Wednesday, December 28, 2016



Complete DHS Report for December 28, 2016

Daily Report                                            

Top Stories

• Texas Best Proteins (Farm to Market Foods) issued a recall December 24 for approximately 25,332 pounds of its Dirty Rice products due to misbranding and undeclared peanuts. – U.S. Department of Agriculture

15. December 25, U.S. Department of Agriculture – (Texas) Texas Best Proteins recalls Cajun Style Dirty Rice containing chicken products and Turkey Cajun Dinner Kits containing Dirty Rice due to misbranding and undeclared allergens. Texas Best Proteins (Farm to Market Foods) issued a recall December 24 for approximately 25,332 pounds of its Cajun Style Dirty Rice containing chicken products and its Turkey Cajun Dinner Kits containing Dirty Rice products due to misbranding and undeclared peanuts after the company was notified by its supplier that the Worcestershire sauce used in the rice product was recalled as the sauce may contain peanut, which is not listed on the product label. There have been no confirmed reports of adverse reactions and the products were shipped to retail outlets in Texas. Source: https://www.fsis.usda.gov/wps/portal/fsis/topics/recalls-and-public-health-alerts/recall-case-archive/archive/2016/recall-122-2016-release

• Officials reported that a malfunction at the Lake Creek Lift Station in Austin, Texas, caused around 50,000 gallons of wastewater to overflow December 24. – Austin American-Statesman

18. December 24, Austin American-Statesman – (Texas) About 50,000 gallons of wastewater overflow in northwest Austin. Austin Water Utility officials reported that a malfunction at the Lake Creek Lift Station in Austin, Texas, caused around 50,000 gallons of wastewater to overflow December 24. Officials stated that none of the spillage went into the creek and the overflow did not impact the city’s drinking water supply. Source: http://www.statesman.com/news/local/about-000-gallons-wastewater-overflow-northwest-austin/bzVY6a11dhICchrfk96hON/

• Officials reached a roughly $40 million settlement December 23 to resolve claims against around 100 potentially responsible parties for the cleanup of the Peterson/Puritan, Inc. Superfund Site in Cumberland and Lincoln, Rhode Island. – U.S. Environmental Protection Agency

20. December 23, U.S. Environmental Protection Agency – (Rhode Island) Settlement reached at the Peterson/Puritan, Inc. Superfund Site in Cumberland and Lincoln, R.I. The U.S. Environmental Protection Agency, U.S. Department of Justice, and Rhode Island Department of Environmental Protection reached a more than $40 million settlement December 23 to resolve Federal and State liability claims against around 100 potentially responsible parties for the cleanup of Operable Unit Two of the Peterson/Puritan, Inc. Superfund Site in Cumberland and Lincoln, Rhode Island, following decades of hazardous waste dumping at the site that polluted the neighboring Blackstone River, groundwater, and soils. The settlement calls for the excavation and consolidation of contaminated soils and sediments, construction of a multi-layered impermeable cap, and long term monitoring, among other measures. Source: https://www.epa.gov/newsreleases/settlement-reached-petersonpuritan-inc-superfund-site-cumberland-and-lincoln-ri

• About 500 Kit Carson Electric Cooperative, Inc. customers in Arroyo Hondo, Arroyo Seco, and Questa, New Mexico, were without Internet service for roughly 36 hours December 20 – December 22 due to a hardware failure. – Taos News See item 24 below in the Communications Sector

Financial Services Sector

7. December 23, SecurityWeek – (International) Phishers adopt malware distribution-like tactics. Proofpoint security researchers reported that a recently spotted phishing campaign designed to steal credit card information was employing a technique previously associated with malware distribution, which involves the distribution of a malicious Hypertext Markup Language (HTML) attachment that is XOR-encoded inside a password protected .zip archive to make detection more difficult and to convince victims that the email is legitimate. The spam emails also leveraged stolen branding and social engineering to trick users into giving away their credit card information by telling the spam recipients that they need to update their credit card security information in order to receive a new card equipped with a chip. Source: http://www.securityweek.com/phishers-adopt-malware-distribution-tactics

8. December 23, Cottage Grove Herald-Independent – (Wisconsin) Card skimmers strike Monona, Cottage Grove: Information gathered after thieves use readers, cameras at bank, credit union ATMs. Authorities in Monona, Wisconsin, are searching December 23 for 4 Romanian nationals suspected of installing card readers and cameras at outside ATMs at Monona State Bank, Old National Bank, and University of Wisconsin Credit Union locations in Monona, as well as at a Cottage Grove branch of Monona State Bank between November and December 2016. Source: http://www.hngnews.com/monona_cottage_grove/article_e3a895c0-c925-11e6-b531-27fa05478e12.html

Information Technology Sector

23. December 27, SecurityWeek – (International) Critical RCE flaw patched in PHPMailer. The developers of PHPMailer released version 5.2.18 of the product to resolve a critical remote code execution (RCE) flaw after a security researcher from Legal Hackers found the flaw can be exploited by a remote, unauthenticated attacker for arbitrary code execution in the context of the Web server user in order to compromise a targeted Web application. The researcher found the vulnerability can be exploited through Website components including feedback forms, registration forms, and password reset features that use a version of PHPMailer for sending emails that is impacted by the security hole. Source: http://www.securityweek.com/critical-rce-flaw-patched-phpmailer

For another story, see item 7 above in the Financial Services Sector

Communications Sector

24. December 25, Taos News – (New Mexico) Kit Carson Internet restored after multi-day outage. About 500 Kit Carson Electric Cooperative, Inc. customers in parts of Arroyo Hondo, Arroyo Seco, and Questa, New Mexico, were without Internet service for roughly 36 hours December 20 – December 22 due to a hardware failure at 2 of the company’s substations. The exact cause of the outage remains under investigation.