Tuesday, March 25, 2014




Complete DHS Report for March 25, 2014

Daily Report

Details

 • Blue line rail service was suspended March 24 after a Chicago Transit Authority train continued through the end of the platform and struck the escalators leading to the terminals at O’Hare International Airport, leaving 32 people injured.– WMAQ 5 Chicago

7. March 24, WMAQ 5 Chicago – (Illinois) Train derailment at O’Hare leaves 32 injured. Blue line rail service was temporarily suspended March 24 after an 8-car Chicago Transit Authority train continued through the end of the platform and struck the escalators leading to the terminals at O’Hare International Airport, leaving 32 people injured. Authorities are investigating the cause of the accident. Source: http://www.nbcchicago.com/news/local/Chicago-OHare-airport-Blue-Line-Derailment-CTA-251888361.html

 • Authorities closed the Houston Ship Channel indefinitely after nearly 170,000 gallons of tar-like oil spilled into the Texas waterway when a barge collided with a ship March 22. – Associated Press

8. March 24, Associated Press – (Texas) ‘Significant’ oil spill closes US ship channel. Authorities closed the Houston Ship Channel indefinitely after nearly 170,000 gallons of tar-like oil spilled into the Texas waterway when a barge collided with a ship March 22. Crews worked to place approximately 60,000 feet of containment booms around the area during cleanup efforts. Source: http://news.msn.com/us/significant-oil-spill-closes-us-ship-channel
 • A March 22 landslide in Washington left 8 people dead and at least 100 others missing, while prompting the indefinite closure of State Route 530. – Reuters

9. March 24, Reuters – (Washington) Over 100 missing-persons reports filed in Washington mudslide. A March 22 landslide in Washington left 8 people dead and at least 100 others reported missing after homes and cars were covered in debris up to 15 feet deep. The landslide was triggered by rain-soaked embankments which prompted the indefinite closure of State Route 530 in both directions. Source: http://www.reuters.com/article/2014/03/24/us-usa-mudslide-washingtonstate-idUSBREA2L0R020140324

• Researchers found that the Package Management Service for Android can create vulnerabilities, impacting over one billion devices, by improperly vetting requests for operating system or app privileges after an update, automatically granting privileges that did not exist in older versions of Android. – Threatpost See item 25 below in the Information Technology Sector

Financial Services Sector

4. March 22, Billings Gazette – (Montana) 2 men charged after police find hundreds of stolen credit cards. Two men were charged March 18 after they were arrested in Billings when a payment card they attempted to use was declined and hundreds of stolen payment cards were found in their possession. Source: http://mtstandard.com/news/state-and-regional/men-charged-after-police-find-hundreds-of-stolen-credit-cards/article_a9b8385c-b177-11e3-81e0-0019bb2963f4.html

5. March 21, Delaware County Daily Times – (Pennsylvania) Drexel Hill man charged with bank fraud, ID theft in $232,000 scam. An Upper Darby man was charged with bank fraud and identity theft for allegedly working with coconspirators to pose as bank account holders and steal around $232,570 from accounts using fake identity documents between July 2007 and December 2011. Source: http://www.delcotimes.com/general-news/20140321/drexel-hill-man-charged-with-bank-fraud-id-theft-in-232000-scam

6. March 21, U.S. Attorney’s Office, Eastern District of California – (California) Two indicted in 20,000-victim credit card fraud. A Sacramento man and a Los Angeles man were indicted March 20 for allegedly creating fictitious companies and then charging over 20,000 credit card holders small amounts, hoping that account holders and credit card companies would not notice the fraudulent charges. Source: http://www.fbi.gov/sacramento/press-releases/2014/two-indicted-in-20-000-victim-credit-card-fraud

Information Technology Sector

25. March 20, Threatpost – (International) Weakness in Android update service puts all devices at risk for privilege escalation. Researchers at Indiana University and Microsoft published a paper that found that the Package Management Service (PMS) for Android can create vulnerabilities dubbed Pileup flaws by improperly vetting requests for operating system or app privileges after an update, automatically granting privileges that did not exist in older versions of Android. The researchers stated that vulnerabilities exist on all Android Open Source Project versions and on many customized versions, impacting over one billion Android devices. Source: http://threatpost.com/weakness-in-android-update-service-puts-all-devices-at-risk-for-privilege-escalation/104906

Communications Sector

26. March 23, Clarksville Leaf-Chronicle – (Tennessee) Failed fiber line caused CDE lightband internet phone service outage in Clarksville. Customers of Clarksville Department of Electricity’s CDE Lightband experienced a 15 hour Internet and telephone service outage March 23 after losing its fiber-optic connection with its provider in Atlanta due to a failed piece of fiber. Crews spliced in an additional line and restored service. Source: http://www.theleafchronicle.com/article/20140323/NEWS01/303230015/Failed-fiber-line-caused-CDE-Lightband-Internet-phone-service-outage-in-Clarksville