Tuesday, April 28, 2015



Complete DHS Report for April 28, 2015

Daily Report

Top Stories

 · The California Highway Patrol reported April 26 that southbound lanes of 710 Freeway in Bell will remain closed until April 28 due to structural damages on the roadway after a semi-truck accident. – KABC 7 Los Angeles

8. April 27, KABC 7 Los Angeles – (California) Southbound 710 Freeway remains shut after tanker fire. The California Highway Patrol reported April 26 that southbound lanes of 710 Freeway in Bell will remain closed until April 28 due to structural damages on the roadway after a semi-truck carrying 8,500 gallons of gas overturned and caught on fire. No injuries were reported. Source: http://abc7.com/news/southbound-710-freeway-remains-shut-after-tanker-fire/682822/

 · U.S. Secret Service officials reported April 24 that 8 members of an Atlanta-based fraud ring were arrested April 23 for their alleged involvement in a theft scheme that netted $10 million in U.S. Department of the Treasury checks from a post office. – Associated Press

20. April 24, Associated Press – (National) 8 arrested in Atlanta-based fraud ring. U.S. Secret Service officials reported April 24 that 8 members of an Atlanta-based fraud ring were arrested April 23, while 5 additional suspects were in custody and 1 other was expected to surrender in a theft scheme that netted $10 million in U.S. Department of the Treasury checks from a post office in Atlanta. The suspects cashed tax refund, Social Security, and veterans’ benefits checks at grocery stores, department stores, and other businesses across nine States. Source: http://knoe.membercenter.worldnow.com/story/28894360/8-arrested-in-atlanta-based-fraud-ring

 · Laurens County Public Schools in Georgia worked to disinfect schools in the district after classes were canceled April 24 when more than 100 students became sick with symptoms similar to norovirus. – WMAZ 13 Macon

23. April 24, WMAZ 13 Macon – (Georgia) Laurens Co. schools cleaning up norovirus. Laurens County Public Schools in Georgia worked to train janitors to disinfect schools in the district after classes were canceled April 24 when more than 100 students became sick with symptoms similar to norovirus. Officials were expected to get test results the week of April 27 and schools were scheduled to reopen April 27. Source: http://www.13wmaz.com/story/news/2015/04/24/laurens-school-cleaning-up-norovirus/26308819/

 · Nearly 60 golf carts were destroyed at Myth Golf and Banquet Center in Oakland Township, Michigan, April 24 in a series of arson fires that caused almost $1 million in damages. – Detroit News

31. April 24, Detroit News – (Michigan) Police: 2 people involved in arson fire at golf course. Nearly 60 golf carts were destroyed at Myth Golf and Banquet Center in Oakland Township April 24 in a series of arson fires that caused almost $1 million in damage. HAZMAT crews responded to remove oil, fuel, and fertilizer that pooled in different areas of a structure that was set on fire. Source: http://www.detroitnews.com/story/news/local/wayne-county/2015/04/24/suspicious-fire-destroys-nearly-golf-carts/26301141/

Financial Services Sector

7. April 24, Indianapolis Star – (Indiana) SEC sues Indy securities firm for alleged Ponzi scheme. The U.S. Securities and Exchange Commission (SEC) sued Indianapolis-based Veros Partners April 22 for an alleged Ponzi-like scheme in which the company’s president, 2 associates, and 3 associated companies raised at least $15 million from investors to make short-term operating loans to farmers and used a portion of the funds to cover unpaid debt from prior loans. The SEC claimed that the company owes millions of dollars in past due payments to over 80 investors. Source: http://www.indystar.com/story/money/2015/04/24/sec-sues-indy-securities-firm-alleged-ponzi-scheme/26322675/

For additional stories, see item 20 above in Top Stories and 27 below in the Communications Sector

Information Technology Sector

25. April 27, Softpedia – (International) Wordpress 4.2 affected by zero-day stored XSS, PoC available. A security researcher from Klikki Oy discovered a stored cross-site scripting (XSS) vulnerability in WordPress 4.2 and earlier versions in which unauthenticated parties can exploit a flaw in comment text truncation to run arbitrary code on affected servers. Source: http://news.softpedia.com/news/WordPress-4-2-Affected-by-Zero-Day-Stored-XSS-PoC-Available-479437.shtml

26. April 25, Softpedia – (International) Over 25,000 iOS apps affected by bug breaking HTTPS. Security researchers at SourceDNA discovered a vulnerability in version 2.5.3 of the AFNetworking library for Apple iOS and OS X products in which attackers could carry out man-in-the-middle (MitM) attacks and access encrypted information by exploiting the library’s failure to check the domain name secure sockets layer (SSL) certificates were issued for. More than 25,000 apps are affected by the flaw. Source: http://news.softpedia.com/news/Over-25-000-iOS-Apps-Affected-by-Bug-Breaking-HTTPS-479351.shtml

Communications Sector

27. April 24, Softpedia – (California) AT&T customers in California notified of unauthorized account access. AT&T released that the personal information, including Social Security Numbers, belonging to its California customers was accessed without authorization on an unknown date between February – July 2014. The company continues to investigate but believes that the customer accounts were accessed for the purpose of obtaining codes needed for unlocking mobile phones programmed to work exclusively on the AT&T network. Source: http://news.softpedia.com/news/AT-T-Customers-in-California-Notified-of-Unauthorized-Account-Access-479304.shtml