Complete DHS Report for
December 9, 2015
Daily Report
Top Stories
• Heavy flooding in Washington, Oregon, and California
caused public transit delays, displaced at least 100 families, prompted
officials to issue a costal hazard warning, and closed several roads December
7. – Weather.com
5. December
8, Weather.com – (National) Portland is under water: sewers overflow, roads
flood as relentless storms hit the Northwest. Heavy flooding in Washington,
Oregon, and California caused public transit delays, displaced at least 100
families from an apartment complex in Portland, prompted officials to issue a
costal hazard warning in California, and caused a rockslide to shut down U.S.
Route 12 in Yakima County for several hours December 7. Source: http://www.weather.com/storms/severe/news/pacific-northwest-storm-impacts
• Health officials closed all food-service locations inside
the Russell Investments Center in Seattle December 7 after nearly 200 people
who attended a party became ill with norovirus. – Reuters
12. December
7, Reuters – (Washington) Two hospitalized, nearly 200 sickened in Seattle
norovirus outbreak. Health officials closed all food-service locations
inside the Russell Investments Center in Seattle December 7 after nearly 200
people who attended a party catered by California-based Bon Appetit Management
Co., December 1 became ill with norovirus. The building was disinfected and
authorities continue to investigate the source of the illness. Source: http://www.reuters.com/article/us-washington-norovirus-idUSKBN0TR06I20151208
• FireEye released a potential remediation 6 hours after
Project Zero researchers reported that a remote code execution (RCE)
vulnerability was found affecting FireEye’s Malware Protection System (MPS). – SecurityWeek
See item 21 below in the Information Technology Sector
• Officials reported that 94 families were displaced from
the Tenino Terrace apartment complex in Portland, Oregon, after the Johnson
Creek flooded, spilling pollutants and chemicals December 7. – Portland
Oregonian
22. December
8, Portland Oregonian – (Oregon) SE Portland apartment complex residents
evacuate as flooding precaution. A Portland Fire & Rescue official
reported December 7 that 9 apartment buildings were affected and up to 94
families were displaced from the Tenino Terrace apartment complex following
voluntary evacuations after the Johnson Creek flooded, spilling pollutants and
chemicals. Officials reported that water levels were as high as 12 inches and
may have leaked into the apartments. Source: http://www.oregonlive.com/portland/index.ssf/2015/12/se_portland_low-income_housing.html
Financial Services Sector
3. December
7, Las Vegas Review-Journal – (International) Las Vegas jury
convicts two in multimillion-dollar fraud. A Federal jury in Las Vegas
convicted 2 men December 7 for their roles in an investment fraud scheme that
bilked 30 investors out of $11 million between 2009 and 2011 by convincing them
to invest $100,000 to $1.2 million in the fraudulent Swiss company, the Malom
Group. Four other individuals were also charged in the scheme. Source: http://www.reviewjournal.com/news/las-vegas/las-vegas-jury-convicts-two-multimillion-dollar-fraud
4. December
7, U.S. Attorney’s Office, Western District of Pennsylvania –
(International) U.S. citizen deported from Uganda to face counterfeiting
charges in western Pennsylvania. Officials in Pennsylvania announced
December 7 that a U.S. citizen was extradited from the Republic of Uganda and
charged with allegedly operating a worldwide cyber counterfeiting scheme that
circulated over $1.4 million in fake U.S. Federal Reserve Notes from December
2013 – December 2014. Source: https://www.fbi.gov/pittsburgh/press-releases/2015/u.s.-citizen-deported-from-uganda-to-face-counterfeiting-charges-in-western-pennsylvania
Information Technology Sector
18. December
7, Softpedia – (International) Malware steals iOS and BlackBerry backups via
infected PCs. Palo Alto Networks released a report stating that many mobile
backup tools lack secure encryption protocols, which can allow attackers to steal
local mobile backup data and sensitive information from infected Apple Mac and
Microsoft Windows computers, and discover and extract Apple iOS and Microsoft
BlackBerry backup files via 6 trojan families that use the BackStab attack
technique. Security researchers advised users to use backup tools that supports
encryption, to maintain routine updates to their mobile operation system (OS),
and to use an antivirus product, among other recommendations. Source: http://news.softpedia.com/news/malware-steals-ios-and-blackberry-backups-via-infected-pcs-497244.shtml
19. December
7, SecurityWeek – (International) Rootnik trojan modifies legitimate root tool
to hack Android devices. Researchers at Palo Alto Networks discovered a new
trojan, dubbed Rootnik, that uses the Root Assistant utility to gain root
access on Android devices, which can allow attackers to download executable
files from remote servers for local execution; steal Wi-Fi passwords, keys,
Service Set Identifiers (SSID), and Basic Service Set Identifiers (BSSID); and
harvest victims’ private information. The trojan can infect computers by being
embedded on copies of legitimate applications including Wi-Fi Analyzer, Open
Camera, Infinite Loop, and HD Camera, among other tools. Source: http://www.securityweek.com/rootnik-trojan-modifies-legitimate-root-tool-hack-android-devices
20. December
7, Softpedia – (International) Google patches Android for more bugs in its
December security bulletin. Google released security updates addressing 19
flaws in Nexus devices for its Android builds LMY48Z and later, and Android
Marshmallow including a critical security vulnerability that can enable a
remote code execution (RCE) to affect devices through email, web browsing, and
Multimedia Messaging Service (MMS) when processing media files, and as well as
a critical severity flaw affecting Android’s Skia graphics engine (RCE), the
display driver, and an elevation of privileges in the kernel itself.
21. December
7, SecurityWeek – (International) FireEye patches critical flaw found by Google
researchers. Researchers from Project Zero discovered and reported that a
remote code execution (RCE) vulnerability was found affecting FireEye’s Malware
Protection System (MPS) including its Network Security (NX), Email Security
(EX), Malware Analysis (AX), and File Content Security (FX) products. FireEye
released an automated remediation to customers 6 hours after notification and
mitigated potential customer exposure. Source: http://www.securityweek.com/fireeye-patches-critical-flaw-found-google-researchers
Communications Sector
Nothing to report