Tuesday, January 26, 2016



Complete DHS Report for January 26, 2016

Daily Report                                            

Top Stories

• The South Coast Air Quality Management District forced Southern California Gas Co., to begin the immediate shut down of a damaged well leaking natural gas at its storage facility in Porter Ranch and establish a detention center, among other actions January 23. – Los Angeles Times

1. January 23, Los Angeles Times – (California) Regulators order new steps to contain gas leak near Porter Ranch. The Hearing Board of the South Coast Air Quality Management District approved an abatement order January 23 requiring Southern California Gas Co., to begin the immediate shut down of a damaged well leaking natural gas at its Aliso Canyon storage facility in Porter Ranch, establish a leak detention system, and conduct an independent health study. Once the leak is stopped and the well is shut down the utility is required to improve air quality monitoring in the San Fernando Valley community, among other requirements. Source: http://www.latimes.com/local/lanow/la-me-ln-porter-ranch-regulators-approve-comprehensive-abatement-order-over-massive-gas-leak-20160123-story.html

• The U.S. National Highway Traffic Safety Administration issued a recall January 22 for approximately 5 million vehicles equipped with potentially defective Takata Corp air bag inflators. – Reuters

4. January 22, Reuters – (National) New Takata air bag recall to cover five million U.S. vehicles. The U.S. National Highway Traffic Safety Administration issued a recall
January 22 for approximately 5 million vehicles equipped with potentially defective Takata Corp air bag inflators after testing and a fatal accident in December 2015 revealed that the inflators can explode and spray metal shrapnel into vehicle passenger areas. The automakers affected by the recent recall included Volkswagen AG, Audi AG, Daimler's Mercedes-Benz AG, Saab Automobile AB, and four others that were manufactured or distributed in the U.S. Source: http://www.reuters.com/article/us-autos-takata-recalls-exclusive-idUSKCN0V02BS

• A severe winter storm January 23 – January 24 caused at least 28 deaths, over 16,000 flight cancellations, multiple airport closures, and power outages affecting 250,000 customers. – USA Today

7. January 24, USA Today – (National) Blizzard 2016: What you need to know the day after. A severe winter storm January 23 – January 24 impacted over 60 million people along the east coast and dumped approximately 17 – 30 inches of snow in several States, which lead to at least 28 storm-related deaths, a travel ban, the shutdown of public transportation, over 16,000 flight cancellations, multiple airport closures, and power outages affecting 250,000 customers. Source: http://www.usatoday.com/story/news/nation/2016/01/24/blizzard-2106-everything-you-need-know/79259422/

• The U.S. President’s administration announced January 22 that the U.S. Department of Defense will take over the storage of records from Federal background checks following a 2015 cybersecurity breach. – New York Times

17. January 22, New York Times – (National) Storage of records of background checks shifted after last year’s security breach. The U.S. President’s administration announced January 22 that the U.S. Department of Defense will take over the storage of records from Federal background checks following a 2015 cybersecurity breach at the U.S. Office of Personnel Management which compromised the personal information of more than 20 million people. A new agency, the National Background Investigations Bureau, will be in charge of processing Federal background checks and the information will be stored in the Internet “cloud,” among other changes announced as part of the background check system overhaul. Source: http://www.nytimes.com/2016/01/23/us/politics/storage-of-records-of-background-checks-shifted-after-last-years-security-breach.html

Financial Services Sector

5. January 22, San Francisco Bay City News – (California) 3 arrested in insurance fraud scheme that intentionally damaged cars near Salinas. The owners of San, Francisco-based Universal Automotive and West Market Auto Body were arrested January 22 for conspiracy to commit a crime and insurance fraud after the three men and 11 suspected auto shops allegedly participated in a $1 million “scratch out” insurance-fraud scheme in which they convinced car owners to vandalize undamaged cars offsite and file false insurance claims, splitting the money for the repairs with the car owner and keeping the remaining money for profit. Source: http://kron4.com/2016/01/22/3-arrested-in-insurance-fraud-scheme-that-intentionally-damaged-cars-near-salinas/

Information Technology Sector

21. January 25, SecurityWeek – (International) Backdoor found in several Fortinet products. Fortinet released an advisory stating that several of its products including versions of FortiSwitch switches, FortiAnalyzer centralized log and reporting appliances, and FortiCache web cashing appliances were susceptible to a management authentication flaw after company researchers discovered the flaw affected various products following previous reports that the bug only affected its FortiOS system. The flaw can be exploited to log in to vulnerable devices with administration privileges via a shell scripting (SSH) in Interactive-Keyboard mode using a shared password used among all devices. Source: http://www.securityweek.com/backdoor-found-several-fortinet-products

22. January 25, Softpedia – (International) Simple yet efficient Linux backdoor Trojan discovered. Security researchers from Dr. Web discovered a trojan with backdoor capabilities named Linux.BackDoor.Xunpes can copy files, delete files, launch files into execution, run bash commands, and log keystrokes, among other actions by infecting a device via a dropper component that downloads the malware payload and enable attackers to send over 40 different types of commands to any infected host through a command and control (C&C) server. Source: http://news.softpedia.com/news/simple-yet-efficient-linux-backdoor-trojan-discovered-499371.shtml

23. January 24, Softpedia – (International) XSS bug in Magento allows attackers to take over online shops. The Magento project released patches fixing a stored cross-site scripting (XSS) vulnerability in its content management system (CMS) that powers online shops after security researchers from Sucuri discovered that the flaw can be exploited when users register a new account or when users change their current account’s email address as the CMS system has an improper data filtering mechanism that allows attackers to enter malicious code next to their email addresses, allowing hackers to steal cookies and use them to illegally access the site later, among other malicious actions. Source: http://news.softpedia.com/news/xss-bug-in-magento-allows-attackers-to-take-over-online-shops-499331.shtml

24. January 22, SecurityWeek – (International) CryptoWall 4.0 spreading via Angler Exploit Kit. Bitdefender researchers discovered that the CrytoWall 4.0 was added to the Angler Exploit Kit (EK) to encrypt files on an infected device and allow attackers to demand users pay a ransom in order to decrypt files by disguising itself as an AV solutions tester to protect user’s data, while encrypting victims’ data and convincing victims that the “CryptoWall Project” is not malicious.

Communications Sector

Nothing to report