Tuesday, February 25, 2014




Complete DHS Report for February 25, 2014

Daily Report

Details

 • The Colorado Air Quality Control Commission approved a plan February 23 to reduce air pollution from oil and gas drilling, including a Statewide limit on methane emissions. – Associated Press

2. February 23, Associated Press – (Colorado) Colorado panel Oks new oil- and gas-drilling rules. The Colorado Air Quality Control Commission approved February 23 a plan to reduce air pollution from oil and gas drilling, including a Statewide limit on methane emissions. Companies operating in the State will be required to inspect facilities for leaks, up to once a month, install the latest valves and auto-igniters, and capture or control 95 percent of emissions, using vapor-recovery tanks or other technology. Source: http://news.msn.com/us/colorado-panel-oks-new-oil-and-gas-drilling-rules

 • The U.S. Environmental Protection Agency reported February 21 that U.S. Magnesium spilled 8,000 pounds of hydrochloric acid into an unlined retention pond and onto some adjacent land in Tooele County, Utah. – Salt Lake Tribune

4. February 21, Salt Lake Tribune – (Utah) EPA: U.S. Magnesium dumped acid on Utah public lands. The U.S. Environmental Protection Agency reported February 21 that U.S. Magnesium spilled 8,000 pounds of hydrochloric acid into an unlined retention pond and onto some adjacent land in Tooele County in January. The spill was reported once the company and the Agency came to an agreement on a mitigation plan for cleanup and the development of plans to address future spills. Source: http://www.sltrib.com/sltrib/news/57581007-78/spill-magnesium-epa-plan.html.csp

 • A 65-mile stretch of the Mississippi River along Louisiana closed February 22 due to a marine accident involving a barge and two tugboats that resulted in an unknown amount of crude oil spilling into the river. – Associated Press

11. February 24, Associated Press – (Louisiana) River closed at New Orleans after barge spills oil. A 65-mile stretch of the Mississippi River is closed between New Orleans and Vacherie due to a marine accident involving a barge and two tugboats February 22 that resulted in an unknown amount of crude oil spilling into the river. River traffic was halted temporarily in an effort to contain the oil and avoid contaminating passing vessels. Source: http://news.msn.com/us/river-closed-at-new-orleans-after-barge-spills-oil

 • A faulty water heater flue pipe caused a carbon monoxide leak that killed one person and hospitalized 27 others at the Legal Sea Foods restaurant at the Walt Whitman Shops in Long Island, New York, February 23. – Associated Press

37. February 24, Associated Press – (New York) Faulty water heater pipe led to carbon monoxide leak at NY mall. Authorities believe a faulty water heater flue pipe caused a carbon monoxide leak that killed one person and hospitalized 27 others at the Legal Sea Foods restaurant at the Walt Whitman Shops in Long Island February 23. The building was evacuated during the incident, and officials cited the company and closed the restaurant until repairs are made. Source: http://www.foxnews.com/us/2014/02/24/faulty-water-heater-pipe-led-to-carbon-monoxide-leak-at-ny-mall/

Financial Services Sector

6. February 24, Softpedia – (International) Neiman Marcus says 350,000 cards are impacted by breach, not 1.1 million. Neiman Marcus published a letter on its Web site the week of February 17 stating that around 350,000 payment cards may have been affected by a 2013 data breach, not 1.1 million as originally reported, after learning the malware used in the breach was not operating at all stores, and was not operating every day. Source: http://news.softpedia.com/news/Neiman-Marcus-Says-350-000-Cards-Are-Impacted-by-Breach-Not-1-1-Million-428905.shtml

7. February 24, Softpedia – (International) Banking malware distributed via YouTube ads. Bromium researchers found that cybercriminals compromised an ad network that hosted the Styx exploit kit used to serve advertisements on YouTube. The exploit kit pushes Caphaw malware onto infected devices leveraging Java vulnerabilities to obtain banking information. Source: http://news.softpedia.com/news/Banking-Malware-Distributed-via-YouTube-Ads-429011.shtml

8. February 22, Hernando Today – (Florida) 'Skimmers' captured 342 credit cards. A joint investigation between U.S. Secret Service and Hernando County Sheriff's Office found that 342 payment card numbers were captured between February 18-19, on skimming devices installed on 4 gas pumps at a Hess Gas Station in Brooksville. Patrons were advised to cancel their cards and have new ones issued. Source: http://hernandotoday.com/he/list/news/skimmers-captured-342-credit-cards-20140222/

9. February 21, KTVU 2 Oakland – (California) Mom, son, daughter charged in gas pump ID skimming ring. At least six individuals were charged in connection with a skimming scheme after they allegedly placed skimming devices on several gas station pumps around California’s Bay Area. Over a 2-year period, the group bought more than $500,000 worth of merchandise and stole thousands of card numbers. Source: http://www.ktvu.com/news/news/crime-law/bay-area-gas-pump-id-skimming-ring-busted-6-arrest/ndXqG/

Information Technology Sector

34. February 24, Help Net Security – (International) Fortinet upgrades and extends its Next-Generation firewall. Fortinet released FortiOS 5, an update to its network security operating system along with new releases for integrated reporting, APT, and strong authentication. Source: http://www.net-security.org/secworld.php?id=16408

35. February 24, Help Net Security – (International) Apple fixes critical crypto bug in iOS, OS X fix to be released “soon.” Apple released software updates for its iOS mobile operating system and Apple TV addressing a critical encryption flaw, but advised users of its OS X system to avoid using public networks until a fix is provided after a SSL implementation vulnerability was discovered. The vulnerability applies to Apple’s Safari browser and default Mail.app, potentially allowing a Man-in-the-Middle attack. Source: http://www.net-security.org/secworld.php?id=16409

36. February 21, IDG News Service – (International) Glitch hits Google Drive, Docs, trips them for hours. Google announced a service disruption of its Drive cloud storage service, Docs word processing and Sheet spreadsheet applications, and its Sites intranet builder that lasted more than 5 hours February 20. Source: http://www.networkworld.com/news/2014/022114-glitch-hits-google-drive-docs-278976.html

Communications Sector

Nothing to report