Complete DHS Report for
June 22, 2015
Daily Report
Top Stories
· Officials
closed a 4-mile stretch of northbound Interstate 35 that connects Texas and
Oklahoma, for an undetermined amount of time June 18 due to a heavy tropical
storm that caused high waters and rock slides. – KXAS 5 Fort Worth
11. June
18, KXAS 5 Fort Worth – (Texas; Oklahoma) Portion of highway
between Dallas-Fort Worth and Oklahoma City closes indefinitely. Officials
have closed a 4-mile stretch of northbound Interstate 35 that connects Oklahoma
City to Dallas-Fort Worth for an undetermined amount of time June 18 after a
heavy tropical storm caused high waters and rock slides. No injuries were
reported. Source: http://www.nbcdfw.com/news/local/The-Major-Highway-Between-Dallas-Fort-Worth-and-Oklahoma-City-is-Closed-Indefinitely--308195581.html
· The
University of California, Irvine Medical Center is notifying 4,859 patients of
a data breach that occurred between June 2011 and March 2015 after an employee
improperly accessed sensitive patient information. – Los Angeles Times
16. June
18, Los Angeles Times – (California) Nearly 5,000 patients
affected by UC Irvine medical data breach. The University of California,
Irvine Medical Center is notifying 4,859 patients of a data breach which
occurred between June 2011 and March 2015, after an employee improperly
accessed sensitive patient information. After discovering the breach in March
2015, the hospital notified State health officials and the university’s police
department. Source: http://www.latimes.com/business/la-fi-uc-irvine-data-breach-20150618-story.html
· Samsung
officials announced June 18 plans to send out an update addressing a plaintext
connection vulnerability in the SwiftKey-developed keyboard technology used in
600 million devices, including the Galaxy S6. – International Business Times
See
item 25 below in the Information Technology Sector
· Over 100
people were evacuated from Philadelphia’s Bakers Square shopping center in
Pennsylvania, June 18 after a water main ruptured and caused 7 million gallons
of water to flood the area. – WCAU 10 Philadelphia
31. June 18,
WCAU 10 Philadelphia – (Pennsylvania) 7 million gallons of water flood shopping
center from large main break in East Falls. Authorities reported June 18 that
over 100 people were evacuated from the Bakers Square shopping center in
Northwest Philadelphia after a 120-year-old, 48-inch main ruptured and caused 7
million gallons of water to flood the area. Crews shut off the water valve and
no injuries were reported. Source: http://www.nbcphiladelphia.com/news/local/Water-Floods-from-Large-Main-Break-in-East-Falls-308234851.html
Financial Services Sector
3. June
19, San Gabriel Valley Tribune – (California) ‘Bluto Bandit’
sought for bank robberies in L.A., San Bernardino counties. The FBI is
offering a $5,000 reward leading to the arrest and conviction of a suspect
dubbed the “Bluto Bandit” who has allegedly robbed 3 banks and cased another 3
in Los Angeles and San Bernardino counties since June 10. Source: http://www.sgvtribune.com/general-news/20150618/bluto-bandit-sought-for-bank-robberies-in-la-san-bernardino-counties
4. June
18, WCPO 9 Cincinnati – (Ohio; Kentucky; Indiana) Police: Sock
Hat Bandit caught after chase. Authorities reported that they caught the
suspect dubbed the “Sock Hat Bandit” after he allegedly robbed a Fifth Third
Bank in Independence, Kentucky June 18 and led police on a high-speed chase.
The suspect admitted to committing 9 bank robberies throughout Ohio, Kentucky,
and Indiana. Source: http://www.wcpo.com/news/crime/police-attempted-bank-robber-caught
5. June
18, U.S. Securities and Exchange Commission – (Texas) SEC charges
microcap oil company, CEO, and stock promoter with defrauding investors. The
U.S. Securities and Exchange Commission (SEC) charged Texas-based Norstra
Energy, Inc., its CEO, and the author of a stock-picking newsletter June 18
with allegedly defrauding investors with misleading information about drilling
operations to sell the company’s penny stock shares, leading to stock price
increases of up to 600 percent in 3 months. The SEC had suspended trading of
the company’s stock in June 2013. Source: http://www.sec.gov/news/pressrelease/2015-126.html
6. June
18, U.S. Securities and Exchange Commission – (National) SEC
charges 36 firms for fraudulent municipal bond offerings. The U.S.
Securities and Exchange Commission announced civil penalties against 36
municipal underwriting firms June 18 for alleged fraudulent municipal bond
offerings from 2010 – 2014 as part of the Municipalities Continuing Disclosure
Cooperation (MCDC) Initiative. Source: http://www.sec.gov/news/pressrelease/2015-125.html
Information Technology Sector
24. June 19, Threatpost – (International) Static
encryption key found in SAP HANA database. Security researchers from
ERPScan discovered a vulnerability in SAP’s HANA in-memory relational database
management system in which an attacker could use various web-based external
attacks to remotely execute code, and then leverage static encryption keys to
read encrypted passwords, stored data, and backups. Source: https://threatpost.com/static-encryption-key-found-in-sap-hana-database/113393
25. June 18, International Business Times –
(International) Samsung to issue fix for SwiftKey keyboard bug affecting
Galaxy S6 in ‘coming days’. Samsung officials announced plans June 18 to
send out an update addressing a plaintext connection vulnerability in the
SwiftKey-developed keyboard technology used in up to 600 million devices,
including the Galaxy S6. SwiftKey developers reported that the issue is limited
to devices running Samsung software, and that the SwiftKey app is not affected.
Source: http://www.ibtimes.com/samsung-issue-fix-swiftkey-keyboard-bug-affecting-galaxy-s6-coming-days-1974145
26. June 18, SC Magazine – (International) Report:
average botnet in Q1 2015 made up of 1,700 infected hosts per C&C server. Findings
from a recently released Level 3 Botnet Research Report for the first quarter
of 2015 revealed that the average botnet was made up of 1,700 hosts per command
and control (C&C) server, a server’s average lifespan was 38 days, the U.S.
generated the most server traffic and was targeted by 56 percent of distributed
denial-of-service (DDoS) attacks, and 600 of the servers analyzed were being
used for malicious communications targeting corporate environments, among other
findings. Source: http://www.scmagazine.com/600-of-1k-servers-used-for-malicious-communications-aimed-at-corporate-envrionments/article/421560/
Communications Sector
27. June 18, WTVO 16 Rockford
– (Illinois) Verizon/U.S. cellular service restored. Verizon
and U.S. Cellular service have been restored to customers in Rockford area
following an outage caused by a cut fiber optic cable June 18. Source: http://www.mystateline.com/fulltext-news/d/story/update-verizonus-cellular-service-restored/27942/eMBLNcYpDEyZw7psIDb3Jg
For another story, see item 25 above in the Information Technology
Sector