Friday, June 13, 2014




Complete DHS Report for June 13, 2014

Daily Report

Top Stories

 • A makeshift device deemed suspicious by authorities exploded at the UniSource Energy Services’ Valencia Plant in Nogales, Arizona, June 11 damaging a diesel storage tank and forcing the shutdown of the plant while officials investigated the incident. – Phoenix Arizona Republic

1. June 12, Phoenix Arizona Republic – (Arizona) “Suspicious device” explodes at Nogales power plant. A makeshift device deemed suspicious by authorities exploded at the UniSource Energy Services’ Valencia Plant in Nogales, Arizona, June 11 damaging a diesel storage tank and forcing the shutdown of the plant while officials investigated the incident. There were no power disruptions or injuries due to the explosion. Source: http://www.azcentral.com/story/news/arizona/2014/06/11/nogales-explosion-power-plant-arizona-abrk/10351107/

 • A semi-truck carrying 4,800 gallons of toxic embalming fluid overturned off the side of Windy Gap Mountain closing Virginia Route 116 in Roanoke County, Virginia, for about 24 hours June 11 and injuring the driver. – Roanoke Times 

4. June 11, Roanoke Times – (Virginia) Jae Valley Road reopened after tanker spill. A semi-truck carrying 4,800 gallons of toxic embalming fluid overturned off the side of Windy Gap Mountain on Virginia Route 116 in Roanoke County, split open, and spilled its contents June 11, sending the driver to an area hospital with minor injuries. The roadway was closed for about 24 hours while crews cleaned the crash site, and as many as 20 homes and businesses were evacuated as a precaution. Source: http://www.roanoke.com/news/local/franklin_county/jae-valley-road-reopened-after-tanker-spill/article_09edb8ea-f16b-11e3-a15a-001a4bcf6878.html

 • Officials shut down both directions of Interstate 81 in Hamblen County, Tennessee, June 11 for about 8 hours after a semi-truck carrying 40, 55-gallon drums of ethanolamine caught fire due to a mechanical issue on the rig. – Knoxville News Sentinel

 10. June 11, Knoxville News Sentinel – (Tennessee) All lanes of I-81 open after hazardous materials truck fire in Hamblen County. Officials shut down both directions of Interstate 81 in Hamblen County June 11 for about 8 hours after a semi-truck carrying 40 55-gallon drums of ethanolamine caught fire due to a mechanical issue on the rig. HAZMAT crews responded and cleaned up the scene. Source: http://www.knoxnews.com/news/2014/jun/11/hazardous-materials-truck-fire-closes-i-81-in/

 • The U.S. Inspector General’s office is investigating a potential multi-State unemployment insurance fraud scam after Massachusetts authorities discovered the State paid out at least $280,000 in false claims since March. – State House News (See item 22)

22. June 11, State House News Service – (National) US investigating possible multi-state unemployment insurance fraud scheme. The U.S. Inspector General’s office is investigating a potential multi-State unemployment insurance fraud scam after Massachusetts authorities discovered the State paid out at least $280,000 in false claims since March. Officials continue to investigate after stopping the fraudulent benefit payments and have notified victims of the erroneous claims. Source: http://www.masslive.com/news/index.ssf/2014/06/us_investigating_possible_mult.html


Financial Services Sector

6. June 11, White Plains Journal News – (New York) Former bank employee pleads not guilty to stealing $187G. A former Key Bank personal banker from Spring Valley pleaded not guilty June 11 to charges that she allegedly stole $187,000 from two customers between August 2012 and November 2013 while she was employed by the bank. Source: http://www.lohud.com/story/news/crime/2014/06/11/rockland-banker-fraud-charges-indicted/10332197/

7. June 11, Fort Worth Star-Telegram – (Texas) Wig bandit II strikes again in Fort Worth. Police stated that a suspect known as the “Wig Bandit II” was responsible for the robberies of two banks June 9 and June 10 in Fort Worth, bringing the total robberies attributed to the suspect to three. Source: http://www.star-telegram.com/2014/06/11/5892664/wig-bandit-ii-strikes-again-in.html

 Information Technology Sector

 23. June 12, The Register – (International) Sealed with an XSS: I gave TweetDeck a heart attack, says teen comp sci boff Firo. A computer science student who identified a basic cross-site scripting (XSS) flaw in Twitter’s TweetDeck client stated that the vulnerability was spotted while experimenting with the HTML heart-symbol character. The vulnerability caused Twitter to shut down the TweetDeck client for some users due to others abusing the XSS vulnerability. Source: http://www.theregister.co.uk/2014/06/12/tweetdeck_xss_vuln_uncovered_by_heart_hunting_teenager/

24. June 12, The Register – (International) Poison PDF pusher released to public. A security researcher released a tool developed as part of a penetration testing exploit kit which allows users to easily create malicious PDF documents with URL pointers added to them. Only unpatched systems were likely to be affected. Source: http://www.theregister.co.uk/2014/06/12/adobe_hack_tool_makes_targeted_attacks_even_easier/

25. June 11, Securityweek – (International) Twitter fixes TweetDeck XSS security vulnerability. Twitter disabled its TweetDeck app for about an hour June 11 after a cross-site scripting (XSS) vulnerability was discovered that could allow XSS to be executed by viewing a specially-crafted tweet. Researchers at Rapid7 reported that the issue primarily affected users of the TweetDeck plugin for Chrome. Source: http://www.securityweek.com/twitter-fixes-tweetdeck-xss-security-vulnerability

26. June 11, Securityweek – (International) Chrome, Firefox updates address security vulnerabilities. Google released an update for its Chrome browser, closing four security vulnerabilities. Mozilla also released an update for its Firefox browser, which closed seven vulnerabilities, five of which were rated as critical. Source: http://www.securityweek.com/chrome-firefox-updates-address-security-vulnerabilities

27. June 11, Securityweek – (International) Adobe issues security updates for Flash Player, AIR. Adobe released updates for several versions of its Flash Player and AIR products June 10, including updates for Flash Player for Windows and Mac OS X which were rated as high priority due to current or potential attacks exploiting those vulnerabilities. Source: http://www.securityweek.com/adobe-issues-security-updates-flash-player-air

 Communications Sector

28. June 12, Stanford Interior Journal – (Kentucky) Storm takes out power, phones in Crab Orchard. Strong storms which produced heavy rain caused an indefinite citywide power outage and loss of telephone service for Crab Orchard, Kentucky, June 10. Source: http://www.centralkynews.com/amnews/news/local/boyle/storm-takes-out-power-phones-in-crab-orchard/article_64fb1a9f-e9a2-5a64-beb4-d93e80955fea.html