Monday, August 1, 2016



Complete DHS Report for August 1, 2016

Daily Report                                            

Top Stories

• A 7-alarm fire July 28 at the Pinnacle Propane Express plant in Gurnee, Illinois, damaged a nearby business, forced authorities to evacuate individuals within a 1.5-mile radius, and shut down a nearby Union Pacific railroad. – Arlington Heights Daily Herald

1. July 28, Arlington Heights Daily Herald – (Illinois) Gurnee fire leader: Massive propane plant fire explosion averted. A 7-alarm fire July 28 at the Pinnacle Propane Express plant in Gurnee, Illinois, damaged the building and a nearby business, forced authorities to evacuate individuals within a 1.5-mile radius after the facility was evacuated, and shut down a nearby Union Pacific railroad until crews cleared the scene. The cause of the explosion and fire are under investigation.

• A former office manager and bookkeeper for Total Fire Protection in Alabaster, Alabama, was charged July 27 after she allegedly used the personal information of several individuals to embezzle approximately $328,000 from Total Fire Protection and related companies’ bank accounts from 2013 – 2015. – Birmingham Business Journal See item 4 below in the Financial Services Sector

• The Washington State Department of Labor and Industries cited Seattle Bulk Shipping Inc. with 50 workplace violations July 28 following an investigation at its Harbor Island facility. – Washington State Department of Labor & Industries

9. July 28, Washington State Department of Labor & Industries – (Washington) Seattle employer fined nearly $450,000 for failing to correct workplace hazards. The Washington State Department of Labor & Industries cited Seattle Bulk Shipping Inc. with 50 workplace violations July 28 following an investigation at its Harbor Island facility which found that the marine terminal operator failed to correct a “confined space” violation, failed to provide an approved emergency eyewash station, and committed other serious violations connected to emergency procedures for potential ethanol release, among other violations. Proposed fines total $424,850.  Source: http://lni.wa.gov/News/2016/pr160728a.asp

• The former headmaster of Southlake Christian Academy in North Carolina pleaded guilty July 28 to embezzling nearly $9 million from the parochial school and its affiliated church, and using the funds for personal expenses. – WJZY 46 Belmont

24. July 28, WJZY 46 Belmont – (North Carolina) Former headmaster pleads guilty to wire fraud, faces up to 9 years in prison. The former headmaster of Southlake Christian Academy in North Carolina pleaded guilty July 28 to embezzling nearly $9 million from the parochial school and its affiliated church, and using the funds for personal expenses and the personal expenses of an unnamed co-conspirator. The former headmaster attempted to hide the theft by opening 29 checking accounts, obtaining 26 credit cards, 7 loans, and creating 9 limited liability companies.

Financial Services Sector

4. July 28, Birmingham Business Journal – (Alabama) Shelby County woman indicted for bank fraud. A former office manager and bookkeeper for Total Fire Protection in Alabaster, Alabama, was charged July 27 after she allegedly used the personal information of several individuals to embezzle approximately $328,000 from Total Fire Protection and related companies’ bank accounts from 2013 – 2015. The charges also allege the former manager drew unemployment benefits from the State under another person’s Social Security number and under reported her taxable income from 2013 – 2014. Source: http://www.bizjournals.com/birmingham/news/2016/07/28/shelby-county-woman-indicted-for-bank-fraud.html

Information Technology Sector

25. July 29, Help Net Security – (International) SpyNote Androit RAT builder has been leaked. Palo Alto Networks’ researchers warned that a builder for the SpyNote Android remote access trojan (RAT) is being distributed freely on several underground hacker forums and configures the RAT to contact a specific command and control (C&C) server over a specific port, removing its icon once it is installed. The malware is capable of viewing messages on infected devices, collecting device information, and exfiltrating files, among other tasks.

26. July 28, IDG News Service – (International) The AdGholas malvertising campaign infected thousands of computers per day. Proofpoint researchers reported that the group behind the malvertising operation AdGholas managed to distribute malicious advertisements through more than 100 ad exchanges, attracted between 1 million and 5 million page hits a day, and redirected up to 20 percent of computers that loaded the rogue ads to servers hosting exploit kits (EK) through the use of a series of complex checks and the use of steganography. The operation was suspended July 20.

Communications Sector

Nothing to report