Wednesday, December 9, 2015



Complete DHS Report for December 9, 2015

Daily Report                                            

Top Stories

• Heavy flooding in Washington, Oregon, and California caused public transit delays, displaced at least 100 families, prompted officials to issue a costal hazard warning, and closed several roads December 7. – Weather.com

5. December 8, Weather.com – (National) Portland is under water: sewers overflow, roads flood as relentless storms hit the Northwest. Heavy flooding in Washington, Oregon, and California caused public transit delays, displaced at least 100 families from an apartment complex in Portland, prompted officials to issue a costal hazard warning in California, and caused a rockslide to shut down U.S. Route 12 in Yakima County for several hours December 7. Source: http://www.weather.com/storms/severe/news/pacific-northwest-storm-impacts

• Health officials closed all food-service locations inside the Russell Investments Center in Seattle December 7 after nearly 200 people who attended a party became ill with norovirus. – Reuters

12. December 7, Reuters – (Washington) Two hospitalized, nearly 200 sickened in Seattle norovirus outbreak. Health officials closed all food-service locations inside the Russell Investments Center in Seattle December 7 after nearly 200 people who attended a party catered by California-based Bon Appetit Management Co., December 1 became ill with norovirus. The building was disinfected and authorities continue to investigate the source of the illness. Source: http://www.reuters.com/article/us-washington-norovirus-idUSKBN0TR06I20151208

• FireEye released a potential remediation 6 hours after Project Zero researchers reported that a remote code execution (RCE) vulnerability was found affecting FireEye’s Malware Protection System (MPS). – SecurityWeek See item 21 below in the Information Technology Sector

• Officials reported that 94 families were displaced from the Tenino Terrace apartment complex in Portland, Oregon, after the Johnson Creek flooded, spilling pollutants and chemicals December 7. – Portland Oregonian

22. December 8, Portland Oregonian – (Oregon) SE Portland apartment complex residents evacuate as flooding precaution. A Portland Fire & Rescue official reported December 7 that 9 apartment buildings were affected and up to 94 families were displaced from the Tenino Terrace apartment complex following voluntary evacuations after the Johnson Creek flooded, spilling pollutants and chemicals. Officials reported that water levels were as high as 12 inches and may have leaked into the apartments. Source: http://www.oregonlive.com/portland/index.ssf/2015/12/se_portland_low-income_housing.html

Financial Services Sector

3. December 7, Las Vegas Review-Journal – (International) Las Vegas jury convicts two in multimillion-dollar fraud. A Federal jury in Las Vegas convicted 2 men December 7 for their roles in an investment fraud scheme that bilked 30 investors out of $11 million between 2009 and 2011 by convincing them to invest $100,000 to $1.2 million in the fraudulent Swiss company, the Malom Group. Four other individuals were also charged in the scheme. Source: http://www.reviewjournal.com/news/las-vegas/las-vegas-jury-convicts-two-multimillion-dollar-fraud

4. December 7, U.S. Attorney’s Office, Western District of Pennsylvania – (International) U.S. citizen deported from Uganda to face counterfeiting charges in western Pennsylvania. Officials in Pennsylvania announced December 7 that a U.S. citizen was extradited from the Republic of Uganda and charged with allegedly operating a worldwide cyber counterfeiting scheme that circulated over $1.4 million in fake U.S. Federal Reserve Notes from December 2013 – December 2014. Source: https://www.fbi.gov/pittsburgh/press-releases/2015/u.s.-citizen-deported-from-uganda-to-face-counterfeiting-charges-in-western-pennsylvania

Information Technology Sector

18. December 7, Softpedia – (International) Malware steals iOS and BlackBerry backups via infected PCs. Palo Alto Networks released a report stating that many mobile backup tools lack secure encryption protocols, which can allow attackers to steal local mobile backup data and sensitive information from infected Apple Mac and Microsoft Windows computers, and discover and extract Apple iOS and Microsoft BlackBerry backup files via 6 trojan families that use the BackStab attack technique. Security researchers advised users to use backup tools that supports encryption, to maintain routine updates to their mobile operation system (OS), and to use an antivirus product, among other recommendations. Source: http://news.softpedia.com/news/malware-steals-ios-and-blackberry-backups-via-infected-pcs-497244.shtml

19. December 7, SecurityWeek – (International) Rootnik trojan modifies legitimate root tool to hack Android devices. Researchers at Palo Alto Networks discovered a new trojan, dubbed Rootnik, that uses the Root Assistant utility to gain root access on Android devices, which can allow attackers to download executable files from remote servers for local execution; steal Wi-Fi passwords, keys, Service Set Identifiers (SSID), and Basic Service Set Identifiers (BSSID); and harvest victims’ private information. The trojan can infect computers by being embedded on copies of legitimate applications including Wi-Fi Analyzer, Open Camera, Infinite Loop, and HD Camera, among other tools. Source: http://www.securityweek.com/rootnik-trojan-modifies-legitimate-root-tool-hack-android-devices

20. December 7, Softpedia – (International) Google patches Android for more bugs in its December security bulletin. Google released security updates addressing 19 flaws in Nexus devices for its Android builds LMY48Z and later, and Android Marshmallow including a critical security vulnerability that can enable a remote code execution (RCE) to affect devices through email, web browsing, and Multimedia Messaging Service (MMS) when processing media files, and as well as a critical severity flaw affecting Android’s Skia graphics engine (RCE), the display driver, and an elevation of privileges in the kernel itself.

21. December 7, SecurityWeek – (International) FireEye patches critical flaw found by Google researchers. Researchers from Project Zero discovered and reported that a remote code execution (RCE) vulnerability was found affecting FireEye’s Malware Protection System (MPS) including its Network Security (NX), Email Security (EX), Malware Analysis (AX), and File Content Security (FX) products. FireEye released an automated remediation to customers 6 hours after notification and mitigated potential customer exposure. Source: http://www.securityweek.com/fireeye-patches-critical-flaw-found-google-researchers

Communications Sector

Nothing to report