Tuesday, June 17, 2014




Complete DHS Report for June 17, 2014

Daily Report

Top Stories

 • Officials from Freedom Industries proposed June 14 to double its runoff pumping capacity and indefinitely post contractors at its chemical facility in Charleston, West Virginia, after regulators ordered the company to fix a storm water collection trench that overflowed into the Elk River June 12 and 13. – Charleston Gazette

4. June 14, Charleston Gazette – (West Virginia) Freedom proposes runoff control steps in face of DEP orders, water company criticism. Officials from Freedom Industries proposed June 14 to double its runoff pumping capacity and indefinitely post contractors at its chemical facility in Charleston, West Virginia, after regulators ordered the company to fix a storm water collection trench that overflowed into the Elk River June 12 and 13. Water company officials reported that 6 samples taken after the overflow yielded no detection of hazardous chemicals after the company closed 2 pumps for 3 hours as a precaution. Source: http://www.wvgazette.com/article/20140614/GZ01/140619571

 • The U.S. Securities and Exchange Commission filed charges June 13 against four California men for allegedly engaging in insider trading of Ross Stores stocks that resulted in $12 million in illicit profits. – U.S. Securities and Exchange Commission See item 11 in the Financial Services Sector

 • Crews in Bakersfield, California, worked to contain the 2,000-acre Shirley Fire June 15 while more than 1,000 threatened residences were ordered to evacuate. – CBS News

27. June 16, CBS News – (California) Race against time in battle vs. California wildfire threatening more than 1,000 homes. Crews in Bakersfield, California, worked to contain the 2,000-acre Shirley Fire June 15 while more than 1,000 threatened residences were ordered to evacuate. At least 2 structures near the Sequoia National Forest were destroyed by the fire. Source: http://www.cbsnews.com/news/race-against-time-in-battle-vs-california-wildfire-threatening-more-than-1000-homes/

 • Ball State University in Indiana announced June 13 that the university was the victim of two investment fraud schemes allegedly made by a former director of cash and investments that cost the university $13.1 million. – Muncie Star Press

32. June 13, Muncie Star Press – (Indiana; New York) Ball State reveals second fraud case of $5 million. Ball State University in Indiana announced June 13 that the university was the victim of two investment fraud schemes allegedly made by a former director of cash and investments including an $8.1 million investment scandal reported to federal prosecutors in New York City and a separate $5 million fraud investment. Source: http://www.thestarpress.com/article/20140614/NEWS01/306140015/Ball-State-University-fraud-financial-fraud

Financial Services Sector

7. June 16, Threatpost – (International) Dyreza banker trojan seen bypassing SSL. Researchers identified a new banking trojan known as Dyre or Dyreza that uses browser hooking to intercept traffic moving between victims' systems and their intended Web site, allowing attackers to bypass SSL protections and redirect traffic through the attackers' servers. Researchers at CSIS Group found that the trojan is spread through spam messages and then contacts command and control servers, some of which are located in Latvia. Source: http://threatpost.com/dyreza-banker-trojan-seen-bypassing-ssl/106671

8. June 16, Financial Industry Regulatory Authority – (National) FINRA fines Merrill Lynch $8 million; over $89 million repaid to retirement accounts and charities overcharged for mutual funds. The Financial Industry Regulatory Authority (FINRA) - stated June 16 that it fined Merrill Lynch $8 million for the company's failure to waive mutual fund sales charges for some retirement accounts and charities, and ordered the company to pay $24.4 million in restitutions. Merrill Lynch previously repaid another $64.8 million to investors who were overcharged. Source: http://www.finra.org/Newsroom/NewsReleases/2014/P530005

9. June 14, Krebs on Security – (National) P.F. Chang's confirms credit card breach. P.F. Chang's Chinese Bistro stated June 14 that it had confirmed that it was the victim of a customer payment card data breach affecting an unknown number of customers. The company stated that it has temporarily switched to manual payment card imprinting to process transactions while the breach continues to be investigated. Source: http://krebsonsecurity.com/2014/06/p-f-changs-confirms-credit-card-breach/

10. June 14, DNAinfo Chicago – (Illinois) Man accused of skimming 200 Chase Bank ATM cards: Prosecutors. A Romanian national was arrested June 12 in Chicago and was charged for allegedly placing skimming devices on Chase Bank ATMs in the city's North Side area, resulting in the theft of data from 200 cards. Source: http://www.dnainfo.com/chicago/20140614/chicago/man-accused-of-skimming-200-chase-bank-atm-cards-prosecutors

11. June 13, U.S. Securities and Exchange Commission – (California) SEC charges four California residents in $12 million insider trading scheme. The U.S. Securities and Exchange Commission filed charges June 13 against four California men for allegedly engaging in insider trading of Ross Stores stocks that resulted in $12 million in illicit profits. One of the accused worked in the finance department of Ross Stores headquarters and allegedly passed on insider information to three others in order to trade on the nonpublic information. Source: http://www.sec.gov/litigation/litreleases/2014/lr23022.htm

Information Technology Sector

34. June 16, Softpedia – (International) NAS boxes "pwned" by crypto currency miner. Researchers with Dell SecureWorks released a report which showed how an attacker was able to utilize vulnerabilities in the DiskStation Manager (DSM) operating system used in Synology network access storage (NAS) devices to plant the CPUMiner crypto currency mining malware. The attacker used the malware to mine over $600,000 in the Dogecoin crypto currency, though the vulnerabilities were later patched by Synology. Source: http://news.softpedia.com/news/NAS-Boxes-Pwnwed-by-Crypto-Currency-Miner-446883.shtml

35. June 13, Threatpost – (International) ISC patches critical DoS vulnerability in BIND. The Internet Systems Consortium (ISC) reported June 11 that a vulnerability exists in some BIND domain name system (DNS) servers that could allow attackers to perform denial of service (DoS) attacks by sending a specially designed query. The ISC advised users to update to the newest version of BIND, which is not vulnerable. Source: http://threatpost.com/isc-patches-critical-dos-vulnerability-in-bind/106653

For another story, see item 7 above in the Financial Services Sector

Communications Sector

36. June 13, Softpedia – (National) AT&T customer details accessed without authorization. Some AT&T customers were informed by letter that employees at one of the company's service providers may have accessed personal identifiable information, including Social Security numbers, without authorization somewhere between April 9 and April 21. Source: http://news.softpedia.com/news/AT-T-Customer-Details-Accessed-without-Authorization-446701.shtml

37. June 13, KOVR 13 Sacramento – (California) Comcast, Verizon outage in Vacaville, Fairfield caused by construction crews. Customers of Comcast and Verizon in the Vacaville and Fairfield areas of California experienced outages for several hours due to a construction crew cutting a fiber optic line that serves both companies. Crews were on the scene making repairs. Source: http://sacramento.cbslocal.com/2014/06/13/major-comcast-outage-affecting-internet-customers-from-roseville-to-san-jose/