Friday, January 30, 2015




Complete DHS Report for January 30, 2015

Daily Report

Top Stories

 · Officials identified January 28 the chemicals involved in a CSX train derailment in Allendale County, South Carolina, and reported that about 19,000 gallons of hydrochloric acid and 4,000 gallons of diesel fuel spilled during the incident January 27 leading to continued cleanup efforts.– Columbia The State

4. January 28, Columbia The State – (South Carolina) Authorities identify chemicals that leaked from train wreck. The South Carolina Department of Health and Environmental Control reported January 28 that about 19,000 gallons of hydrochloric acid and other acid solutions in addition to 4,000 gallons of diesel fuel, spilled from rail cars that were damaged during a CSX train derailment in Allendale County January 27. Crews used booms to absorb chemicals that spilled into Lower Three Runs Creek and in the Savannah River where the small creek empties. Source: http://www.thestate.com/2015/01/28/3955948_authorities-identify-chemicals.html?rh=1

 · Investment advisory firm and broker dealer Oppenheimer & Co. will pay $20 million in regulatory fines for improperly selling billions of shares of penny stocks in unregistered offerings on behalf of customers. – USA Today (See item 8) below in the Financial Services Sector

 · The U.S. Federal Aviation Administration proposed a $1.3 million fine on United Airlines for allegedly violating hazardous material regulations. – KDVR 31 Denver

9. January 28, KDVR 31 Denver – (National) United charged with $1.3 million penalty for hazardous material violation. The U.S. Federal Aviation Administration (FAA) proposed a $1.3 million fine on United Airlines for allegedly violating hazardous material regulations after the FAA found 120 cases in 4 cities during inspections where the airline failed to follow regulations. Most of the violations involved failure to notify the pilot of accurate information about hazardous materials onboard. Source: http://kdvr.com/2015/01/28/united-charged-with-1-3-million-penalty-for-hazardous-material-violation/

 · A worker at the Loma Linda University Medical Center in California was arrested January 27 for allegedly stealing $360,000 worth of Apple MacBooks and iPads from her job site at the medical center. – Riverside Press-Enterprise

15. January 28, Riverside Press-Enterprise – (California) Redlands: Medical center worker arrested in $360,000 embezzlement case. A worker at the Loma Linda University Medical Center in California was arrested January 27 for allegedly stealing $360,000 worth of Apple MacBooks and iPads from her job site at the medical center. Source: http://www.pe.com/articles/redlands-759123-home-embezzlement.html

Financial Services Sector

8. January 27, USA Today – (International) Oppenheimer hit with $20M in fines. Investment advisory firm and broker dealer Oppenheimer & Co. will pay $20 million in regulatory fines for improperly selling billions of shares of penny stocks in unregistered offerings on behalf of customers, failing to file Suspicious Activity Reports, and withholding and remitting more $3 million in backup withholding taxes from sale proceeds. Source: http://www.usatoday.com/story/money/2015/01/27/oppenheimer-sec-fine/22396695/

Information Technology Sector

23. January 29, Dark Reading – (International) ZeroAccess click-fraud botnet back in action again. Researchers at Dell SecureWorks reported that the ZeroAccess botnet that was disrupted by authorities in 2013, resurfaced and is targeting major search engines and browsers to perpetrate click fraud templates to compromised systems. Source: http://www.darkreading.com/zeroaccess-click-fraud-botnet-back-in-action-again/d/d-id/1318865

24. January 28, Securityweek– (International) Apple fixes tens of vulnerabilities in OSX, iOS, Safari, Apple TV. Apple released updates for OSC, iOS, Safari and Apple TV addressing a total of 54 security issues and the disabling of all Flash Player plugins prior to versions 16.0.0.296 and 13.0.0.264 following recent reports of Adobe Flash Player zero-days. Source: http://www.securityweek.com/apple-fixes-tens-vulnerabilities-os-x-ios-safari-apple-tv

25. January 27, Threatpost – (International) GHOST glibc remote code execution vulnerability affects all Linux systems. Researchers with Qualys discovered a critical vulnerability in the Linux GNU C Library (glibc) known as GHOST that can be triggered by the library’s gethostbyname functions that could allow attackers to execute code and remotely gain control of Linux machines. Source: https://threatpost.com/ghost-glibc-remote-code-execution-vulnerability-affects-all-linux-systems/110679

Communications Sector

26. January 28, KENS 5 San Antonio – (Texas) Cut fiber cable causes service disruption for Bandera, Bexar counties. Internet and cellphone services were interrupted for an unknown number of AT&T, Verizon, Cricket, and Sprint customers January 28 in Bandera and Bexar counties in San Antonio after fiber cables were accidentally cut by another company. AT&T confirmed that service in Bandera was restored after several hours. Source: http://www.kens5.com/story/news/2015/01/28/bandera-bexar-internet-connection-cell-phone/22507575/

Thursday, January 29, 2015



Complete DHS Report for January 29, 2015

Daily Report

Top Stories

 • Health officials warned January 27 that an individual diagnosed with measles may have exposed as many as 195 children to the disease at the Phoenix Children’s East Valley Center between January 20 and 21. – Arizona Republic

19. January 28, Arizona Republic – (Arizona) Arizona measles outbreak reaches ‘critical point’. Two additional cases of measles were confirmed in Arizona January 27 and public health officials warned that one of the confirmed cases may have exposed as many as 195 children to the disease at the Phoenix Children’s East Valley Center between January 20 and 21. Source: http://www.usatoday.com/story/news/2015/01/28/arizona-measles-disneyland-outbreak-phoenix-children/22452491/

 • Police are searching for a man who planted an explosive device inside a Marshall’s store in Visalia, California, January 27 and waited for the device to detonate before he fled the scene with stolen merchandise. – Visalia Times-Delta

30. January 28, Visalia Times-Delta – (California) Explosive device planted in Visalia Marshall's. Police are searching for a man who planted an explosive device inside a Marshall’s store in Visalia January 27 and waited for the device to detonate before he used an emergency exit to flee the scene with stolen merchandise. Authorities are working to identify the explosive substance but believe the suspect may have placed dry ice in a plastic soda bottle and sealed the lid causing the bottle to expand and explode. Source: http://www.visaliatimesdelta.com/story/news/local/2015/01/28/explosive-device-planted-visalia-marshalls/22465081/

 • Police are investigating after gunshots shattered windows and caused thousands of dollars in damage at the Great American Tower at Queen City Square in Cincinnati, Ohio, over four separate occasions between January 19 and 26. – WXIX 19 Newport

32. January 27, WXIX 19 Newport – (Ohio) Police search for gunman shooting up Cincinnati's tallest skyscraper. Police are investigating after gunshots shattered windows and caused thousands of dollars in damage at Great American Tower at Queen City Square in Cincinnati over four separate occasions between January 19 and January 26, all of which have occurred after business hours. Police temporarily closed the Lytle Tunnel on northbound Interstate 71 January 26 and 27 and are working to determine if the shootings are coming from an area of the highway that routes along downtown Cincinnati and Fort Washington Way. Source: http://www.fox10tv.com/story/27947814/lytle-tunnel-shut-down-2nd-night-in-row-after-gunshots-fired

 • Three men crashed a vehicle into the Wells Fargo History Museum in downtown San Francisco January 27 with one suspect holding a guard at gunpoint while the others collected about $10,000 worth of gold nuggets before fleeing the scene. – Los Angeles Times

33. January 27, Los Angeles Times – (California) Masked men crash SUV into S.F. museum, steal 10 ounces of gold. Three masked men crashed a stolen vehicle into the Wells Fargo History Museum in downtown San Francisco January 27 with one suspect holding a guard at gunpoint while the others collected about $10,000 worth of historic gold nuggets before fleeing the scene in a second vehicle driven by an accomplice. Wells Fargo officials reported that the museum would reopen at a later date while police are investigating if the incident is related to similar smash-and-grab thefts involving vehicles in the area since May 2014. Source: http://www.latimes.com/local/lanow/la-me-ln-san-francisco-gold-nugget-heist-20150127-story.html

Financial Services Sector

5. January 27, Milwaukee Journal-Sentinel – (Wisconsin) Watertown insurance agent Loren Holzhueter ran $10 million Ponzi scheme, feds allege. A Watertown insurance agent and one of his companies were charged with five counts of securities fraud in federal court in Madison by the U.S. Securities and Exchange Commission for running a $10 million Ponzi scheme and failing to provide correct information to at least 122 investors on how their money was being used. Source: http://www.jsonline.com/business/holzhueter-ran-10-million-ponzi-scheme-feds-allege-b99434251z1-290003131.html

For another story, see item 31 below from the Commercial Facilities Sector

31. January 28, WBIW 1340 AM Bedford – (Indiana) French Lick Resorts report credit card breach. French Lick Resort officials warned some visitors that their personal and financial information may have been compromised after malware was introduced into the company’s payment system. The malware has since been removed and officials warned that only those visitors who used a payment card at the resort between April 23, 2014 and January 21, 2015 could be at risk. Source: http://www.wbiw.com/local/archive/2015/01/french-lick-resorts-reports-credit-card-breach.php

Information Technology Sector

25. January 28, Softpedia– (International) D-Link routers vulnerable to unauthorized DNS changing. A recently published proof-of-concept exploit from a security researcher at Ethical Hacker, illustrated a vulnerability found in DSL router model D-Link DSL-2740R, which allows remoter hackers to change the device’s domain name system (DNS) settings and redirect users to malicious online locations hosting malware or phishing pages. Source: http://news.softpedia.com/news/D-Link-Routers-Vulnerable-to-Unauthorized-DNS-Changing-471480.shtml

26. January 28, Securityweek – (International) Flash Player update patches two critical vulnerabilities. Adobe released an update in Flash Player to version 16.0.0.296 to address a zero-day vulnerability, CVE-2015-0311, the second of two previously unreported critical flaws that have been patched in the last week, that allows attackers to install malware by visiting compromised websites or malicious ads in their browsers. Source: http://www.securityweek.com/flash-player-update-patches-two-critical-vulnerabilities

27. January 28, Securityweek – (International) Serious vulnerability in Blackphone exposed messages, location. A security flaw in Silent Text, an instant messaging app available on the privacy-focused Blackphone, could be exploited by a remote attacker to execute arbitrary code and enable the complete control of a targeted device. The vulnerability has been closed by Blackphone and its developer Silent Circle. Source: http://www.securityweek.com/serious-vulnerability-blackphone-exposed-messages-location

28. January 27, Securityweek – (International) Apple to Patch Thunderstrike, vulnerabilities disclosed by Google. Apple released updates for its OS X operating system that includes patches for several vulnerabilities including a flaw in the software that enabled the Thunderstrike boot kit attack. Source: http://www.securityweek.com/apple-patch-thunderstrike-vulnerabilities-disclosed-google

For another story, see item 31 above in the Financial Services Sector

Communications Sector 

29. January 28, Contra Costa Times – (California) Antioch: Construction crew causes cable, Internet outage, Comcast says. Construction crews working near the border of Antioch and Pittsburg damaged several fiber optic cables causing cable service and Internet outages for an unknown number of Comcast customers in east Contra Costa for more than 6 hours January Source: http://www.contracostatimes.com/antioch/ci_27407764/antioch-construction-crew-causes-cable-internet-outage-comcast