Thursday, January 29, 2015



Complete DHS Report for January 29, 2015

Daily Report

Top Stories

 • Health officials warned January 27 that an individual diagnosed with measles may have exposed as many as 195 children to the disease at the Phoenix Children’s East Valley Center between January 20 and 21. – Arizona Republic

19. January 28, Arizona Republic – (Arizona) Arizona measles outbreak reaches ‘critical point’. Two additional cases of measles were confirmed in Arizona January 27 and public health officials warned that one of the confirmed cases may have exposed as many as 195 children to the disease at the Phoenix Children’s East Valley Center between January 20 and 21. Source: http://www.usatoday.com/story/news/2015/01/28/arizona-measles-disneyland-outbreak-phoenix-children/22452491/

 • Police are searching for a man who planted an explosive device inside a Marshall’s store in Visalia, California, January 27 and waited for the device to detonate before he fled the scene with stolen merchandise. – Visalia Times-Delta

30. January 28, Visalia Times-Delta – (California) Explosive device planted in Visalia Marshall's. Police are searching for a man who planted an explosive device inside a Marshall’s store in Visalia January 27 and waited for the device to detonate before he used an emergency exit to flee the scene with stolen merchandise. Authorities are working to identify the explosive substance but believe the suspect may have placed dry ice in a plastic soda bottle and sealed the lid causing the bottle to expand and explode. Source: http://www.visaliatimesdelta.com/story/news/local/2015/01/28/explosive-device-planted-visalia-marshalls/22465081/

 • Police are investigating after gunshots shattered windows and caused thousands of dollars in damage at the Great American Tower at Queen City Square in Cincinnati, Ohio, over four separate occasions between January 19 and 26. – WXIX 19 Newport

32. January 27, WXIX 19 Newport – (Ohio) Police search for gunman shooting up Cincinnati's tallest skyscraper. Police are investigating after gunshots shattered windows and caused thousands of dollars in damage at Great American Tower at Queen City Square in Cincinnati over four separate occasions between January 19 and January 26, all of which have occurred after business hours. Police temporarily closed the Lytle Tunnel on northbound Interstate 71 January 26 and 27 and are working to determine if the shootings are coming from an area of the highway that routes along downtown Cincinnati and Fort Washington Way. Source: http://www.fox10tv.com/story/27947814/lytle-tunnel-shut-down-2nd-night-in-row-after-gunshots-fired

 • Three men crashed a vehicle into the Wells Fargo History Museum in downtown San Francisco January 27 with one suspect holding a guard at gunpoint while the others collected about $10,000 worth of gold nuggets before fleeing the scene. – Los Angeles Times

33. January 27, Los Angeles Times – (California) Masked men crash SUV into S.F. museum, steal 10 ounces of gold. Three masked men crashed a stolen vehicle into the Wells Fargo History Museum in downtown San Francisco January 27 with one suspect holding a guard at gunpoint while the others collected about $10,000 worth of historic gold nuggets before fleeing the scene in a second vehicle driven by an accomplice. Wells Fargo officials reported that the museum would reopen at a later date while police are investigating if the incident is related to similar smash-and-grab thefts involving vehicles in the area since May 2014. Source: http://www.latimes.com/local/lanow/la-me-ln-san-francisco-gold-nugget-heist-20150127-story.html

Financial Services Sector

5. January 27, Milwaukee Journal-Sentinel – (Wisconsin) Watertown insurance agent Loren Holzhueter ran $10 million Ponzi scheme, feds allege. A Watertown insurance agent and one of his companies were charged with five counts of securities fraud in federal court in Madison by the U.S. Securities and Exchange Commission for running a $10 million Ponzi scheme and failing to provide correct information to at least 122 investors on how their money was being used. Source: http://www.jsonline.com/business/holzhueter-ran-10-million-ponzi-scheme-feds-allege-b99434251z1-290003131.html

For another story, see item 31 below from the Commercial Facilities Sector

31. January 28, WBIW 1340 AM Bedford – (Indiana) French Lick Resorts report credit card breach. French Lick Resort officials warned some visitors that their personal and financial information may have been compromised after malware was introduced into the company’s payment system. The malware has since been removed and officials warned that only those visitors who used a payment card at the resort between April 23, 2014 and January 21, 2015 could be at risk. Source: http://www.wbiw.com/local/archive/2015/01/french-lick-resorts-reports-credit-card-breach.php

Information Technology Sector

25. January 28, Softpedia– (International) D-Link routers vulnerable to unauthorized DNS changing. A recently published proof-of-concept exploit from a security researcher at Ethical Hacker, illustrated a vulnerability found in DSL router model D-Link DSL-2740R, which allows remoter hackers to change the device’s domain name system (DNS) settings and redirect users to malicious online locations hosting malware or phishing pages. Source: http://news.softpedia.com/news/D-Link-Routers-Vulnerable-to-Unauthorized-DNS-Changing-471480.shtml

26. January 28, Securityweek – (International) Flash Player update patches two critical vulnerabilities. Adobe released an update in Flash Player to version 16.0.0.296 to address a zero-day vulnerability, CVE-2015-0311, the second of two previously unreported critical flaws that have been patched in the last week, that allows attackers to install malware by visiting compromised websites or malicious ads in their browsers. Source: http://www.securityweek.com/flash-player-update-patches-two-critical-vulnerabilities

27. January 28, Securityweek – (International) Serious vulnerability in Blackphone exposed messages, location. A security flaw in Silent Text, an instant messaging app available on the privacy-focused Blackphone, could be exploited by a remote attacker to execute arbitrary code and enable the complete control of a targeted device. The vulnerability has been closed by Blackphone and its developer Silent Circle. Source: http://www.securityweek.com/serious-vulnerability-blackphone-exposed-messages-location

28. January 27, Securityweek – (International) Apple to Patch Thunderstrike, vulnerabilities disclosed by Google. Apple released updates for its OS X operating system that includes patches for several vulnerabilities including a flaw in the software that enabled the Thunderstrike boot kit attack. Source: http://www.securityweek.com/apple-patch-thunderstrike-vulnerabilities-disclosed-google

For another story, see item 31 above in the Financial Services Sector

Communications Sector 

29. January 28, Contra Costa Times – (California) Antioch: Construction crew causes cable, Internet outage, Comcast says. Construction crews working near the border of Antioch and Pittsburg damaged several fiber optic cables causing cable service and Internet outages for an unknown number of Comcast customers in east Contra Costa for more than 6 hours January Source: http://www.contracostatimes.com/antioch/ci_27407764/antioch-construction-crew-causes-cable-internet-outage-comcast