Thursday, July 2, 2015




Complete DHS Report for July 2, 2015

Daily Report                                            

Top Stories

 · Interstate 70 at Interstate 270 in Columbus, Ohio was closed indefinitely July 1 after a semi-truck hauling 10,000 gallons of ethanol-based chemical fuel overturned and caught on fire. – Columbus Dispatch

4. July 1, Columbus Dispatch – (Ohio) I-70 still closed after crash on West Side. Interstate 70 at Interstate 270 in Columbus is closed indefinitely July 1 after a semi-truck hauling 10,000 gallons of ethanol-based chemical fuel overturned and caught on fire. The driver was taken to an area hospital and a team from the Ohio Environmental Protection Agency was on scene to respond to the chemical fumes. Source: http://www.dispatch.com/content/stories/local/2015/07/01/fiery-crash-closes-i270-i70-on-west-side.html

 · New York officials reported June 30 that 12 more Clinton Correctional Facility employees were put on administrative leave as part of an ongoing investigation into the escape of two murder convicts June 6. – Associated Press

12. June 30, Associated Press – (New York) NY prison chief, 11 others put on leave after escapes. New York officials reported June 30 that 12 more employees at the Clinton Correctional Facility have been put on administrative leave as part of an ongoing investigation to find potential accomplices in the escape of two murder convicts June 6. Source: http://www.policeone.com/investigations/articles/8633939-NY-prison-chief-11-others-put-on-leave-after-escapes

 · Apple released iOS version 8.4 addressing 33 security vulnerabilities, including a fix for the Logjam flaw that allows a man-in-the-middle attacker to downgrade cryptographic security. – Softpedia See item 15 below in the Information Technology Sector

 · The FBI is investigating at least 11 physical attacks on high-capacity Internet cables in California’s San Francisco Bay Area dating back to July 2014. – USA Today See item 18 below in the Communications Sector

Financial Services Sector

3. June 30, Reuters – (National) Goldman settles SEC charges over 2013 trading incident. Goldman Sachs Group Inc., agreed to pay $7 million June 30 to resolve U.S. Securities and Exchange Commission charges connected to the “market access” rule, and a 2013 programming error which flooded the stock options market with about 16,000 erroneous orders, causing 1.5 million options contracts to be executed and costing the company $38 million. Source: http://www.reuters.com/article/2015/06/30/sec-goldmansachs-idUSL1N0ZG1JH20150630

Information Technology Sector

14. July 1, Securityweek – (International) Attackers abuse RIPv1 Protocol for DDoS reflection: Akami. Security researchers from Akami discovered that malicious actors have been leveraging routers running Routing Information Protocol version 1 (RIPv1) to reflect distributed denial-of-service (DDoS) attacks by creating malicious requests for routes and then spoofing the source Internet protocol (IP) address to match the one of the targeted system. Source: http://www.securityweek.com/attackers-abuse-ripv1-protocol-ddos-reflection-akamai

15. July 1, Softpedia – (International) iOS 8.4 fixes 33 security vulnerabilities. Apple released iOS version 8.4 addressing 33 security vulnerabilities, including a fix for the Logjam flaw that allows a man-in-the-middle (MitM) attacker to downgrade cryptographic security, and other protection against potential arbitrary code execution. Source: http://news.softpedia.com/news/ios-8-4-fixes-33-security-vulnerabilities-485771.shtml

16. July 1, Softpedia – (International) Researchers expose attack on iOS that can break system apps. Security researchers from FireEye reported two Apple iOS flaws, dubbed Manifest Masque and Extension Masque, in which an attacker could break or replace system apps and extensions on an affected device by taking advantage of apps created in Xcode outside of Apple’s App Store. The vulnerabilities behind Manifest Masque attacks were partially addressed in the release of iOS 8.4. Source: http://news.softpedia.com/news/researchers-expose-attack-on-ios-that-can-break-system-apps-485756.shtml

17. June 30, Securityweek – (International) ESET analyzes complex espionage platform used by “Animal Farm” APT. ESET released research on the Dino cyber-espionage platform used by the “Animal Farm” advanced persistent threat (APT) group revealing that Dino is capable of retrieving information, executing Microsoft Windows batch commands, searching for files, and transferring files back and forth between a command and control (C&C) server. Researchers have not determined the tool’s initial infection vector. Source: http://www.securityweek.com/eset-analyzes-complex-espionage-platform-used-animal-farm-apt

Communications Sector

18. July 1, USA Today – (California) FBI investigating 11 attacks on San Francisco-area Internet lines. The FBI is investigating at least 11 physical attacks on high-capacity Internet cables in California’s San Francisco Bay Area as far back as least July 2014, including a June 30 incident that disrupted Internet service for businesses and residential customers near the Sacramento area. Source: http://www.usatoday.com/story/tech/2015/06/30/california-internet-outage/29521335/

19. June 30, The Oregonian/OregonLive.com – (Oregon; Washington) Frontier suffers big cable TV outage. Level 3 Communications officials reported that service was restored June 30 after Frontier Communications’ cable TV service experienced an outage in Oregon and Washington due to severed communications fiber-optic cable earlier that day. Source: http://www.oregonlive.com/silicon-forest/index.ssf/2015/06/frontier_suffers_big_cable_tv.html

For additional stories, see items 15 and 16 above in the Information Technology Sector