Wednesday, December 17, 2014



Complete DHS Report for December 17, 2014

Daily Report

Top Stories

 · Rail service for the Washington Metropolitan Area Transit Authority’s Blue, Orange, and Silver lines that run through downtown Washington, D.C. was partially suspended for about 3 hours December 16 due to a water main break that caused flooding in a subway station. – WTOP 103.5 Washington, D.C.

4. December 16, WTOP 103.5 Washington, DC – (Washington, D.C.) Metro’s Blue, Orange, Silver lines resume service after main break. The Washington Metropolitan Area Transit Authority partially suspended rail service on the Blue, Orange, and Silver lines that run through downtown Washington, D.C. for about 3 hours December 16 due to a water main break that submerged rails underwater, affecting tens of thousands of commuters. Crews worked to repair the ruptured water main which was expected to take at least 13 hours. Source: http://www.wtop.com/654/3763819/Water-main-break-causes-major-Metro-delays

 · The Associated Milk Producers Inc. cheese packaging plant in Portage, Wisconsin, is expected to resume operations the week of December 15 after a fire broke out in a storage area at the facility December 12 and prompted the evacuation of about 70 employees. – Portage Daily Register

14. December 14, Portage Daily Register – (Wisconsin) AMPI manager hopes plant shutdown will be brief after fire Friday. About 70 employees were evacuated from the Associated Milk Producers Inc. cheese packaging plant in Portage December 12 after a fire broke out in a storage area at the facility. Officials were investigating the fire and hoped to resume operations at the plant during the week of December 15. Source: http://host.madison.com/news/local/crime_and_courts/fire-damages-ampi-dairy-plant-in-portage/article_b0f2a0ad-782c-5907-b086-6b4a35ba4510.html

  · Crews continued efforts to clean up and disinfect the streets of Georgetown, South Carolina, December 16 after a water main carrying wastewater to the city’s treatment plant was found leaking an estimated 267,000 gallons of untreated wastewater. – WCSC 5 Charleston

15. December 16, WCSC 5 Charleston – (South Carolina) Georgetown wastewater leak not as large as initially believe, crews say. Crews continued efforts to clean up and disinfect the city streets of Georgetown, South Carolina, December 16 after a water main carrying wastewater to the city’s treatment plant was found leaking an estimated 267,000 gallons of untreated wastewater. Source: http://www.live5news.com/story/27634376/portion-of-road-shuts-down-after-1-million-gallon-wastewater-leak

  · The owner of Pharmacare and Caremerica, a pharmacy chain, pleaded guilty before a federal jury in Baltimore, Maryland, December 15 to submitting false claims for prescription refills and defrauding Medicaid and Medicare of $1.5 million. – Associated Press

17. December 15, Associated Press – (Maryland) Pharmacy owned convicted of health care fraud. The owner of Pharmacare and Caremerica, a pharmacy chain, pleaded guilty before a federal jury in Baltimore December 15 to submitting false claims for prescription refills and defrauding Medicaid and Medicare of $1.5 million. Source: http://www.washingtonpost.com/local/pharmacy-owned-convicted-of-health-care-fraud/2014/12/15/d7380f00-84c1-11e4-abcf-5a3d7b3b20b8_story.html

Financial Services Sector

3. December 15, SC Magazine – (International) Researcher identifies XSS vulnerability affecting Citibank website. A security researcher identified and reported a cross-site scripting (XSS) vulnerability in a Web site belonging to Citibank that could allow the personal information, login credentials, and cookies of users and administrators to be stolen. Source: http://www.scmagazine.com/researcher-identifies-xss-vulnerability-affecting-citibank-website/article/388433/

For another story, see item 26 below in the Information Technology Sector

Information Technology Sector

26. December 16, Securityweek – (International) Banking trojan abuses Pinterest in C&C routines. Researchers with Trend Micro identified a variant of the BANKER malware known as TSPY_BANKER.YYSI that is currently targeting users of South Korean banking Web sites via redirection to a phishing site and accesses comments on the Pinterest social network instead of a command and control (C&C) server. The comments are decoded into IP addresses for the server hosting the phishing page. Source: http://www.securityweek.com/banking-trojan-abuses-pinterest-cc-routines

27. December 16, Securityweek – (International) CA Technologies fixes vulnerable CA Release Automation. CA Technologies released a patch for its CA Release Automation continuous delivery system that closes a cross-site request forgery (CSRF), cross-site scripting (XSS), and SQL injection vulnerability in previous versions of the product. Source: http://www.securityweek.com/ca-technologies-fixes-vulnerabilities-ca-release-automation

28. December 15, Threatpost – (International) Shellshock worm exploiting unpatched QNAP NAS devices. Researchers with the SANS Institute stated that network attached storage (NAS) devices manufactured by QNAP may still be vulnerable to attackers exploiting the Bash flaw that was patched previously due to the complexity and lack of automation in the patching process. The researchers published two hashes that have been used in recent attacks to perform click fraud against the JuiceADV advertising network. Source: http://threatpost.com/shellshock-worm-exploiting-unpatched-qnap-nas-devices/109870

Communications Sector

Nothing to report