Monday, March 16, 2015



Complete DHS Report for  March 16, 2015

Daily Report

Top Stories

 · The U.S. Department of the Treasury announced March 12 that over 3,000 victims have lost $15.5 million in a tax scheme in which scammers claiming to be IRS agents call taxpayers stating they owe taxes, convincing them to pay. – Associated Press See item 2 below in the Financial Services Sector

 · A semi-truck carrying approximately 42,000 pounds of Triazine overturned on U.S. Highway 40 on Rabbit Ears Pass in Colorado, spilling nearly its entire load and shutting down the highway for over 7 hours March 12-March 13. – Steamboat Springs Pilot & Today

3. March 13, Steamboat Springs Pilot & Today – (Colorado) Tanker rollover closes U.S. Highway 40 on Rabbit Ears Pass. A semi-truck carrying approximately 42,000 pounds of Triazine, a hazardous liquid chemical, overturned on U.S. Highway 40 on Rabbit Ears Pass spilling nearly its entire load and shutting down the highway for over 7 hours March 12-March 13 while a HAZMAT crew responded to the scene. Officials were notified of the spill and the cause of the crash remains under investigation. Source: http://www.steamboattoday.com/news/2015/mar/12/tanker-rollover-closes-us-highway-40-rabbit-ears-p/

 · The Kansas Department of Agriculture instituted quarantine in two Kansas counties March 12 in response to recently confirmed cases of H5N2 highly pathogenic avian influenza near Asbury, Missouri, and in northwest Arkansas. – KCUR 89.3 FM Kansas City

8. March 13, KCUR 89.3 FM Kansas City – (Kansas) Avian influenza prompts poultry quarantine in southeast Kansas. The Kansas Department of Agriculture instituted a quarantine in Crawford and Cherokee counties March 12 in response to recently confirmed cases of H5N2 highly pathogenic avian influenza near Asbury, Missouri and in northwest Arkansas. The quarantine requires an official permit to move live poultry or poultry products in and out of the designated zones, and officials have been dispatched for surveillance. Source: http://kcur.org/post/avian-influenza-prompts-poultry-quarantine-southeast-kansas

 · The San Jacinto River Authority reported that 300,000 gallons of household wastewater spilled March 11 from a collapsed manhole and entered a nearby drainage ditch in The Woodlands, Texas. – Woodlands Villager

9. March 12, Woodlands Villager – (Texas) 300K gallons of wastewater spill out in The Woodlands. The San Jacinto River Authority reported that 300,000 gallons of household wastewater spilled March 11 from a collapsed manhole and entered a nearby drainage ditch in The Woodlands, Texas, prompting crews to install bypass pumping equipment and clear out the wastewater, soil, and portions of the collapsed concrete manhole in order to make repairs. Officials believe that the spill could have been caused by a failed force main connection and are continuing to investigate. Source: http://www.yourhoustonnews.com/woodlands/news/k-gallons-of-wastewater-spill-out-in-the-woodlands/article_83bda04a-d109-5e3a-9498-2efd7fca347a.html

Financial Services Sector

2. March 12, Associated Press – (National) Fake IRS agents target 366,000 in massive tax scam. An official at the U.S. Department of the Treasury announced March 12 that over 3,000 victims have lost $15.5 million in a tax scam targeting over 366,000 nationwide, in which scammers purporting to be Internal Revenue Service agents call taxpayers claiming that they owe taxes and must pay or risk arrest, deportation, or the loss of a business or driver’s license. Two individuals in Florida have been arrested in connection to the scheme. Source: http://www.nbcnews.com/business/consumer/fake-irs-agents-target-366-000-massive-tax-scam-n322201

Information Technology Sector

17. March 13, Softpedia – (International) Google leaks Whois data for over 282,000 protected domains. Cisco Systems’ Talos researchers reported to Google that private information such as names, physical and email addresses, and phone numbers belonging to 282,867 domains registered through Google Apps’ registrar, eNom, were leaked for nearly two years due to a software defect that did not extend the company’s unlisted registration service, potentially exposing them to spam, spear-phishing attacks, or identity theft. Source: http://news.softpedia.com/news/Google-Leaks-Whois-Data-for-Over-282-000-Protected-Domains-475710.shtml

18. March 13, Softpedia – (International) TeslaCrypt ransomware encrypts files of over 20 games. Security researchers at Bromium discovered that crypto-ransomware dubbed TeslaCrypt has targeted a total of 185 extensions in over 20 popular games with drive-by attacks through Adobe Flash Player and Internet Explorer exploits dropped by the Angler exploit kit. The malware apparently attempts to pass as the more infamous CryptoLocker, but researchers stated that the two variants only share 8 percent similarity. Source: http://news.softpedia.com/news/TeslaCrypt-Ransomware-Encrypts-Files-of-Over-20-Games-475738.shtml

19. March 13, Securityweek – (International) Adobe fixes critical Flash Player vulnerabilities. Adobe released security updates patching 11 critical flaws, including memory corruption vulnerabilities and type confusions that attackers could leverage for remote code execution to take control of affected systems. Source: http://www.securityweek.com/adobe-fixes-critical-flash-player-vulnerabilities

20. March 12, Securityweek – (International) Google fixes privilege escalation vulnerabilities in Android 5.1 Lollipop. Google released fixes in Android 5.1 Lollipop for two serious vulnerabilities in previous versions that could have allowed attackers to use integer overflows leading to heap memory corruptions to gain elevated privileges or cause denial-of-service (DoS) attacks on targeted systems. Source: http://www.securityweek.com/google-fixes-privilege-escalation-vulnerabilities-android-51-lollipop

21. March 12, The Register – (International) Forget viruses: Evil USB drive ‘fries laptops with a power surge’. A Russian security researcher revealed a vulnerability with USB sticks which could potentially overload and damage a PC’s sensitive inner electronics by using an inverted direct current to direct current (DC-DC) converter and some capacitors through a foreign Web site, causing the USB to malfunction. Source: http://www.theregister.co.uk/2015/03/12/usb_drive_fry_your_laptop/

Communications Sector

Nothing to report