Tuesday, August 18, 2015




Complete DHS Report for August 18, 2015

Daily Report                                            

Top Stories

 · The U.S. Federal Aviation Administration reported August 15 that a system problem at the Washington Air Route Control Center in Virginia forced the agency to temporarily halt area departures, leading to East Coast flight delays and cancellations. – CNN

12. August 15, CNN – (National) D.C., New York flight delays caused by air traffic glitch, FAA says. The U.S. Federal Aviation Administration (FAA) reported August 15 that a problem with the system that processes flight plans at the Washington Air Route Control Center in Leesburg, Virginia, forced the agency to temporarily halt departures for all aircraft in the District of Columbia area’s major airports, leading to flight delays and cancellations along the East Coast.Source: http://www.cnn.com/2015/08/15/travel/flight-delays-dc-new-york/

 · An August 15 fire destroyed a Washington College-leased building on Maryland’s Eastern Shore, causing $3.5 million in estimated damages. – Washington Post

17. August 17, Washington Post – (Maryland) Damage estimated at $3.5 million after fire at Maryland’s Washington College. An August 15 fire destroyed a Washington College-leased administrative building on Maryland’s Eastern Shore, causing an estimated $3.5 million in damage. The building was unoccupied during the incident and the cause of the fire remains under investigation. Source: http://www.washingtonpost.com/local/crime/damage-estimated-at-35-million-after-fire-at-marylands-washington-college/2015/08/17/c35a8814-4497-11e5-8e7d-9c033e6745d8_story.html

 · The Industrial Control Systems Computer Emergency Response Team published six advisories covering multiple recently discovered vulnerabilities affecting Web-based Supervisory Control and Data Acquisition human machine interfaces. – Securityweek See item 28 below in the Information Technology Sector

 · A sulfur dioxide leak at Hydrite Chemical Co., in Indiana August 15 prompted the evacuation of 200-300 spectators at the Hulman Mini Speedway and hospitalized at least 15 people. – Associated Press

33. August 16, Associated Press – (Indiana) 15 treated at hospital after Terre Haute chemical leak. A sulfur dioxide leak at Hydrite Chemical Co., in Terre Haute, Indiana, August 15 prompted the evacuation of 200-300 spectators at the nearby Hulman Mini Speedway racetrack and sent at least 15 people to area hospitals for respiratory issues including nasal irritation, nausea, and difficulty breathing. The leak was contained after several hours. Source: http://www.indystar.com/story/news/2015/08/16/treated-hospital-terre-haute-chemical-leak/31825833/

Financial Services Sector

8. August 17, U.S. Securities and Exchange Commission – (National) Citigroup affiliates to pay $180 million to settle hedge fund fraud charges. The U.S. Securities and Exchange Commission announced August 17 that Citigroup Global Markets Inc., and Citigroup Alternative Investments LLC (CAI) agreed to pay $180 million to settle allegations that the affiliates failed to disclose risks associated with the ASTA/MAT and Falcon hedge funds, which raised almost $3 billion from about 4,000 investors before collapsing, and that CAI accepted up to $110 million in investments after the funds began to collapse. Source: http://www.sec.gov/news/pressrelease/2015-168.html

For another story, see item 34 below from the Commercial Facilities Sector

34. August 15, WMAR 2 Baltimore – (Maryland) Bomb threat force Annapolis evacuations. Three businesses including two Sun Trust Banks and one Giant Food Store in Annapolis were evacuated for more than 2 hours August 15 after the businesses received consecutive bomb threats, demanding monetary funds. Police searched the three facilities and cleared the scene once nothing suspicious was found. Source: http://www.abc2news.com/news/crime-checker/anne-arundel-crime/bomb-threats-force-annapolis-evacuations

Information Technology Sector

28. August 17, Securityweek – (International) Alerts issued for zero-day flaws in SCADA systems. The Industrial Control Systems Computer Emergency Response Team (ICS-CERT) published six advisories after security researchers from Elastica discovered several remote and local file inclusion, weak password hashing, insecure authentication, hardcoded credentials, weak cryptography, and cross-site request forgery (CSRF) vulnerabilities, among others, affecting Web-based Supervisory Control and Data Acquisition (SCADA) human machine interfaces (HMI) used by multiple organizations. Source: http://www.securityweek.com/ics-cert-issues-alerts-zero-day-flaws-scada-systems

29. August 17, Securityweek – (International) BitTorrent flaws can be exploited for DRDoS attacks: researchers. Security researchers reported that malicious actors could exploit vulnerabilities in BitTorrent’s Micro Transport (uTP), Distributed Hash Table (DHT), and Message Stream Encrypton (MSE) protocols as well as its Sync tool to reflect and amplify traffic via distributed reflective denial-of-service (DRDoS). Source: http://www.securityweek.com/bittorrent-flaws-can-be-exploited-drdos-attacks-researchers

30. August 17, Securityweek – (International) Exploit for OS X zero-day published by researcher. A security researcher published a proof of concept (PoC) for a local privilege escalation vulnerability in Apple’s OS X Yosetime dubbed “tpwn”, which could be executed by leveraging two security bugs to gain root privileges using a specially crafted file Source: http://www.securityweek.com/exploit-os-x-zero-day-published-researcher

31. August 15, Softpedia – (International) Administrators continue to fail in securing databases by using proper configs. Security researchers from BinaryEdge released analysis of 4 technologies including Redis, MongoDB, Memcached, and ElasticSearch, revealing that almost 1.2 petabytes (PB), or 1,175 terabytes (TB) of data were vulnerable due to administrators’ use of default configurations that do not block connections from untrusted external actors. Source: http://news.softpedia.com/news/administrators-continue-to-fail-in-securing-databases-by-using-proper-configs-489322.shtml

For another story, see item 23 below from the Government Facilities Sector

23. August 16, Charlottesville Daily Progress – (Virginia) UVa board hears about cyberattack, faculty hiring progress. University of Virginia officials restored the school’s computer network August 16 after shutting it down August 14 due to a cyber-security threat that targeted the personal email accounts of 2 university employees. Faculty, students, and staff were urged to change their passwords after the network was brought back online.

Communications Sector

See item 28 above in the Information Technology Sector