Complete DHS Report forJune 11, 2015
Daily Report
Top Stories
• California
Officials rejected an emergency permit application June 9 that Exxon Mobil
Corp., had proposed to use semi-trucks to haul crude oil along Highway 101 to a
refinery facility while crews repair a breach in Plains All American Pipeline’s
Line 901. – Santa Barbara Independent
2. June 10, Santa Barbara Independent –
(California) County denies ExxonMobil request to haul oil by truck. Santa
Barbara County officials rejected an emergency permit application June 9 that
Exxon Mobil Corp., had submitted requesting permission to use semi-trucks to
haul up to 1,290,240 gallons of crude oil a day along Highway 101 to a refinery
facility while crews repair a breach in Plains All American Pipeline’s Line
901, which spilled over 100,000 gallons into coastal waters in May. Source: http://www.independent.com/news/2015/jun/10/county-denies-exxonmobil-request-haul-oil-truck/
• St. Mary’s Medical
Center in Florida has suspended elective pediatric heart surgeries June 7 after
an investigation revealed an abnormally high mortality rate within the hospital
for the procedures, prompting a Federal probe into the hospital. – CNN
15. June 8, CNN – (Florida) Hospital suspends
elective heart surgeries on children after CNN investigation. St. Mary’s
Medical Center in West Palm Beach, Florida has suspended elective pediatric
heart surgeries after an investigation revealed June 7 an abnormally high
mortality rate within the hospital for the procedures, prompting a Federal
probe into the hospital by Centers for Medicare and Medicaid Services. The
hospital announced that it would launch a comprehensive review involving
external experts. Source: http://www.cnn.com/2015/06/08/health/hospital-suspends-elective-heart-surgeries-on-children-after-cnn-investigation/
• The White House
press briefing room and portions of U.S. Senate Office Buildings in Washington,
D.C., were evacuated June 9 after reports of suspicious packages and a phoned
bomb threat. – NBC News
16. June 9, NBC News – (Washington, D.C.) White
House briefing, two Senate buildings receive bomb threats. The White House
press briefing room and portions of the Dirksen and Russell Senate Office
Buildings were evacuated June 9 after a bomb threat was called in to the Metropolitan
Police Department and suspicious packages were reported. Officials cleared the
buildings in less than hour for re-entry. Source: http://www.nbcnews.com/news/us-news/capitol-police-clear-floor-senate-building-after-call-about-package-n372331
• Los Angeles police
commissioners issued June 9 a mixed ruling involving 2 police officers that
fatally shot an unarmed man in August 2014, that found 1 officer’s actions
justified while the other violated department policy. – Reuters
19. June 9, Reuters – (California) L.A. police
commission says officer violated policy in shooting. Los Angeles police
commissioners issued June 9 a mixed ruling involving 2 police officers that
fatally shot an unarmed man in August 2014, that found 1 officer’s actions
justified while the other violated department policy. The Los Angeles County
District Attorney’s Office is investigating the incident further. Source: http://www.reuters.com/article/2015/06/09/us-usa-police-california-idUSKBN0OP2CX20150609
Financial Services Sector
5. June 9,
Chicago Tribune – (Illinois) ‘Bandage Bandit’ strikes 8th bank in
robbery. The FBI is offering a $10,000 reward for information leading to
the capture of the suspect dubbed the “Bandage Bandit,” who allegedly robbed a
Fifth Third Bank branch in Chicago June 9 and is tied to 7 other robberies or
attempted robberies since March. Source: http://www.chicagotribune.com/news/local/breaking/ct-bandage-bandit-robberies-20150609-story.html
6. June 9,
Orange County Register – (California) Fullerton man among three
convicted in loan modification scheme. The co-owner Rancho Cucamonga,
California-based 21st Century Legal Services Inc., and 2 co-defendants were
convicted June 9 for their roles in a $7 million loan modification scheme that
victimized over 4,000 distressed home owners who were falsely promised loan
modifications and other services. Seven other defendants previously pleaded
guilty in connection to the scheme. Source: http://www.ocregister.com/articles/fraud-665516-faces-mail.html
Information Technology Sector
20. June 10,
Softpedia – (International) Microsoft patches zero-day used in targeted
attacks. Microsoft released eight security bulletins, including
vulnerability in Windows’ kernel-mode driver Win32k.sys that was leveraged by
threat actors to elevate privileges and execute arbitrary code on affected
machines. The bulletins also included two critical security patches for
Internet Explorer and Windows Media Player that could have allowed the
possibility of remote code execution. Source: http://news.softpedia.com/news/Microsoft-Patches-Zero-Day-Used-in-Targeted-Attacks-483879.shtml
21. June 10, Help Net Security – (International) Financial impact of SaaS storage
breaches now $13.85 million. Findings from analysis in Elastica’s Shadow
Data Report revealed that the direct financial impact of exposed data in
software as a service models can be up to $13.85 million, and that 1.34 percent
of all accounts had signs of malicious activities. Analysis also indicated that
the healthcare industry suffers the highest frequency of policy violations due
to leaks of protected health information, among other findings. Source: http://www.net-security.org/secworld.php?id=18493
22. June 10,
Securityweek – (International) VMware fixes critical security issues in
Workstation, Fusion, Horizon View. VMware published fixes for several
memory manipulation issues and denial-of-service (DoS) vulnerabilities
affecting its Workstation, Player, and Horizon View Client for Microsoft
Windows. Source: http://www.securityweek.com/vmware-fixes-critical-security-issues-workstation-fusion-horizon-view
23. June 9,
Softpedia – (International) DDoS attacks increase in Q2 2015, largest one
over 253Gbps strong. Incapsula released findings from a report on
distributed denial-of-service attacks in the second quarter of 2015 which
revealed that powerful user datagram protocol (UDP) and synchronize (SYN)
floods were the preferred method of network-layer attacks, while
botnet-for-hire services were typically used to probe defenses. Incapsula
reported that out of 56 percent of UDP and SYN floods seen, 8 percent were
launched from “Internet of Things” (IoT) devices, among other findings. Source:
http://news.softpedia.com/news/DDoS-Attacks-Increase-in-Q2-2015-Largest-One-Over-253Gbps-Strong-483814.shtml
24. June 9,
Softpedia – (International) Flash Player 18.0.0.160 fixes 13
vulnerabilities. Adobe released updates for Flash Player addressing 13
security flaws, including vulnerabilities that could be leveraged for
information disclosure, privilege escalation, and remote code execution, among
others. Source: http://news.softpedia.com/news/Flash-Player-18-0-0-160-Fixes-13-Vulnerabilities-483817.shtml
Communications Sector
Nothing to report