Wednesday, October 12, 2016



Complete DHS Report for October 12, 2016

Daily Report                                            

Top Stories

• Nearly 100,000 people lost power throughout the South Bay area of California and the former Exxon Mobil Refinery in Torrance, California, experienced a flare-up October 11, forcing the facility to be evacuated and prompting a shelter-in-place order for all area residents for around 2 hours. – KABC 7 Los Angeles

1. October 11, KABC 7 Los Angeles – (California) Nearly 100K lose power in South Bay; flare-ups seen at Torrance Refinery. Nearly 100,000 people lost power throughout the South Bay area of California and the former Exxon Mobil Refinery in Torrance, California, experienced a flare-up October 11, forcing the facility to be evacuated and shut down, prompting a shelter-in-place order for all area residents for around 2 hours, and prompting officials to close the Torrance Unified School District until October 12. Southern California Edison officials are investigating the cause of the outage. Source: http://abc7.com/news/flare-ups-at-torrance-refinery-amid-power-outage-reports/1549648/

• Volkswagen Group issued 3 separate recalls October 7 for around 334,000 of its model years 2007 – 2016 Volkswagen and Audi brand vehicles in select makes due to potential fuel leaks. – Reuters

2. October 7, Reuters – (International) Volkswagen, Audi recall 334,000 vehicles in North America due to fuel leaks. Volkswagen Group issued 3 separate recalls October 7 for around 334,000 of its model years 2007 – 2016 Volkswagen and Audi brand vehicles in select makes due to potential fuel leaks, which could increase the risk of a vehicle fire. Volkswagen stated no fires have been reported. Source: http://www.reuters.com/article/us-volkswagen-usa-idUSKCN1271RL

• More than 5 million gallons of sewage flowed into the Ortega River in Florida October 8 after a wastewater lift station in southwest Jacksonville went offline during Hurricane Matthew. – WTLV 12 Jacksonville

21. October 8, WTLV 12 Jacksonville – (Florida) 5 million gallons of sewage dump into Ortega River during Hurricane Matthew. More than 5 million gallons of sewage flowed into the Ortega River in Florida October 8 after a wastewater lift station in southwest Jacksonville went offline during Hurricane Matthew. The Jacksonville Environmental Agency is working with the Florida Department of Environmental Protection to monitor the river.

• Mylan N.V. agreed October 7 to pay $465 million to resolve allegations that it overcharged Medicaid programs by improperly classifying its EpiPen allergy treatment as a generic drug instead of a branded drug. – Wall Street Journal

23. October 7, Wall Street Journal – (National) Mylan to pay $465 million to settle Medicaid claims. Mylan N.V. agreed October 7 to pay $465 million to resolve allegations that it overcharged Medicaid programs by improperly classifying its EpiPen allergy treatment as a generic drug instead of a branded drug, which allowed the company to pay a smaller rebate on EpiPen sales to Medicaid. As part of the settlement, Mylan announced plans to launch a $300 generic version of the emergency allergy treatment. Source: http://www.wsj.com/articles/mylan-to-pay-465-million-in-epipen-settlement-1475874312

Financial Services Sector

Nothing to report

Information Technology Sector

27. October 11, SecurityWeek – (International) Malware abuses Windows Troubleshooting Platform for distribution. Proofpoint security researchers discovered a malicious backdoor, dubbed “LatentBot” was abusing the Microsoft Windows Troubleshooting Platform (WTP) feature to trick users into executing the malicious payload, which was being distributed via email attachments with a lure document that once opened, launches a digitally signed DIAGCAB file containing PowerShell commands that download and install the backdoor trojan. Proofpoint reported the malware allows an attacker to preform surveillance, steal information, and gain remote access operations.

28. October 9, Softpedia – (International) Alleged Lizard Squad and PoodleCorp members arrested. Authorities in the U.S. and the Netherlands arrested two individuals who allegedly operated the shenron.lizardsquad.org, lizardsquad.org, stresser.poodlecorp.org, and poodlecorp.org Websites, which offered distributed denial-of-service (DDoS) services for hire as part of the Lizard Squad and PoodleCorp hacking crews. Officials stated the investigation into the hacking groups began when authorities were investigating the phonebomber.net service, a Website with ties to other sites operated by the hacking groups that allowed anyone to purchase on-demand harassment phone calls. Source: http://news.softpedia.com/news/alleged-lizard-squad-and-poodlecorp-members-arrested-509103.shtml

29. October 9, Softpedia – (International) New JavaScript malware shuts down your PC if you terminate its process. Kahu Security researchers discovered a new malware variant was hijacking victims’ browsers’ homepages and shutting down the user’s computer if the user detects the malware and attempts to terminate its process in order to hide a series of operations that alter the underlying operating system (OS) settings on a victim’s device. Researchers found the malware is delivered via spam email as a malicious file attachment coded in JavaScript and is executed via the Microsoft Windows Script Host. Source: http://news.softpedia.com/news/new-javascript-malware-shuts-down-your-pc-if-you-terminate-its-process-509097.shtml

30. October 7, SecurityWeek – (International) GE machine monitoring system plagued by serious flaw. The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) warned a serious vulnerability plaguing the serial and universal serial bus (USB) versions of General Electric’s Bently Nevada 3500/22M machine monitoring system could be exploited by remote attackers to gain unauthorized access to the system with elevated privileges due to the existence of several open ports on the affected device. The devices are used in the energy and chemical sectors, and the company advised users to segment networks, leverage system hardening techniques, and implement bump-in-the-wire solutions to secure the devices. Source: http://www.securityweek.com/ge-machine-monitoring-system-plagued-serious-flaw

For another story, see item 3 below from the Critical Manufacturing Sector

3. October 7, SecurityWeek – (International) Over 500,000 IoT devices vulnerable to Mirai botnet. Flashpoint security researchers discovered over 500,000 Internet of Things (IoT) devices were plagued with vulnerabilities that make the devices an easy target for Mirai or similar botnets that were responsible for massive distributed denial-of-service (DDoS) attacks against KrebsonSecurity.com and Website hosting provider, OVH due to flawed software and firmware provided by China-based XiongMai Technologies, which includes a telnet service that is active by default and allows easy remote access to the devices. Security researchers revealed that video surveillance products from Dahua Technology accounted for 65 percent of compromised devices in the U.S.  Source: http://www.securityweek.com/over-500000-iot-devices-vulnerable-mirai-botnet

Communications Sector

Nothing to report