Monday, July 6, 2015




Complete DHS Report for July 6, 2015

Daily Report                                            

Top Stories

 · Officials from 4 States announced July 2 that BP would pay $18.7 billion to resolve charges related to a 2010 Gulf of New Mexico oil spill that was declared an environmental disaster. – USA Today

1. July 2, USA Today – (National) Gulf States reach $18.7 billion settlement with BP over 2010 oil spill. Officials from Florida, Alabama, Mississippi, and Louisiana announced July 2 that BP would pay $18.7 billion in a settlement resolving charges related to a 2010 Gulf of Mexico oil spill that was declared an environmental disaster. The funds will be used to resolve Clean Water Act penalties, natural resources damage claims, economic claims, and economic damage claims for local governments. Source: http://www.usatoday.com/story/money/business/2015/07/02/gulf-states-reach-187b-settlement--bp-over-oil-spill/29611451/

 · More than 5,000 residents in Maryville, Tennessee were evacuated after a CSX train traveling from Cincinnati, Ohio to Waycross, Georgia, carrying highly flammable toxic gas partially derailed and caught on fire July 2. – NBC News

8. July 2, NBC News – (Tennessee) Tennessee train derailment: 5,000 residents evacuated from Maryville. More than 5,000 residents in Maryville, Tennessee were evacuated after a CSX train traveling from Cincinnati, Ohio, to Waycross, Georgia, carrying highly flammable and toxic gas, partly derailed and caught fire July 2. The evacuation zone is a 2-mile radius and could be in place for up to 48 hours. Source: http://www.nbcnews.com/news/us-news/tennessee-train-derailment-5-000-residents-evacuated-maryville-n385576

 · The Washington Navy Yard in the District of Columbia was under lockdown for over 2 hours July 2 after authorities received reports of an active shooter. – CNN

20. July 2, CNN – (Washington, D.C.) Washington Navy Yard: police say ‘all clear’ after lockdown. The Washington Navy Yard was under lockdown for over 2 hours July 2 after authorities received reports of an active shooter in building 197 that prompted the evacuation of employees and sent dozens of police crews and ambulances to respond to the incident. Authorities cleared the building and found no shooter. Source: http://www.cnn.com/2015/07/02/politics/navy-yard-shooting-lockdown-police-activity/index.html

 · New York officials reported July 1 that a new superintendent was hired at the Clinton Correctional Facility after an investigation put 22 prison employees on administrative leave following the June 6 escape of 2 convicts. – Associated Press

23. July 1, Associated Press – (New York) New warden, security measures at upstate NY prison where murderers escaped. New York officials reported July 1 that a new superintendent was hired at the Clinton Correctional Facility to increase and implement new security measures after an internal investigation put 22 prison employees on administrative leave following the escape of 2 murder convicts June 6. Source: http://7online.com/news/new-warden-security-measures-at-upstate-ny-prison-where-murderers-escaped/809257/

Financial Services Sector

6. July 1, U.S. Securities and Exchange Commission – (Pennsylvania) SEC charges former stockbroker with conducting Ponzi scheme. The U.S. Securities and Exchange Commission charged a former stockbroker in Pennsylvania July 1 with conducting a Ponzi scheme in which he allegedly raised $15.5 million from over 50 investors by selling fraudulent certificates of deposit (CDs) to customers while promising higher-than-normal interest rates of return, before spending invested funds on himself or to repay earlier investors. Source: http://www.sec.gov/news/pressrelease/2015-135.html

7. July 1, Jackson Clarion-Ledger – (Mississippi) North Miss. bank robbery suspect had gun, pipe bomb. Saltillo, Mississippi Police Department officials reported July 1 that they arrested a man suspected of robbing a First American National Bank with a firearm and a pipe bomb. A local bomb squad responded and closed the area surrounding the bank. Source: http://www.clarionledger.com/story/news/2015/07/01/saltillo-bank-robbery/29560335/

For additional stories, see items 28 and 31 below in the Information Technology Sector

Information Technology Sector

26. July 2, Threatpost – (International) Cisco UCDM platform ships with default, static password. Cisco warned customers that its Unified Communications Domain Manager Platform software versions prior to 4.4.5 have a default, static password for an account with root privileges, possibly allowing an unauthenticated remote attacker to take full control of an affected system with root privileges. Source: https://threatpost.com/cisco-ucdm-platform-ships-with-default-static-password/113591

27. July 2, Softpedia – (International) GhostShell hackers reveal 548 targets, links to dumps. Hackers associated with GhostShell released a list of 548 compromised targets including government, educational, and retail sector Web sites along with links to previews of extracted data in an effort to reportedly draw attention to poor cybersecurity practices. The data contained contact information, dates of birth, and hashed and plain text passwords. Source: http://news.softpedia.com/news/ghostshell-hackers-reveal-548-targets-links-to-dumps-485866.shtml

28. July 2, Securityweek – (International) PCI Council updates Point-to-Point Encryption Standard. The Payment Card Industry Security Standards Council (PCI SSC) announced the release of Version 2.0 of its PCI Point-to-Point Encryption Solution Requirements and Testing Procedures, updating requirements for encryption products and giving merchants the option to manage their own encryption solutions for point-of-sale (PoS) locations, among other changes intended to enhance security and PCI SSC compliance. Source: http://www.securityweek.com/pci-council-updates-point-point-encryption-standard

29. July 1, Threatpost – (International) LifeLock patches XSS that could’ve led to phishing. LifeLock patched a cross-site scripting (XSS) vulnerability on its Web site that could have allowed an attacker to inject HyperText Markup Language (HTML) into the site’s uniform resource locator (URL) to create a fake login page to harvest usernames and passwords from customers. Source: https://threatpost.com/lifelock-patches-xss-that-couldve-led-to-phishing/113577

30. July 1, Securityweek – (International) Flaw in 802.11n standard exposes wireless networks to attacks: researchers. Security researchers in Belgium discovered a vulnerability in the frame aggregation mechanism in the 802.11n wireless networking standard in which an attacker could use a Packet-in-Packet (PIP) technique to inject arbitrary frames into wireless networks, allowing access to internal services. Source: http://www.securityweek.com/flaw-80211n-standard-exposes-wireless-networks-attacks-researchers

31. July 1, Help Net Security – (International) 4,900 new Android malware strains discovered every day. Security researchers from G DATA reported that they discovered 440,267 new Android malware strains in the first quarter of 2015, and that at least 50 percent of the malware currently being distributed includes banking trojans and SMS trojans for financial motivations, among other findings. Source: http://www.net-security.org/malware_news.php?id=3067

32. July 1, Softpedia – (International) Schneider Electric’s Wonderware products receive security patch. Schneider Electric released a patch addressing a high-severity security vulnerability in its InTouch, Application Server, Historian, and SuiteLink applications in the Wonderware System Platform in which an attacker could leverage dynamic link library (DLL) hijacking to run code on an affected machine. Source: http://news.softpedia.com/news/schneider-electric-s-wonderware-products-receive-security-patch-485787.shtml

33. July 1, Threatpost – (International) Patched Apple Quicktime vulnerability details disclosed. Security researchers from Cisco released details on a recently patched use-after-free vulnerability in Apple’s QuickTime media player in which an attacker could access and control data inside the internal data in a QuickTime file to remotely execute code on a targeted system. Source: https://threatpost.com/patched-apple-quicktime-vulnerability-details-disclosed/113570

For another story, see item 18 below from the Government Facilities Sector

18. July 2, Help Net Security– (Massachusetts) Harvard University suffers IT security breach. Harvard University announced July 1 that 8 of its schools and administrative organizations were affected by a data breach discovered June 19. Federal law enforcement is working with the school to conduct a forensic investigation. Source: http://www.net-security.org/secworld.php?id=18586

Communications Sector

See item 31 above in the Government Facilities Sector