Friday, October 14, 2016



Complete DHS Report for October 14, 2016

Daily Report                                            

Top Stories

• The U.S. Coast Guard and other authorities responded October 11 to a 20,000-gallon diesel fuel spill on the Intracoastal Waterway near Port Isabel, Texas, after a towing vessel struck a dock and released the fuel. – KTRK 13 Houston

1. October 12, KTRK 13 Houston – (Texas) Coast Guard: 20,000 gallons of diesel spills into water near South Padre Island. The U.S. Coast Guard (USCG) and other authorities responded October 11 to a 20,000-gallon diesel fuel spill on the Intracoastal Waterway near Port Isabel, Texas, after a towing vessel struck a dock and released the fuel. The cause of the collision is under investigation and the USCG is working to assess the impact on the waterway and surrounding areas. Source: http://abc13.com/news/coast-guard-20000-gallons-of-diesel-spills-into-waterway/1551945/

• Toyota Motor Corporation issued a recall October 12 for around 92,000 of its model years 2016 – 2017 Toyota Prius vehicles due to a problem affecting the parking brakes that could cause the brake to become inoperative without warning, thereby allowing the vehicle to roll away and increasing the risk of injury. – TheCarConnection.com

4. October 12, TheCarConnection.com – (International) 2016-2017 Toyota Prius recalled to fix faulty parking brake: 92,000 U.S. vehicles affected. Toyota Motor Corporation issued a recall October 12 for around 92,000 of its model years 2016 – 2017 Toyota Prius vehicles sold in the U.S. due to a problem affecting the parking brakes that could cause the brake to become inoperative without warning, thereby allowing the vehicle to roll away if it is not shifted into park and increasing the risk of injury. The recall affects an additional 212,000 vehicles sold in Japan and 17,000 sold in Europe. Source: http://www.thecarconnection.com/news/1106630_2016-2017-toyota-prius-recalled-to-fix-faulty-parking-brake-92000-u-s-vehicles-affected

• The owner of Budget Finance Company in New Martinsville, West Virginia, was charged October 12 for allegedly running a more than $31 million Ponzi scheme from 2005 – 2015. – U.S. Attorney’s Office, Southern District of Ohio See item 6 below in the Financial Services Sector

• About 1 million gallons of untreated wastewater spilled into Jack’s Creek in Washington, North Carolina, October 9 – October 10 after a power outage and flooding from Hurricane Matthew caused a pump station to overflow. – Washington Daily News

16. October 11, Washington Daily News – (North Carolina) 1m gallons of wastewater spill into creek. Approximately 1 million gallons of untreated wastewater spilled into Jack’s Creek in Washington, North Carolina, October 9 – October 10 after a power outage and flooding from Hurricane Matthew caused the pump station at Fifth and Respess streets to overflow. Source: http://www.thewashingtondailynews.com/2016/10/11/1m-gallons-of-wastewater-spill-into-creek/

Financial Services Sector

5. October 13, WTVR 6 Richmond – (North Carolina; Virginia) 4 arrested in Caroline County skimming scam after police chase. Four Brooklyn, New York residents were charged the week of October 10 in Caroline County, Virginia, for their roles in a credit card skimming scam after authorities discovered roughly 75 credit cards, a card skimming device, and a credit card embossing machine, among other illicit materials in the suspects’ vehicle. The individuals are suspected of conducting credit card skimming operations at truck stops in North Carolina and Virginia. Source: http://wtvr.com/2016/10/12/4-arrested-in-caroline-county-skimming-scam-after-police-chase

6. October 13, U.S. Attorney’s Office, Southern District of Ohio – (National) Fraud charges filed against owner of Budget Finance Company. The owner of Budget Finance Company in New Martinsville, West Virginia, was charged October 12 for allegedly running a more than $31 million Ponzi scheme from 2005 – 2015 where she defrauded investors by mailing checks to those who requested periodic payments, and sending them fake quarterly investment statements indicating their account balances and interest paid. The charges allege the owner used funds from new investors to repay previous investors, causing at least 25 investors between $9.5 million and $25 million in losses. Source: https://www.justice.gov/usao-sdoh/pr/fraud-charges-filed-against-owner-budget-finance-company

For another story, see item 21 below from the Commercial Facilities Sector

21. October 13, Softpedia – (International) Vera Bradley retail stores expose payment card data after PoS malware infection. Vera Bradley reported October 13 a breach in its payment card processing system after finding point-of-sale (PoS) malware on its network, which allowed a hacker to collect payment card data including card numbers, cardholder names, expiration dates, and internal verification codes. Officials reported the malware was active between July 25 and September 23 and only affected those customers who shopped at the company’s retail locations. Source: http://news.softpedia.com/news/vera-bradley-retail-stores-expose-payment-card-data-after-pos-malware-infection-509237.shtml

Information Technology Sector

19. October 13, SecurityWeek – (International) Attackers actively exploit recently patched BIND flaw. The Internet Systems Consortium (ISC) reported that it learned a high severity denial-of-service (DoS) vulnerability patched in the Domain Name Server (DNS) software BIND was exploited in the wild to crash servers after Infobyte security researchers published a proof-of-concept (PoC) code and Metasploit module demonstrating the attack.

20. October12, SecurityWeek – (International) Cerber 4.0 fuels new wave of ransomware attacks. Trend Micro security researchers reported that the latest variant of the Cerber ransomware, dubbed Cerber 4.0 was being dropped by the RIG, Neutrino, and Magnitude exploit kits (EK) in malvertising campaigns. Researchers also found Cerber 4.0 uses a randomly generated file extension, and has shifted from a Hypertext Markup Language (HTML) ransom note to an HTML Application (HTA) format. Source: http://www.securityweek.com/cerber-40-fuels-new-wave-ransomware-attacks

Communications Sector

Nothing to report