Tuesday, June 16, 2015

Complete DHS Report for June 16, 2015

Daily Report

Top Stories

 · Officials reported June 12 that vandalism caused 77,000 gallons of sewage to overflow into a tributary creek of the Mississippi River in St. Louis after finding and removing 2 large tree logs that had been dumped in a manhole. – KTRS 550 AM St. Louis

14. June 15, KTRS 550 AM St. Louis – (Missouri) 77,000 gallons of sewage spill into St. Louis County creek. Officials discovered June 12 that vandalism was the cause of an overflow that spilled an estimated 77,000 gallons of sewage into a tributary creek of the Mississippi river in St. Louis after a manhole lid was removed and 2 large tree logs had been dumped in, blocking the sewer. The logs were removed and crews cleaned the scene. Source: http://www.ktrs.com/77000-gallons-of-sewage-spills-into-st-louis-county-creek/

 · Dallas police reported June 13 that a man opened fire and planted several explosive devices outside of the city’s police headquarters before SWAT officers pursued and neutralized the suspect. – CNN

18. June 13, CNN – (Texas) Dallas police HQ shooting: suspect killed during standoff. The Dallas police reported June 13 that a man shot several rounds of gunfire and planted several explosive devices outside Dallas’ police headquarters after alleging police were responsible for his loss of child custody. SWAT officers pursued the man, disabled the vehicle, and after multiple failed attempts of negotiation, neutralized the suspect. Source: http://www.cnn.com/2015/06/13/us/dallas-police-headquarters-shooting/

 · A prison worker at the Clinton Correctional Facility in New York was charged June 12 after allegedly providing tools to 2 convicted murderers to aid their escape from the prison June 6. – CNN

19. June 13, CNN – (New York) New York prison worker charged with helping inmates escape. A prison worker at the Clinton Correctional Facility in New York was charged June 12 for promoting prison contraband and criminal facilitation after allegedly providing tools to 2 convicted murders, aiding in their escape June 6. An investigation is ongoing to find the escaped prisoners. Source: http://www.cnn.com/2015/06/13/us/new-york-prison-break/

 · About 113 people were rescued June 14 in Colfax, Louisiana during an annual mud festival after a levee breached and the Red River flowed into the festival grounds. – NBC News

30. June 14, NBC News – (Louisiana) 113 rescued after levee breaks at Louisiana mud festival. About 113 people were rescued June 14 in Colfax, Louisiana, during an annual mud festival after a levee breached and the Red River flowed into the festival. Officials had begun moving people to higher ground June 13 after noticing a crack in the levee, and no injuries were reported. Source: http://www.nbcnews.com/news/us-news/113-rescued-after-levee-breaks-louisiana-mud-festival-n375336

Financial Services Sector

5. June 13, Aliso Viejo Patch – (California) Police seek South County’s ‘Snowbird Bandit’ bank robber. Authorities are searching for information leading to the capture of a suspect dubbed the “Snowbird Bandit” who allegedly robbed a Wells Fargo bank June 11 in Mission Viejo, California and 2 others in Orange County since March. Source: http://patch.com/california/alisoviejo/police-seek-south-countys-snowbird-bandit-bank-robber/

6. June 12, South Florida Sun-Sentinel – (National) Ex-Dolphins player faces charges in Ponzi scheme. A former professional football player and a business partner were charged June 12 in connection to a Ponzi scheme in which they allegedly defrauded investors out of $31 million by forging documents and using later investors’ funds to pay for loans offered to professional athletes through their business, Capital Financial Partners. Source: http://www.sun-sentinel.com/local/broward/fort-lauderdale/fl-will-allen-ponzi-scheme-20150612-story.html

Information Technology Sector

21. June 15, Threatpost – (International) Popular WordPress SEO plugin fixes XSS bug. Security researchers discovered a cross-site scripting (XSS) vulnerability in the Yoast WordPress SEO plugin in which an attacker could leverage “snippet preview” functionality to force a vulnerable site to execute arbitrary hypertext markup language (HTML) code. Source: https://threatpost.com/popular-wordpress-seo-plugin-fixes-xss-bug/113313

22. June 15, Securityweek – (International) Wikimedia rolling out HTTPS to encrypt all Wikipedia traffic. The Wikimedia Foundation announced that all Wikpedia and organization Web site traffic will employ Hyptertext Transfer Protocol Secure (HTTPS) and HTTP Strict Transport Security (HSTS) to protect data security and guard against attempts to break HTTPS and intercept traffic. Source: http://www.securityweek.com/wikimedia-rolling-out-https-encrypt-all-wikipedia-traffic

23. June 12, Softpedia – (International) Pop-under malvertising spreads CryptoWall via Magnitude exploit kit. Security researchers at Malwarebytes discovered a new malvertising campaign leveraging pop-under advertisements over the Popcash ad network to distribute the Magnitude exploit kit (EK), which delivers exploits for Microsoft Internet Explorer and Adobe Flash Player vulnerabilities to inject the Necurs dropper and CryptoWall ransomware on affected systems. Source: http://news.softpedia.com/news/Pop-Under-Malvertising-Spreads-CryptoWall-Via-Magnitude-Exploit-Kit-484182.shtml

For another story, see item 17 below from the Government Facilities Sector

17. June 12, New York Times – (National) White House weighs sanctions after second breach of a computer system. FBI officials revealed June 12 that hackers breached a second data computer system at the U.S. Office of Personnel Management containing additional information regarding friends, family members, and associates of Federal employees, and that the President is considering financial sanctions against the attackers who gained access to the files of millions of Federal workers. The impact of the second breach remains unknown. Source: http://www.nytimes.com/2015/06/13/us/white-house-weighs-sanctions-after-second-breach-of-a-computer-system.html?_r=1

Communications Sector

Nothing to report