Friday, August 14, 2015




Complete DHS Report for August 14, 2015

Daily Report                                            

Top Stories

 · Authorities reported that an August 12 chemical leak in a barrel at Pacific Steel and Recycling plant in Spokane, Washington, hospitalized at least 10 workers and prompted an evacuation of a 4-block perimeter surrounding the site. – KREM 2 Spokane

3. August 13, KREM 2 Spokane – (Washington) 8 critically hurt in chlorine leak at recycling plant. Authorities reported that an August 12 chemical leak in a barrel at Pacific Steel and Recycling plant in Spokane hospitalized at least 10 workers and prompted an evacuation of a 4-block perimeter surrounding the site. Crews worked to decontaminate employees exposed to the chemical and officials temporarily halted Burlington Northern train traffic through the area.

 · A spokesperson with the U.S. Department of Veterans Affairs (VA) stated August 11 that the agency was taking action to enroll and reach out to 35,093 combat veterans that were denied health care enrollment for more than 5 years due to an error with the department’s computer system. – Washington Free Beacon

24. August 11, Washington Free Beacon – (National) 35,000 combat veterans denied health care because of VA computer error. A spokesperson with the U.S. Department of Veterans Affairs (VA) stated August 11 that the agency was taking action to enroll and reach out to 35,093 combat veterans that were denied health care enrollment for more than 5 years due to an error with the department’s computer system. The VA also stated that it is working to correct the computer error.

 · Evacuations were lifted for all residents August 13 while crews continued to battle the 200,000-acre Soda Fire in Boise, Idaho. – KBOI 2 Boise

26. August 13, KBOI 2 Boise – (Idaho; Oregon) Soda Fire: Highway 95 closed again, evacuations lifted. Evacuations were lifted for all residents August 13 while crews continued to battle the 200,000-acre Soda Fire in Boise. Highway 95 between the Oregon border and Highway 55 remained closed, and 1 structure was destroyed while several others remain threatened.

 · Guards used pepper spray and fired warning shots to control a riot involving 70 inmates at the California State Prison, Sacramento after an inmate was attacked in the exercise yard and killed August 12. – KXTV 10 Sacramento; Associated Press (See item 30)

30. August 13, KXTV 10 Sacramento; Associated Press – (California) Member of
infamous ‘San Quentin 6’ killed in Folsom prison riot. Guards used pepper spray and fired warning shots to control a riot involving 70 inmates at the California State Prison, Sacramento after an inmate was attacked in the exercise yard and killed August 12. At least 11 other inmates were injured in the riot. Source: http://www.usatoday.com/story/news/nation/2015/08/12/folsom-prison-riot-killed/31574409/

Financial Services Sector

5. August 13, U.S. Securities and Exchange Commission – (National) Edward Jones to pay $20 million for overcharging retail customers in municipal bond underwritings. The U.S. Securities and Exchange Commission announced August 13 that the St. Louis-based brokerage firm Edward Jones and the former leader of its municipal bonds underwriting desk would pay over $20 million to resolve allegations that they overcharged customers in new municipal bonds sales instead of offering them at the typical initial offering price. Source: http://www.sec.gov/news/pressrelease/2015-166.html

6. August 12, Reuters – (National) U.S. charges data brokers in $7 million payday loan scam. The U.S. Federal Trade Commission announced charges August 12 against Sequioa One LLC, Gen X Marketing Group LLC, and 4 suspects in a data broker operation for allegedly selling the financial information of 500,000 payday loan applicants’ to scammers, who raided bank accounts for at least $7.1 million. Source: http://www.reuters.com/article/2015/08/12/usa-ftc-fraud-idUSL1N10N1F320150812

7. August 13, Philadelphia Business Journal – (National) Trio of regulators order big bank to pay $34M for deposit discrepancies. The U.S. Consumer Financial Protection Bureau, U.S. Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency ordered Citizens Bank to pay $20 million in fines and $14 million in restitution for failing to honor full credit for customer deposits until the fourth quarter of 2013. Source: http://www.bizjournals.com/philadelphia/news/2015/08/12/citizens-bank-fine-deposits-owed-20m-fdic.html

Information Technology Sector

32. August 13, Securityweek – (International) SAP Security updates patch 22 vulnerabilities. SAP released patches for 22 vulnerabilities and updated four previously release patches, including a remote code execution flaw in SAP ST-P that an attacker could leverage to compromise SAP servers and access information stored on them, and a Reflected File Download (RFD) in SAP’s NetWeaver AFP Servlet that could be exploited to push malware onto victims’ devices using a specially crafted link, among other flaws. Source: http://www.securityweek.com/sap-security-updates-patch-22-vulnerabilities

33. August 13, Help Net Security – (International) Cisco spots attackers hijacking its networking gear by modifying firmware. Cisco reported that attackers have been conducting attacks in-the-wild in which they gain administrative or physical access to an IOS device before replacing the IOS ROMMON with a malicious ROMMON image in order to manipulate device behavior.

34. August 12, The Register – (International) CAUGHT: Lenovo crams unremovable crapware into Windows laptops – by hiding it in the BIOS. Security researchers reported that Lenovo bundled laptops with persistent firmware that installs the Lenovo Service Engine (LSE) software, which is vulnerable to a buffer-overflow flaw that could be exploited to gain administrator-level privileges. The LSE software is no longer included in new laptops. Source: http://www.theregister.co.uk/2015/08/12/lenovo_firmware_nasty/

35. August 12, Threatpost – (International) Vulnerabilities identified in several WordPress plugins. Researchers from dxw Security discovered cross-site scripting (XSS) and blind Structured Query Language (SQL) vulnerabilities in WordPress’ iframe version 3.0, Yoast’s Google Analytics, and Symposium plugins for WordPress that could give some users administrative privileges. Source: https://threatpost.com/vulnerabilities-identified-in-several-wordpress-plugins/114255

Communications Sector

Nothing to report