Thursday, March 12, 2015



Complete DHS Report for  March 12, 2015

Daily Report

Top Stories

· A 30-mile stretch of Interstate 65 in Indiana was closed overnight March 10 to March 11 due to at least 3 separate accidents that left 2 people dead and several others injured. – Times of Northwest Indiana

8. March 11, Times of Northwest Indiana – (Indiana) I-65 closed in Jasper Co. after 22 vehicles crash in fog, killing two. A 30-mile stretch of Interstate 65 between Wolcott and Lafayette in Indiana was closed overnight March 10 to March 11 due foggy conditions which caused at least 3 separate accidents involving 15 semi-trucks and 7 vehicles, and left 2 people dead and several others injured. Source: http://www.nwitimes.com/news/local/jasper/multiple-crashes-in-dense-fog-close-i--in-jasper/article_5cf52d18-26ba-5caa-9afd-3d4bdbe12235.html

 · Three workers at a Corbion food processing chemical facility in Missouri suffered minor injuries following a fire and explosion March 11 that was sparked in a spray room where employees dump mass amounts of flour. – KCTV 5 Kansas City

12. March 11, KCTV 5 Kansas City – (Missouri) Three hurt after explosion at Grandview chemical plant. Three workers at a Corbion food processing chemical facility in Grandview suffered minor injuries following a fire and explosion March 11 that was sparked in a spray room where employees dump mass amounts of flour. The plant was safely evacuated and officials were at the scene to investigate the incident. Source: http://www.kctv5.com/story/28382293/grandview-chemical-plant-explosion

 · McNeil Consumer Healthcare pleaded guilty March 10 and agreed to pay $25 million for selling liquid medicine contaminated with metal after a series of recalls which began in 2008 due to faulty manufacturing. – Reuters

17. March 10, Reuters – (National) Tylenol maker to pay $25 million for selling metal-contaminated drugs. McNeil Consumer Healthcare, a subsidiary of Johnson & Johnson, pleaded guilty March 10 and agreed to pay $25 million for selling liquid medicine contaminated with metal after a series of recalls which began in 2008 due to faulty manufacturing. In addition to the metal particles, which were discovered by a consumer complaint in May 2009, there were moldy odors and labeling issues with the products. Source: http://www.reuters.com/article/2015/03/10/us-johnson-johnson-tylenol-idUSKBN0M629S20150310

 · Four U.S. Army National Guard soldiers and 7 members of the U.S. Marine Corps were aboard a U.S. Army helicopter that crashed after taking off from an airport in Destin, Florida, and were presumed to be dead March 11 after human remains washed ashore. – Associated Press

19. March 11, Associated Press – (Florida) Fog lifting, easing search in Florida helicopter crash. Four U.S. Army National Guard soldiers and 7 members of the U.S. Marine Corps were aboard a U.S. Army helicopter that crashed during routine night training after taking off from an airport in Destin, Florida, March 10 were presumed to be dead March 11 after human remains washed ashore. Officials were still considering conducting a search-and-rescue mission and are continuing to investigate the incident. Source: http://www.msn.com/en-us/news/us/11-servicemen-presumed-dead-in-helicopter-crash/ar-AA9D0Y8

Financial Services Sector

7. March 10, NJ.com – (National) Key player in $5M ATM bank card scheme found guilty. A Chicago man was convicted March 10 for his role in an ATM bank card skimming scheme in which he and up to 16 other suspects installed card-reading devices and pinhole cameras on ATMs in New Jersey and elsewhere, and created thousands of phony ATM cards that they used to withdraw more than $5 million from customer bank accounts. Source: http://www.nj.com/news/index.ssf/2015/03/key_player_in_5m_atm_bank_card_scheme_found_guilty.html

Information Technology Sector

21. March 11, Softpedia – (International) Shortcut parsing glitch used by Equation group re-patched by Microsoft. Microsoft fixed a shortcut parsing vulnerability in Windows that was discovered by Kaspersky Labs researchers to have been in use since 2008 in large-scale cyber-espionage activities involving the Equation group and the Fanny worm. Microsoft corrected how Windows handles dynamic link library (DLL) files to patch the vulnerability that allowed attackers to infect systems by creating malformed shortcut files (LNK) loaded from a malicious DLL that would execute automatically when opened. Source: http://news.softpedia.com/news/Shortcut-Parsing-Glitch-Used-by-Equation-Group-Re-Patched-by-Microsoft-475479.shtml

22. March 11, The Register – (International) Malware uses Windows product IDs to mix mutex. A security researcher at SANS discovered a new trojan dubbed “TreasureHunter” that uses Microsoft’s Windows unique product identification numbers to create dynamic mutex values to avoid detection by anti-malware software and researchers. Source: http://www.theregister.co.uk/2015/03/11/malware_mutex/

23. March 10, The Register – (International) Redmond’s Patch Tuesday to kill off the Windows FREAK show. Microsoft issued 14 security bulletins patching 44 security vulnerabilities, including a critical patch for Windows and Windows Server versions running Secure Channel components vulnerable to the Factoring RSA-Export Keys (FREAK) attack. Source: http://www.theregister.co.uk/2015/03/10/redmond_moves_to_kill_off_windows_freak_show/

24. March 10, Softpedia – (International) Apple fixes FREAK vulnerability in Secure Transport. Apple released a patch for its iOS and OS X devices to address the Factoring RSA-Export Keys (FREAK) attack vulnerability affecting Secure Transport on Safari by removing support for ephemeral RSA keys. Source: http://news.softpedia.com/news/Apple-Fixes-FREAK-Vulnerability-in-Secure-Transport-475380.shtml

Communications Sector

Nothing to report