Monday, December 14, 2015



Complete DHS Report for December 14, 2015

Daily Report                                            

Top Stories

• Crews worked to clean up an oil spill in Somis after a Southern California Edison contractor inadvertently drilled into an oil pipeline December 8, causing 7,980 gallons of oil to spill. – Ventura County Star

1. December 9, Ventura County Star – (California) Crews make progress on Somis oil cleanup; highway lane still closed. Crews worked to fully clean up an oil spill in Somis before the weekend of December 12 after a Southern California Edison contractor inadvertently drilled into an oil pipeline December 8, causing 7,980 gallons of oil to spill. The eastbound lane of Highway 118 remained closed while crews worked to clean up the site, and no environmental damage was reported. Source: http://www.vcstar.com/news/local/camarillo/clean-up-crews-make-progress-at-somis-oil-spill-site-lane-still-closed-267b6d1e-1bda-2e54-e053-01000-361301481.html

• Officials announced December 10 that planes flying lower than 2,000 feet were banned from flying over a gas leak in Porter Ranch, California, through March 2016. – KCBS 2 Los Angeles

8. December 10, KCBS 2 Los Angeles – (California) FAA imposes temporary flight restrictions over gas leak near Porter Ranch. Federal Aviation Administration officials announced December 10 that planes flying lower than 2,000 feet were banned from flying over a gas leak in Porter Ranch through March 2016 due to concerns that fumes from the leak could be ignited. Source: http://losangeles.cbslocal.com/2015/12/10/faa-imposes-temporary-flight-restriction-over-gas-leak-near-porter-ranch/

• Swift Middle School in Connecticut remained closed December 11 after 40 students were transported to hospitals following symptoms due to a reported odor in the building. – Hartford Courant

19. December 11, Hartford Courant – (Connecticut) Watertown Middle School closed Friday after 40 students hospitalized. Swift Middle School in Watertown remained closed December 11 after 40 students were transported to area hospitals following symptoms of dizziness, headaches, and lightheadedness due to a reported odor in the building. State officials were not able to determine the source of the odor during testing. Source: http://www.courant.com/breaking-news/hc-waterford-evacuation-1211-20151210-story.html

• FireEye reported that the backdoor malware dubbed, LATENTBOT is nearly undetectable and primarily targets the financial services and insurance sectors to steal passwords and record keystrokes. – SecurityWeek See item 22 below in the Information Technology Sector

Financial Services Sector

4. December 11, WSPA 7 Spartanburg – (South Carolina) Oconee Co. highway closed by crash, fuel spill. Highway 24 in Oconee County, South Carolina, was closed for several hours December 10 while HAZMAT crews cleaned up a diesel and hydraulic oil spill from a 2-vehicle crash involving a truck and a car. Source: http://wspa.com/2015/12/11/oconee-co-highway-closed-by-crash-fuel-spill/

5. December 10, KXII 12 Sherman – (Texas) Pedestrian hit, killed on US75 in Howe. Northbound lanes of Highway 75 in Howe were closed for over 3 hours December 10 while officials investigated an accident where a semi-truck struck and killed a pedestrian walking along the highway. Source: http://www.kxii.com/home/headlines/Fatality-Accident-on-Highway-75-361408221.html

6. December 10, KOVR 13 Stockton – (California) Deadly big rig crash blocks all northbound lanes on I-5 in Sacramento. One person was killed after a FedEx semi-truck crashed through the median and into the northbound lanes of Interstate 5 in Sacramento, shutting down all northbound lanes for nearly 6 hours December 10 before 2 lanes were reopened. Two northbound lanes and all southbound lanes remained closed for repairs. Source: http://sacramento.cbslocal.com/2015/12/10/big-rig-crash-blocking-northbound-i-5-in-south-sacramento/

7. December 10, Associated Press – (Massachusetts) Train leaves station without operator, passes 4 stations. A 6-car Massachusetts Bay Transportation Authority train carrying approximately 50 passengers left the Braintree Station in Boston without a driver December 10 and went through 4 stations before officials got on board and drove it to the JFK/UMass stop where passengers disembarked. Authorities are investigating the incident. Source: http://www.journalreview.com/news/article_ebb9c554-de08-5456-b10e-a55745dd7f3f.html

8. December 10, KCBS 2 Los Angeles – (California) FAA imposes temporary flight restrictions over gas leak near Porter Ranch. Federal Aviation Administration officials announced December 10 that planes flying lower than 2,000 feet were banned from flying over a gas leak in Porter Ranch through March 2016 due to concerns that fumes from the leak could be ignited. Source: http://losangeles.cbslocal.com/2015/12/10/faa-imposes-temporary-flight-restriction-over-gas-leak-near-porter-ranch/

9. December 10, WOWT 6 Omaha – (Nebraska) Mail theft investigation – three in custody. Police arrested three individuals December 9 for allegedly stealing mail from mailboxes and packages from porches in the Omaha area. Authorities disabled the suspects’ vehicle following a chase and found stolen checks inside the car and mail strewn across Interstate 680 near Mormon Bridge. Source: http://www.wowt.com/home/headlines/Mail-Theft-Investigation---Three-in-Custody-361439511.html

For additional stories, see item 1 above in the Top Stories and 3 below from the Critical Manufacturing Sector

3. December 11, SecurityWeek – (International) Ship data recorders vulnerable to hacker attacks. A researcher from IOActive released a report addressing serious vulnerabilities in a Furuno voyage data recorder (VRD), used in ships, including weak encryption, insecure authentication, a defective firmware mechanism, services plagued by buffer overflow, and command injection vulnerabilities that can be exploited by an unauthenticated attacker with access to the vessel’s network in order to remotely execute arbitrary commands with root privileges, fully compromising the devices.

Information Technology Sector

22. December 11, SecurityWeek – (International) Stealthy backdoor compromised global organizations since 2013: FireEye. Researchers from FireEye reported that the malicious backdoor malware dubbed, LATENTBOT primarily targets the financial services and insurance sectors to steal passwords, record keystrokes, transfer files, and enable attached microphones or webcams by leveraging malicious emails with contaminated Word documents created with Microsoft Word Intruder (MWI) exploit kit (EK) that when opened, executes malicious code and connects to a MWISTAT server and a LuminosityLink, a remote access trojan (RAT). Source: http://www.securityweek.com/stealthy-backdoor-compromised-global-organizations-2013-fireeye

23. December 11, SecurityWeek – (International) WP engine resets password after data breach. Officials from WP Engine reported that users’ credentials may have been compromised in a security breach and recommended that users reset passwords associated with WP Engine user portal, the original WP-Admin account, the WordPress database, and Secure File Transfer Protocol (SFTP), among others. The company continues to investigate the breach. Source: http://www.securityweek.com/wp-engine-resets-passwords-after-data-breach

For another story, see item 3 above in the Financial Services Sector

Communications Sector

Nothing to report