Monday, February 23, 2015



Complete DHS Report for February 23, 2015

Daily Report

Top Stories
 
 · Virginia Express commuter trains, Metro, and Amtrak trains running along the Northeast corridor were delayed or forced to run on a reduced schedule February 20 due to issues triggered by cold temperatures. – Associated Press; WJLA 7 Washington, D.C.

3. February 20, Associated Press; WJLA 7 Washington, D.C. – (National) Bitter cold causes cracked rails, more major delays on Metro, Amtrak, VRE. Virginia Express commuter trains, Metro, and Amtrak trains running along the Northeast corridor including Virginia and Washington, D.C., were delayed or forced to run on a reduced schedule February 20 after cracked rails and switch issues that were triggered by cold temperatures. Source: http://www.wjla.com/articles/2015/02/another-day-of-extremely-cold-weather-causes-metro-amtrak-delays-111622.html

 · Classes were canceled across schools in the district February 20 after 400 students had their feet and shoes decontaminated at Winnemucca Junior High School in Nevada after a student took a salt shaker filled with mercury to school. – Reno Gazette-Journal

14. February 20, Reno Gazette-Journal – (Nevada) School canceled in Winnemucca after mercury scare. Classes were canceled across schools in the district February 20 after 400 students had their feet and shoes decontaminated on the football field of Winnemucca Junior High School in Nevada after a student took a salt shaker filled with mercury to the school February 19 leaving trails of it through the hallways and on the school bus. Three other schools in the area were placed under a precautionary lockdown to ensure the mercury did not travel to other schools. Source: http://www.rgj.com/story/news/2015/02/19/mercury-spill-prompts-lockdown-winnemucca-school/23701433/

  · At least 15 inmates at Ironwood State Prison in California were injured following a riot February 13 that began when about 120 inmates began fighting in a dining hall. – Palo Verde Valley Times/Quartzsite Times

18. February 19, Palo Verde Valley Times/Quartzsite Times – (California) Another prison riot at Ironwood. At least 15 inmates at Ironwood State Prison in Blythe, California, were injured following a riot February 13 when about 120 inmates began fighting in the D yard dining hall. Prison staff deployed several less lethal force options in an attempt to quell the disturbance including OC pepper spray, blast dispersion grenades, and expandable batons. Source: http://paloverdevalleytimes.com/main.asp?SectionID=1&SubSectionID=1&ArticleID=21103

  · Illinois officials announced that Baldwin Lake reopened February 19 following a 15-day closure that was initiated after about 100,000 gallons of untreated wastewater spilled into the reservoir. – Belleview News-Democrat

25. February 19, Belleville News-Democrat – (Illinois) Two weeks after sewage spill, Baldwin Lake reopens. The Illinois Department of Natural Resources announced that Baldwin Lake in the Kaskaskia River State Fish and Wildlife Area reopened February 19 following a 15-day closure that was initiated after about 100,000 gallons of untreated wastewater spilled into the reservoir. A fractured air release valve was replaced and water samples showed the lake is safe for public recreation. Source: http://www.bnd.com/2015/02/19/3670419_two-weeks-after-sewage-spill-baldwin.html

Financial Services Sector

2. February 20, Softpedia – (National) Tax related spear-phishing aims at CTOs in tech companies. Security researchers at Talos discovered a new phishing campaign targeting chief technology officers (CTOs) with malicious attachments disguised as Microsoft Word documents laced with macros that funnel in the Vawtrak banking trojan, which can capture user credentials for more than 100 online services. The emails purport to be related to large sum payment details and federal taxes, with some appearing to originate from fake government addresses. Source: http://news.softpedia.com/news/Tax-Related-Spear-Phishing-Aims-At-CTOs-In-Tech-Companies-473772.shtml

Information Technology Sector

19. February 20, Softpedia – (International) Commercial spyware found in enterprise environment. Security researchers at Lacoon Mobile Security and Check Point discovered 18 different commercial remote access trojan (mRAT) spying tools that connect to the company’s Wi Fi and communicate with the command and control (C&C) server on 1,000 of 900,000 corporate mobile devices tested. The spyware, generally marketed for monitoring children, allows employers to track the location of users, log activity on the device, access emails, texts, and contacts, and possibly activate the device’s microphone for recording. Source: http://news.softpedia.com/news/Commercial-Spyware-Found-in-Enterprise-Environment-473785.shtml

20. February 20, The Register – (International) Hackers now popping Cisco VPN portals. An Australian hacker reported a flaw that allows attackers to crack customized Cisco virtual private networks (VPNs) to steal credentials, inject malware, modify Clientless Secure Sockets Layer (SSL) and VPN portal content, and launch cross-site scripting (XSS). Cisco stated that the flaw was due to improper implementation of authentication checks in the customization framework of Clientless SSL VPN portal versions earlier than October 8, 2014 and recommended customers follow their incident response process. Source: http://www.theregister.co.uk/2015/02/20/hackers_popping_cisco_vpn_portals/

21. February 19, Softpedia – (International) Android malware takes over device’s shutdown process. AVG security researchers discovered a new mobile malware strain affecting Android devices that hijacks the shutdown process and obtains root permission to run nefarious activities such as initiating calls or taking pictures while the phone appears to be off. Source: http://news.softpedia.com/news/Android-Malware-Takes-Over-Device-s-Shutdown-Process-473705.shtml

For another story, see item 2 above in the Financial Services Sector

Communications Sector

22. February 19, WSAZ 3 Huntington – (West Virginia) Frontier continues to work on damaged cables near train derailment. Frontier Communications technicians continued to work with railroad and public safety officials February 19 to replace fiber-optic cables that were damaged by a train derailment in Fayette County during the week of February 16. A representative reported that broadband service was restored February 18 but voice-service was still down while additional repairs were being made. Source: http://www.wsaz.com/news/headlines/Frontier-Continues-to-Work-on-Damaged-Cables-near-Train-Derailment-292736621.html

For additional stories, see items 2 above in the Financial Services Sector and 21 above in the Information Technology Sector