Complete DHS Report for June 10, 2016
Daily Report
Top Stories
•Severe storms in Pennsylvania June 8 knocked out power to
approximately 89,500customers and forced Southeastern Pennsylvania
Transportation Authority (SEPTA) to suspend service on certain lines until
further notice. – WCAU 10 Philadelphia
1. June 8,
WCAU 10 Philadelphia – (Pennsylvania) String of severe storms brings down wires,
stops trains. A series of severe storms that moved across Pennsylvania June
8 knocked out power to approximately 89,500 customers, stopped 3 Amtrak trains,
and forced Southeastern Pennsylvania Transportation Authority (SEPTA) to
suspend service on its Chestnut Hill West and Trenton Regional Rail Lines until
further notice. Source: http://www.nbcphiladelphia.com/weather/stories/Severe-thunderstorms-Philly-382237871.html
•Indictments unsealed June 7 revealed that 14 members of the Back
Side and Team Side gangs were arrested and charged in Brooklyn, New York, after
FBI agents intercepted a package belonging to the defendants that contained
more than 1,300 fraudulent credit cards. – U.S. Attorney’s Office, Eastern
District of New York See item 7 below in
the Financial Services Sector
•The City of St. Pete Beach dumped nearly 300,000 gallons of water
into the Boca Ciega Bay June 7 after rain caused sanitary sewers to overflow
into city streets. – WFLA 8 Tampa
19. June 8,
WFLA 8 Tampa – (Florida) St. Pete Beach dumps 300,000 gallons of sewage into
Boca Ciega Bay. The City of St. Pete Beach dumped nearly 300,000 gallons of
water into the Boca Ciega Bay June 7 after rain caused sanitary sewers to
overflow into city streets. The overflow resumed June 8 despite earlier efforts
to clean the spill, and officials issued water advisories urging residents to
cease using water to help alleviate pressure on the sewer system. Source: http://wfla.com/2016/06/08/st-pete-beach-dumps-300000-gallons-of-sewage-into-tampa-bay/
•Facebook Inc., and Netflix began resetting their users’ passwords
as a precaution after an attacker breached the Web sites of Tumblr and MySpace,
among others and released over750 million user records online. – WeLiveSecurity.com
See item 25 below in
the Information Technology Sector
Financial Services Sector
5. June 8,
Chicago Tribune – (Illinois) ‘North Center Bandit’ hits bank for first time in
6 months. Authorities offered a reward in exchange for information on a man
dubbed the “North Center Bandit” who is suspected of robbing a Chase Bank
branch in the Jefferson Park area of Illinois June 8. Officials stated the man
is suspected of committing four other bank robberies in the Chicago area since
August 2015. Source: http://www.chicagotribune.com/news/local/breaking/ct-north-center-bandit-new-bank-robbery-20160608-story.html
6. June 8,
WJHL 11 Johnson City – (Virginia) Two arrested in southwest VA after traffic stop,
search yields 99 fake credit cards. Two New York men were arrested and
charged in southwest Virginia June 6 after police discovered around 99
counterfeit or forged credit cards in the duo’s vehicle during a routine
traffic stop. Source: http://wjhl.com/2016/06/08/two-arrested-after-traffic-stop-search-yields-99-fake-credit-cards/
7. June 7,
U.S. Attorney’s Office, Eastern District of New York – (New
York) Fourteen defendants charged with drug trafficking and illegal weapons
possession in the Cypress Hills Houses in Brooklyn. Indictments unsealed
June 7 revealed that authorities arrested and charged 14 members of the Back
Side and Team Side gangs in Brooklyn, New York, after FBI agents intercepted a
package belonging to the defendants that contained more than 1,300 fraudulent
credit cards. Authorities stated that a Federal investigation also revealed the
gang members were trafficking weapons and drugs from the New York City Housing
Authority’s Cyprus Hills Houses. Source: https://www.justice.gov/usao-edny/pr/fourteen-defendants-charged-drug-trafficking-and-illegal-weapons-possession-cypres
Information Technology Sector
22. June 9,
Help Net Security – (International) Bug in Chrome’s PDF reader allows arbitrary
code execution. A security researcher discovered that the PDFium, a default
PDF reader in Google Chrome Web browser was susceptible to a heap-based buffer
overflow vulnerability in OpenJPEG parsing library that can be exploited
through a PDF file with an embedded jpeg2000 whose SIZ marker states 0
components. In addition, the vulnerability can be exploited to achieve
arbitrary code execution on a victim’s system and cause disruption of service,
unauthorized information disclosure, and modification. Source: https://www.helpnetsecurity.com/2016/06/09/bug-chromes-pdf-reader/
23. June 8,
ComputerWorld; TorrentFreak.com; Softpedia – (International) uTorrent
forums breached via software vendor, consider passwords compromised. The
uTorrent team released a security advisory warning users of an intrusion into
their IP.Board forum, provided by Invision Power Services, after a client
experienced a breach when an attacker downloaded user information from the
forum and accessed other Invision users. The attacker’s entry point was
unknown, but Invision Power Services released a security update June 1 for its
IP.Board forum platform. Source: http://www.computerworld.com/article/3081345/security/utorrent-forums-breached-via-software-vendor-consider-passwords-compromised.html
24. June 8,
SecurityWeek – (International) RansomWeb attacks on the rise. Security
researchers from High-Tech Bridge reported that RansomWeb attacks were
increasing and have been targeting large organizations with business-critical
Web applications by encrypting data on-the-fly before its insertion into the
database, which can allow attackers to remain undetected and ensure that Web
site backups are overwritten with encrypted content to prevent victims from
decrypting the files.
25. June 8,
WeLiveSecurity.com – (International) Mandatory password reset for some Facebook
and Netflix users in wake of mega-branches. Facebook Inc., and Netflix
began notifying its customers that as a precaution the companies have reset
their users’ passwords after an attacker breached the Web sites of VK.com,
Tumblr, MySpace, and LinkedIn and released over 750 million user records
online. Source: http://www.welivesecurity.com/2016/06/08/password-reset-facebook-netflix/
Communications Sector
Nothing to report