an attacker to execute
remote code execution and a denial of service (DoS) attack. Source: http://threatpost.com/potential-code-execution-flaw-haunts-polarssl-library/110505
Communications Sector
29. January 20, New York
Daily News – (National) Viacom, ESPN hit with $1.4M FCC fine for
using warning tones while promoting ‘Olympus Has Fallen’. The U.S. Federal
Communications Commission issued a $1.12 million fine against Viacom and a
$280,000 fine against ESPN January 20 for using Emergency Alert System warning
tones for non-emergency purposes while promoting a movie on cable networks in
2013. Source: http://www.nydailynews.com/news/politics/fcc-fines-viacom-espn-warning-tones-promoting-film-article-1.2086034
For another story, see item 24 above in the Information Technology
Sector