Tuesday, April 7, 2015



Complete DHS Report for  April 7, 2015

Daily Report

Top Stories

 · Duke Energy agreed to pay Virginia $2.5 million in an April 3 settlement for its February 2014 coal ash spill where a retired power plant in Eden dumped up to 39,000 tons of ash into the Dan River. – Charlotte Observer

3. April 3, Charlotte Observer – (Virginia) Duke Energy to pay Virginia $2.5 million for Dan River spill. The Virginia Department of Environmental Quality announced April 3 that Duke Energy agreed to pay Virginia $2.5 million in a settlement for its February 2014 coal ash spill into the Dan River where a retired power plant in Eden dumped up to 39,000 tons of ash into the river. Authorities are continuing to monitor water quality and any potential long-term effects. Source: http://www.charlotteobserver.com/news/local/article17313746.html

 · The White River bridge on Highway 410 in Washington was closed April 4 for emergency repairs lasting several days following a routine inspection that revealed damage to an overhead support structure. – Seattle Times

13. April 4, Seattle Times – (Washington) Structural damage closes White River bridge. The White River bridge on Highway 410 between Enumclaw and Buckley was closed for emergency repairs April 4 following a routine inspection by the Washington Department of Transportation that revealed damage to an overhead support structure caused when it was struck by an oversized load. The closure was expected to last several days and repairs are estimated to cost about $200,000. Source: http://www.seattletimes.com/seattle-news/transportation/structural-damage-closes-white-river-bridge/

 · Heavy rain and melting snow led to a discharge of an estimated 90,000 gallons of untreated sewage into the Silver Lake Outlet from a sewage treatment plant in Perry, New York, April 4. – WXXI 21 Rochester

21. April 5, WXXI 21 Rochester – (New York) Sewage overflow in Perry Ends. Heavy rain and melting snow led to a discharge of an estimated 90,000 gallons of untreated sewage into the Silver Lake Outlet from the sewage treatment plant in Perry, New York, April 4. Officials reported to the site to evaluate the extent of the damage. Source: http://wxxinews.org/post/sewage-overflow-perry-ends

 · Auburn University in Alabama announced April 3 that the personal information of about 370,000 current, former, and prospective students may have been exposed after the university learned that some information stored on the school’s servers inadvertently became accessible online. – Al.com

24. April 3, Al.com – (Alabama) 370,000 current, former Auburn students had personal data exposed on website, university says. Auburn University in Alabama announced April 3 that the personal information of about 370,000 current, former, and prospective students may have been exposed after the university learned March 2 that some information stored on the school’s servers inadvertently became accessible online between September 1, 2014 and March 2, 2015. Officials reported that there was no evidence that the information was misused and that corrective actions were taken to secure the information. Source: http://www.al.com/news/index.ssf/2015/04/370000_current_former_students.html

Financial Services Sector

7. April 6, Softpedia – (California) American Express card info exposed to cybercriminals. A law enforcement investigation revealed that financial and personal information, including the Social Security numbers of at least 500 California residents was revealed to unauthorized persons. The company notified affected account holders while authorities investigate the circumstances surrounding the breach. Source: http://news.softpedia.com/news/American-Express-Card-Info-Exposed-to-Cybercriminals-477550.shtml

8. April 4, Norfolk Virginian-Pilot – (Virginia) Va. Beach employee had accidental access to millions. The city of Virginia Beach revealed a potential security breach April 3 in which Bank of America gave a city employee setting up a petty cash and small expenses account access to nine municipal bank accounts containing millions of dollars for 5 – 6 years. Authorities do not suspect that any of the accounts were compromised. Source: http://hamptonroads.com/2015/04/va-beach-reports-banks-security-breach

9. April 4, Associated Press – (Rhode Island) Police: Men stole more than $65,000 from ATM. Warwick police arrested 2 suspects April 4 who allegedly skimmed more than $65,000 from a Greenwood Credit Union ATM in March affecting more than 125 credit union customers. Authorities believe that the pair may have skimmed other East Coast ATMs. Source: http://www.boston.com/news/local/rhode-island/2015/04/04/warwick-police-arrest-from-nyc-atm-skimming-case/HC1buCj3BTQDglmvut72sJ/story.html

10. April 3, KTVB 7 Boise – (Idaho) Boise police see flurry of credit card and retail fraud cases. Boise police reported April 3 that 7 suspects from 4 different traveling credit fraud groups were arrested beginning March 27. Investigators recovered over $33,000 in illegally obtained merchandise and approximately 156 fraudulent credit cards after retail employees reported suspicious activity to authorities. Source: http://www.ktvb.com/story/news/crime/2015/04/03/boise-police-see-flurry-of-credit-card-and-retail-fraud-cases/25274561/

Information Technology Sector

29. April 6, Softpedia – (International) Google certificate expires, email clients return security warnings. An expired intermediate certificate signed by Google Internet Authority G2 for simple mail transport protocol (SMTP) in Google’s Gmail resulted in users receiving error messages on outgoing email activity for over 2 hours April 4. The company renewed the certificate through December 2015. Source: http://news.softpedia.com/news/Google-Certificate-Expires-Email-Clients-Return-Security-Warnings-477700.shtml

30. April 6, Securityweek – (International) Flaw in Schneider Electric vamp software allows arbitrary code execution. The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) released an advisory stating that Schneider Electric’s VAMPSET software is vulnerable to stack-based and heap-based buffer overflow attacks that can be exploited to execute arbitrary code via malformed VAMPSET disturbance recording files on the affected systems. The company released an update fixing the issue and advised organizations that use the software to leverage User Access Control (UAC) features and employ best security practices. Source: http://www.securityweek.com/flaw-schneider-electric-vamp-software-allows-arbitrary-code-execution

31. April 4, Softpedia – (International) WordPress, Joomla sites infected with malicious Flash file. Security researchers at Sucuri discovered that several hundred Web sites running WordPress or Joomla content management systems (CMS) have been attacked since November 2014 with malicious one-pixel-large small web format (SWF) files containing hidden iframe code that directs users to Web sites hosting malware such as exploit kits. Source: http://news.softpedia.com/news/WordPress-Joomla-Sites-Infected-with-Malicious-Flash-File-477597.shtml

32. April 3, Softpedia – (International) New MS Word exploit kit adds statistics tool to track success of the campaign. Security researchers at FireEye discovered a Web-based tool called MWISTAT released in December 2014 that allows cybercriminals using the Microsoft Word Intruder (MWI) exploit kit to track details about rigged Microsoft Word documents including Internet Protocol (IP) addresses and user-agents of victims, payloads requested and served, and the version of Microsoft Word used to open the file. The malware has reportedly affected over 1400 users worldwide in 2 separate spam campaigns. Source: http://news.softpedia.com/news/New-MS-Word-Exploit-Kit-Adds-Statistics-Tool-to-Track-Success-of-the-Campaign-477568.shtml

Communications Sector

33. April 3, Associated Press; Washington Times – (New Mexico) Cable cut partially interrupts phone service in Gallup area. Telephone, cell phone, and Internet service was restored to an unspecified number of CenturyLink and Sacred Wind Communications customers near Gallup, New Mexico, after a driver struck an above-ground fiber-optic cable and knocked out service for about 8 hours April 3. Technicians were dispatched to splice and repair the severed cable. Source: http://www.washingtontimes.com/news/2015/apr/3/cable-cut-partially-interrupts-phone-service-in-ga/

34. April 3, KRDO 13 Colorado Springs – (Colorado) Phone, Internet outage affects hundreds of Pueblo customers, city departments. Phone and Internet service for hundreds of CenturyLink customers in the City of Pueblo was down April 3 after a contractor inadvertently drilled a hole into fiber cables that service CenturyLink and the city’s fiber infrastructure network. Full restoration of services was expected to take several days while crews work to resolve the problem. Source: http://www.chieftain.com/business/localbusiness/3486640-120/departments-phone-accident-affected