Thursday, July 28, 2016



Complete DHS Report for July 28, 2016

Daily Report                                            

Top Stories

• Officials approved 200 water crossings and 3 Section 408 easements July 26, allowing the $3.8 billion, 1,168-mile Dakota Access pipeline to cross U.S. Army Corps of Engineers property along its route from the Bakken region of North Dakota through Iowa and into Illinois. – Bismarck Tribune; Cedar Rapids Gazette

2. July 26, Bismarck Tribune; Cedar Rapids Gazette – (National) U.S. Army Corps of Engineers approves Dakota Access river crossing permits. The U.S. Army Corps of Engineers approved 200 water crossings and 3 Section 408 easements July 26, allowing the $3.8 billion, 1,168-mile Dakota Access pipeline to cross U.S. Army Corps of Engineers property along its route from the Bakken region of North Dakota through Iowa and into Illinois. Energy Transfer Partners, the pipeline’s developer, still requires approval for an easement in Illinois and an easement in South Dakota.

• PSEG Nuclear officials reported July 25 that its Salem 2 nuclear reactor at Salem Nuclear Power Plant in Lower Alloways Creek Township, New Jersey, was shut down July 24 after an alert from a generator protection system indicated there was an electrical fault in the reactor’s main generator. – South Jersey Times

3. July 26, South Jersey Times – (New Jersey) N.J. nuclear plant shut down for 4th time in past month. PSEG Nuclear officials reported July 25 that its Salem 2 nuclear reactor at Salem Nuclear Power Plant in Lower Alloways Creek Township, New Jersey, was shut down July 24 after an alert from a generator protection system indicated there was an electrical fault in the reactor’s main generator. Officials stated that Salem 1 is also shutdown to replace damaged bolts in the reactor core, while Hope Creek continues to operate at full power. Source: http://www.nj.com/salem/index.ssf/2016/07/nj_nuclear_plant_shut_down_for_4th_time_in_past_mo.html

• A sewer line break caused more than 300,000 gallons of untreated sewage to spill into the Mohawk River in Amsterdam, New York, July 25. – WRGB 6 Schenectady

14. July 26, WRGB 6 Schenectady – (New York) Pipe break sends 300,000 gallons of sewage into Mohawk River. A sewer line break caused more than 300,000 gallons of untreated sewage to spill into the Mohawk River in Amsterdam, New York, July 25. State officials reported that a notice of violation was issued against the city of Amsterdam and plans to improve the infrastructure were underway. Source: http://cbs6albany.com/news/local/pipe-break-sends-300000-gallons-of-sewage-into-mohawk-river

• A state of emergency was declared July 26 for Los Angeles and Monterey counties due to the 37,701-acre Sand Fire and the more than 20,000-acre Soberanes Fire. – KABC 7 Los Angeles

16. July 27, KABC 7 Los Angeles – (California) State of emergency declared to help battle Sand Fire. The acting governor of California declared a state of emergency July 26 for Los Angeles and Monterey counties due to the 37,701-acre Sand Fire and the more than 20,000-acre Soberanes Fire, which have prompted mandatory evacuations and the response of more than 3,000 firefighters.

Financial Services Sector

5. July 26, KTLA 5 Los Angeles – (California) So-called ‘Cowboy Bandits’ convicted for robberies throughout L.A. County: FBI. Two Los Angeles residents dubbed the “Cowboy Bandits” were convicted July 26 for their roles in a series of armed robberies at gas stations and a Citibank branch in Los Angeles County during the fall of 2013. Source: http://ktla.com/2016/07/26/so-called-cowboy-bandits-convicted-for-robberies-throughout-l-a-county-fbi/

Information Technology Sector

19. July 27, Softpedia – (International) Two vulnerabilities affect LastPass, both allow full password compromise. Researchers with Google Project Zero and Detectify discovered a vulnerability affecting LastPass through its JavaScript code that parsed the Uniform Resource Locator (URL) of the page LastPass was working on, potentially allowing an attacker to gain a user’s credentials by tricking the user into accessing a URL in the form of “attacker-site.com/@twitter.com/@script.php.” The vulnerability was patched; however a second vulnerability that could lead to a complete LastPass compromise was reported and is currently being evaluated by the service. Source: http://news.softpedia.com/news/two-vulnerabilities-affect-lastpass-both-allow-full-password-compromise-506677.shtml

20. July 27, Help Net Security – (International) DDoS attacks increase 83%, Russia top victim. Nexusguard released a report showing that distributed denial-of-service (DDoS) attacks increased 83 percent to more than 182,900 attacks in the second quarter of 2016, with Russia as the top victim country. The U.S. and China were part of the top three targeted countries as the company also reported increases in routing information protocol (RIP) and multicast domain name service (mDNS) threats. Source: https://www.helpnetsecurity.com/2016/07/27/ddos-attacks-increase-russia-top-victim/

21. July 27, SecurityWeek – (International) Siemens patches flaws in industrial automation products. Siemens released software updates addressing several vulnerabilities found in SIMATIC and SINEMA products including a cross-site scripting (XSS) vulnerability in the integrated Web server of SINEMA Remote Connect Server which can be exploited by a remote attacker by tricking the user into clicking on a specially crafted link, as well as two high severity improper input validation bugs that were discovered in SIMATIC WinCC SCADA systems and PCS7 distributed control systems (DCS), among other vulnerabilities. Source: http://www.securityweek.com/siemens-patches-flaws-industrial-automation-products

For another story, see item 4 below from the Critical Manufacturing Sector

4. July 27, Help Net Security – (International) Osram’s intelligent home lighting system in riddled with flaws. A researcher from Rapid7 discovered nine vulnerabilities affecting the Home and Pro versions of Osram’s Lightify intelligent home lighting system running on Apple iOS7 or above and Android 4.1 or above that could allow attackers to discover the Wi-Fi Protected Access (WPA) pre-shared key of the user’s home Wi-Fi and the network’s password, to launch browser-based attacks against the user’s workstation, control the light installations, and access confidential data. The vendor addressed nearly all problems in its latest patch set, with the exception of Secure Sockets Layer (SSL) pinning and issues related to ZigBee rekeying. Source: https://www.helpnetsecurity.com/2016/07/27/osram-lightify-flaws/

Communications Sector

Nothing to report