Tuesday, November 4, 2014



Complete DHS Report for November 4, 2014

Daily Report

Top Stories
  
 · The governor of Maine declared a state of emergency after a November 2 storm which produced blizzard-like conditions knocked out power to more than 137,000 homes and dumped several inches of snow. – Portland Press Herald

1. November 2, Portland Press Herald – (Maine) Strong, early storm cuts power to 137,000 homes. The governor of Maine declared a state of emergency after a November 2 storm which produced blizzard-like conditions knocked out power to more than 137,000 homes and dumped several inches of snow, causing dangerous travel conditions. Source: http://www.pressherald.com/2014/11/02/snowstorm-leads-to-accidents-power-outages-throughout-maine/
 
 · The North Dakota Department of Health announced October 31 that 168,000 gallons of oil production water leaked from a pipeline at a Denbury Onshore-well in Bowman County October 29 into a drainage. – Associated Press

4. October 31, Associated Press – (North Dakota) North Dakota Department of Health responds to 168,000-gallon water spill in Bowman County. The North Dakota Department of Health announced October 31 that 168,000 gallons of water leaked from a pipeline at a Denbury Onshore-well in Bowman County October 29 into a drainage. The water is used to enhance oil recovery and is high in dissolved solids and minerals. Source: http://www.greenfieldreporter.com/view/story/0119acf2025d4604a2657818036c4b72/ND--Water-Spill

 · Authorities are investigating the cause of a fire that broke out November 1 at a Commodity Resource Corp., grain and fertilizer processing plant in Caledonia, New York, and caused heavy damage to several structures. – Rochester Democrat and Chronicle

14. November 2, Rochester Democrat and Chronicle – (New York) Land O'Lakes plant gutted in Caledonia fire. Authorities are investigating the cause of a fire that broke out November 1 at the Land O’Lakes-owned Commodity Resource Corp., grain and fertilizer processing plant in Caledonia, causing heavy damage to several structures, a silo, steel loading facility, and a locomotive. Crews worked through at least November 2 to extinguish hot spots and contain run-off which had mixed with fertilizer from flowing into a nearby creek. Source: http://www.democratandchronicle.com/story/news/2014/11/02/land-o-lakes-plant-gutted-caledonia-fire/18373267/

 · Fumes from a leaking chlorine pump that mixed with muriatic acid in the basement of Olson Middle School in Mauston, Wisconsin, caused about 40 students to be transported to an area hospital after they began experiencing nausea and headaches October 31. – WKOW 27 Madison

21. November 2, WKOW 27 Madison – (Wisconsin) About 40 students taken to hospital after chemical leak in Mauston. Fumes from a leaking chlorine pump that mixed with muriatic acid in the basement of Olson Middle School in Mauston caused about 40 students to be transported to an area hospital after they began experiencing nausea and headaches October 31. Officials aired out the building over the weekend of November 1 and classes were set to resume November 3. Source: http://www.wkow.com/story/27176158/2014/10/31/pool-chemicals-cause-mauston-middle-school-to-evacuate
 
Financial Services Sector

6. October 31, U.S. Securities and Exchange Commission – (International) SEC charges former pharmaceutical company executive and friend with insider trading. The U.S. Securities and Exchange Commission charged a Brisbane, California man who formerly served as an executive for InterMune Inc., for allegedly passing on nonpublic information on the company to a man in the U.K. in an insider trading scheme that generated over $1 million in illicit profits. Source: http://www.sec.gov/litigation/litreleases/2014/lr23125.htm

7. October 31, Softpedia – (International) Upatre malware dropper sent to Bitstamp exchange users. Researchers with ThreatTrack identified an email campaign targeting users of the Bitstamp digital currency exchange that uses sophisticated social engineering to attempt to trick users into opening an attachment containing the Upatre malware dropper. The dropper then adds the Dyre (also known as Dyreza) banking malware to compromised systems. Source: http://news.softpedia.com/news/Upatre-Malware-Dropper-Sent-to-Bitstamp-Exchange-Users-463703.shtml

8. October 30, Lynchburg News & Advance – (Virginia) Moneta woman pleads guilty in $11 million bank fraud case. A Moneta woman who acted as majority owner of Genesis Mansions between 2006 and 2007 pleaded guilty October 30 to conspiring with others to recruit and use straw buyers to run a mortgage fraud and Ponzi scheme that defrauded banks of nearly $11 million. Two mortgage brokers previously pleaded guilty to their roles in the scheme. Source: http://www.newsadvance.com/news/local/moneta-woman-pleads-guilty-in-million-bank-fraud-case/article_d23f8e8e-6085-11e4-916d-0017a43b2370.html

Information Technology Sector

25. November 3, The Register – (International) VMware: Yep, ESXi bug plays ‘finders keepers’ with data backups. VMware confirmed an issue reported by users of its ESXi 4.x and ESXi 5 hypervisor where virtual machines with Changed Block Tracking (CBT) enabled and that have been increased in size by more than 128GB show an inaccurate list of allocated virtual machine disk sectors, which could cause backed-up data to be unrecoverable. VMware recommended that users disable and then re-enable CBT and stated that the company is working on a permanent solution. Source: http://www.theregister.co.uk/2014/11/03/vmware_data_gobbling_bug/

26. November 3, SC Magazine – (International) Researchers notice uptick in ‘Poweliks’ trojan infections. Symantec researchers observed an increase in reported Poweliks trojan infections, with the malware delivered by spam emails, exploit kits, and a spam campaign that impersonates the U.S. Postal Service and Canadian Post. Source: http://www.scmagazine.com/researchers-notice-uptick-in-poweliks-trojan-infections/article/380746/

27. October 31, Securityweek – (International) New RAT hijacks COM objects for persistence, stealthiness. Researchers at G DATA Software’s SecurityLabs identified a new remote access trojan (RAT) dubbed COMpfun that hijacks legitimate Component Object Model (COM) objects to evade detection by security software. The RAT is capable of executing code, logging keystrokes, downloading or uploading files, and other tasks. Source: http://www.securityweek.com/new-rat-hijacks-com-objects-persistence-stealthiness

Communications Sector

28. November 1, Jamestown Sun – (North Dakota) Disruption to phone service; cut to fiber-optic cable disrupts area landline service. Phone service was restored to landline phone users in Stutsman and Barnes counties October 31 after being disrupted for over 6 hours when a CenturyLink fiber-optic line west of Valley City was inadvertently cut. Source: http://www.jamestownsun.com/content/disruption-phone-service-cut-fiber-optic-cable-disrupts-area-landline-service