Friday, July 18, 2014




Complete DHS Report for July 18, 2014

Daily Report

Top Stories

 · Federal authorities announced July 16 that Minnesota Power, an ALLETE company, reached a settlement and will spend over $500 million to resolve claims that the company violated provisions of the Clean Air Act. – U.S. Environmental Protection Agency

3. July 16, U.S. Environmental Protection Agency – (Minnesota) US settlement with Minnesota coal-fired utility to reduce emissions, fund projects to benefit environment and communities. The U.S. Environmental Protection Agency and the U.S. Department of Justice announced July 16 that Minnesota Power, an ALLETE company based in Duluth reached a settlement to install pollution control technology and meet emission rates to resolve claims that the company violated the New Source Review provisions of the Clean Air Act. The company will spend over $500 million to implement the required measures, pay a civil penalty of $1.4 million, and spend at least $4.2 million on environmental projects. Source: http://yosemite.epa.gov/opa/admpress.nsf/0/8EDE3E667860955D85257D17006FCAF2

 · Three armed suspects robbed a Bank of the West branch in Stockton, California, July 16 and then took three hostages, started a chase, and exchanged gunfire that resulted in two robbers and one hostage being shot and killed. – Associated Press See item 6 below in the Financial Services Sector

           
 · Officials announced July 16 that an additional 12 boxes and 327 vials holding several pathogens were found in a storage room on the National Institutes for Health campus in Bethesda, Maryland. – Washington Post

17. July 16, Washington Post – (Maryland) FDA found more than smallpox vials in storage room. Authorities continue to investigate after the U.S. Food and Drug Administration announced July 16 that officials found an additional 12 boxes and 327 vials holding several pathogens in a storage room on the National Institutes for Health campus in Bethesda, Maryland, after vials of smallpox were found in July. The vials contained microbes of influenza, dengue, and rickettsia, among others, and showed no signs of leakage. Source: http://www.washingtonpost.com/national/health-science/fda-found-more-than-smallpox-vials-in-storage-room/2014/07/16/850d4b12-0d22-11e4-8341-b8072b1e7348_story.html


 · Fire crews worked July 17 to contain wildfires burning in Washington, Oregon, California, Idaho, and Utah that combined, has burned tens of thousands of acres and prompted the evacuation of hundreds of homes. – Associated Press


18. July 17, Associated Press – (National) Washington wildfire burns through alp-like terrain. Fire crews worked to contain wildfires burning in Washington, Oregon, California, Idaho, and Utah that combined, has burned tens of thousands of acres and prompted the evacuation of hundreds of homes, the closure of a 35-mile stretch of U.S. Highway 2 in Leavenworth, Washington, and caused the governor’s offices in both Washington and Oregon to declare states of emergency. Source: http://abcnews.go.com/US/wireStory/washington-firefighters-battle-heat-high-winds-24587836


Financial Services Sector

6. July 17, Associated Press – (California) California bank robbery ends in 3 deaths. Three robbers armed with assault rifles robbed a Bank of the West branch in Stockton July 16 and then took three hostages and fled in a stolen vehicle, starting a chase and exchange of fire that resulted in two robbers and one hostage being shot and killed. The other two hostages were also injured and several police cars and nearby homes were also hit by bullets. Source: http://news.msn.com/crime-justice/3-dead-after-california-bank-robbery-gunbattle

7. July 17, Help Net Security – (International) 63% of businesses don’t encrypt credit cards. SecurityMetrics found in a study that 63.86 percent of businesses surveyed store unencrypted 16-digit payment cards on their systems, and 7 percent store magnetic stripe data, providing easy targets for fraud, among other findings. Source: http://www.net-security.org/secworld.php?id=1713

8. July 16, U.S. Attorney’s Office, Southern District of Florida – (Florida) Mortgage lender pleads guilty in multi-million-dollar mortgage fraud scheme. The former president of KMC Mortgage Corporation of Florida pleaded guilty July 16 to working with others to recruit individuals as straw borrowers in an $11 million fraudulent loan scheme. The scheme used radio programs in the south Florida area and targeted members of the Haitian community there in an affinity scheme. Source: http://www.fbi.gov/miami/press-releases/2014/mortgage-lender-pleads-guilty-in-multi-million-dollar-mortgage-fraud-scheme

9. July 16, Columbia The State – (South Carolina) Upstate man pleads guilty in wire fraud scheme that cost victims more than $1 million. A Spartanburg man pleaded guilty July 16 to running a check kiting scheme in South Carolina that used several bank accounts and automotive dealerships that defrauded victims of over $1 million. Source: http://www.thestate.com/2014/07/16/3567676/upstate-man-pleads-guilty-in-wire.html

For another story, see item 21 below in the Information Technology Sector


Information Technology Sector

21. July 17, The Register – (International) Pushdo trojan outbreak: 11 THOUSAND systems infected in just 24 hours. Bitdefender researchers reported that a new campaign to spread the Pushdo botnet malware compromised over 11,000 systems within a 24-hour period, with the majority of infected users in Asia and some in the U.S., U.K., and France. The Pushdo botnet has previously been used in spam campaigns and to distribute malware such as Zeus and SpyEye. Source: http://www.theregister.co.uk/2014/07/17/pushdo_trojan_outbreak/

22. July 17, Softpedia – (International) Cisco patches critical issue in wireless residential gateway products. Cisco released patches for several Cisco Wireless Residential Gateway products, closing a vulnerability that could allow attackers to use malicious HTTP requests to crash the Web server and inject commands or execute code with elevated privileges. Source: http://news.softpedia.com/news/Cisco-Patches-Critical-Issue-in-Wireless-Residential-Gateway-Products-451109.shtml

23. July 17, Softpedia – (International) SQL injection risk in vBulletin receives prompt patch. vBulletin released a patch for its forum software which closes a SQL injection vulnerability that was identified and disclosed by Romanian Security Team. Source: http://news.softpedia.com/news/SQL-Injection-Risk-in-vBulletin-Receives-Prompt-Patch-451090.shtml

24. July 17, Softpedia – (International) Critical vulnerabilities fixed in Drupal 7.29 and 6.32. The Drupal Security Team advised all users to update to versions to 7.29 or 6.32 in order to close vulnerabilities that could allow attackers to perform denial of service (DoS) attacks cross-site scripting (XSS) attacks. Source: http://news.softpedia.com/news/Critical-Vulnerabilities-Fixed-in-Drupal-7-29-and-6-32-451074.shtml

25. July 17, Threatpost – (International) Five vulnerabilities fixed in Apache Web Server. The Apache Software Foundation released version 2.4.10-dev of its Apache Web Server, closing five vulnerabilities, including a buffer overflow vulnerability and several denial of service (DoS) vulnerabilities. Source: http://threatpost.com/five-vulnerabilities-fixed-in-apache-web-server/107278

Communications Sector

Nothing to report