Monday, December 15, 2014



Complete DHS Report for December 15, 2014

Daily Report

Top Stories

 • Two contractors and a crew member were killed while two other crew members suffered injuries in an engine room fire aboard the Miami-based Oceania Cruises’ Insignia cruise ship docked in St. Lucia December 11. – South Florida Sun Sentinel

9. December 12, South Florida Sun Sentinel – (International) Oceania cruise ship fire kills 3. Two contractors and a crew member were killed while two other crew members suffered injuries in an engine room fire aboard the Miami-based Oceania Cruises’ Insignia cruise ship docked in St. Lucia December 11. The fire was contained to the engine room and extinguished and the remainder of the cruise was cancelled while officials worked to transport all 684 passengers to Miami. Source: http://www.msn.com/en-us/news/us/oceania-cruise-ship-fire-kills-3/ar-BBgFH50

 • A December 11 storm caused over 100,000 customers in San Francisco to lose power, prompted major sections of Bay Area freeways to close, forced school closures across several counties, and caused more than 240 flight cancellations. – Los Angeles Times

12. December 11, Los Angeles Times – (California) California storm: 113,000 still without power, travel disrupted. A December 11 storm that caused severe flooding forced major sections of Bay Area freeways to close, caused more than 240 flight cancellations and travel delays, and forced the Bay Area Rapid Transit to close 2 stations due to a power outage, in addition to school closures across several counties. More than 100,000 customers in San Francisco lost power as crews worked to restore service. Source: http://www.latimes.com/local/lanow/la-me-ln-winter-storm-california-winds-20141211-story.html

 • Officials are investigating after more than 100 students from Centennial High School in Roswell, Georgia, and their family members became sick following a football banquet December 8. – WSB 2 Atlanta

20. December 11, WSB 2 Atlanta – (Georgia) 100+ sickened after high schools sports banquet. The Fulton County Health Department and school officials are investigating after more than 100 students from Centennial High School in Roswell, Georgia, and their family members became sick, experiencing symptoms which included nausea, vomiting, and abdominal cramps following a football banquet December 8. Source: http://www.wsbtv.com/news/news/local/100-sickened-after-high-schools-sports-banquet/njQyL/

 • A 3-alarm fire at the Thanksgiving Tower commercial high rise in Dallas December 11 killed 3 subcontractors, injured 3 additional individuals, and prompted the evacuation of 2,800 employees inside the building. – KXAS 5 Fort Worth

30. December 12, KXAS 5 Fort Worth – (Texas) Thousands evacuated after fatal fire breaks out at Dallas' Thanksgiving Tower. A 3-alarm fire at the Thanksgiving Tower commercial high rise in Dallas December 11 killed 3 subcontractors that were working in a thermal storage tank inside the building’s basement heating and cooling unit, injured 3 additional individuals, and prompted the evacuation of 2,800 employees inside the building. Crews cut off power to the building before they could battle the blaze that was believed to be electrical in nature. Source: http://www.nbcdfw.com/news/local/Fire-Reported-at-Thanksgiving-Tower-High-Rise-285502401.html

Financial Services Sector

7. December 12, Threatpost – (International) Upatre downloader spreading Dyreza banking trojan. Microsoft warned December 11 that the Upatre downloader is being used in a wire-transfer spam campaign to spread the Dyreza banking malware, mainly targeting victims in the U.S. and Canada. The malware is able to bypass encryption in order to steal online banking credentials and other data. Source: http://threatpost.com/upatre-downloader-spreading-dyreza-banking-trojan/109858

Information Technology Sector

26. December 12, The Register – (International) Hackable intercom lets you SPY on fellow apartment-dwellers. A researcher presenting at the Kiwicon security conference detailed how he was able to use several vulnerabilities in the GrandStream GXV3175 video intercom, including directory traversal and command injection flaws, to potentially spy on any resident in an apartment building equipped with the devices. The issues were patched by the manufacturer after the researcher reported them. Source: http://www.theregister.co.uk/2014/12/12/hackable_intercom_becomes_neighbour_spy_box/
27. December 12, The Register – (International) Microsoft pulls a patch and offers PHANTOM FIX for the mess. Microsoft took down an update included in its monthly Patch Tuesday release due to the patch causing issues on systems running Windows 7 Service Pack (SP1) and Windows Server 2008 R2 SP1. A second patch was then published to address the issue. Source: http://www.theregister.co.uk/2014/12/12/microsoft_pulls_a_patch_and_offers_phantom_fix_for_the_mess/
28. December 12, Securityweek – (International) Malwarebytes anti-exploit upgrade mechanism vulnerable to MitM attacks. A Fox-IT researcher identified and reported vulnerabilities in consumer versions of Malwarebytes Anti-Malware 2.0.2 and earlier, and Malwarebytes Anti-Exploit 1.03 and earlier that could have left the security products vulnerable to man-in-the-middle (MitM) attacks and allowed the download of malicious content. The vulnerabilities were reported in July and August and patched in September and October. Source: http://www.securityweek.com/malwarebytes-anti-exploit-upgrade-mechanism-vulnerable-mitm-attacks

Communications Sector
29. December 11, Burlington Free Press – (New Hampshire; Vermont) Statewide FairPoint Internet outage alleviated. Internet service for FairPoint Communications customers in Vermont and parts of New Hampshire was restored after being disrupted for nearly 12 hours December 11 due to a hardware issue during routine maintenance work. Source: http://www.burlingtonfreepress.com/story/news/local/2014/12/11/fairpoint-internet-disruption-alleviated/20254613/