Complete DHS Report for March
13, 2015
Daily Report
Top Stories
· Michigan
officials announced March 11 that an accident and explosion involving 2 cars
and a semi-truck on Interstate 94 prompted the total closure of the highway
March 16. – MLive.com
6. March 12,
MLive.com – (Michigan) MDOT: I-94 east at Southfield Freeway closed
through weekend following Dearborn tanker explosion. The Michigan
Department of Transportation announced March 11 that an accident and explosion
involving 2 cars and a semi-truck hauling 13,000 gallons of gasoline and diesel
fuel near eastbound Interstate 94 prompted the total closure of the highway
from the Southfield Freeway, M-39, in Dearborn to Interstate 96 in Detroit
through March 16. The accident caused an explosion and authorities worked to
clear the debris and ensure the gasoline and fuel did not cause any further
fires. Source: http://www.mlive.com/news/detroit/index.ssf/2015/03/mdot_i-94_east_at_southfield_f.html
· Federal
authorities confirmed March 11 that 40,020 turkeys in Boone County, Arkansas,
were infected with the highly pathogenic H5N2 avian influenza strain, prompting
foreign importers to halt turkey imports. – Reuters
10. March
12, Reuters – (International) Highly pathogenic bird flu
confirmed in Arkansas turkeys: USDA. The U.S. Department of Agriculture
confirmed March 11 that 40,020 turkeys in Boone County, Arkansas, at a
commercial farm flock that supplies Tyson Foods Inc., Pilgrim’s Pride Corp, and
Sanderson Farms Inc., were infected with the same highly pathogenic H5N2 avian
influenza strain that was recently identified in Minnesota and Missouri. The
affected premises were quarantined and the infected birds will be culled, while
foreign importers have halted turkey imports from Arkansas as a result. Source:
http://www.reuters.com/article/2015/03/12/us-birdflu-arkansas-turkeys-idUSKBN0M720S20150312
· Officials
announced March 10 that 11 individuals from Michigan, Texas, and Ohio were
charged with identify theft and credit card fraud after a Blue Cross Blue
Shield employee allegedly shared the information of over 5,000 subscribers. – Detroit
News; Associated Press
14. March
11, Detroit News; Associated Press – (Michigan; Texas; Ohio) 11
charged in Blue Cross ID theft, fraud. Officials announced March 10 that 11
individuals from Michigan, Texas, and Ohio were charged with identify theft and
credit card fraud after a Blue Cross Blue Shield of Michigan employee allegedly
shared screenshots of 5,514 subscriber profiles with the group, who used the
personal information to apply for credit cards, gift cards, and to purchase
merchandise at retailers. Source: http://www.detroitnews.com/story/business/2015/03/10/charged-theft-blue-cross-subscriber-info/24711063/
· Water
service to the State Correctional Institution at Albion in Pennsylvania was cut
off after a leak in a valve on the prison’s water tower discharged over 3
million gallons March 8. – Associated Press
18. March 12, Associated Press – (Pennsylvania) Leak
forces inmates to use portable toilets, trucked water. Water service to the
State Correctional Institution at Albion in Pennsylvania was cut off after a
leak in a valve on the prison’s water tower discharged over 3 million gallons
March 8. Repairs began March 11 while prison officials suspended inmate visits
and transfers after providing bottled drinking water and 120 portable toilets
and several water trucks for bathing. Source: http://www.wfmj.com/story/28403341/leak-forces-inmates-to-use-portable-toilets-trucked-water
Financial Services Sector
5. March
11, U.S. Department of Justice – (Connecticut) RBS trader admits
defrauding customers in multimillion dollar securities fraud scheme. A
former trader at Royal Bank of Scotland Securities Inc., (RBS) pleaded guilty
March 11 to his role in a securities fraud scheme in which he and
co-conspirators defrauded at least 20 victim firms out of millions of dollars
by misrepresenting collaterized loan obligation bond prices to buyers and
sellers to increase RBS’ profits, often creating fictitious third party sellers
that enabled RBS to collect extra commissions on sales. Some of the victimized
firms were affiliated with recipients of federal bailout funds through the
Troubled Asset Relief Program. Source: http://www.justice.gov/opa/pr/rbs-trader-admits-defrauding-customers-multimillion-dollar-securities-fraud-scheme
For additional stories, see item 14 above in Top
Stories and item 19 below in the Information Technology
Sector
Information Technology Sector
19. March 12,
Help Net Security – (International) 2,400 unsafe mobile apps found in average
large enterprise. Veracode researchers found that hundreds of thousands of
mobile applications installed in corporate environments across multiple
industries revealed the average global enterprise contains approximately 2,400
unsafe applications in its mobile environment, including apps that expose
sensitive data, perform suspicious security actions, or retrieve or share
personal information about users. Source: http://www.net-security.org/secworld.php?id=18075
20. March 12,
Help Net Security – (International) Cyber crooks take advantage of ad bidding
networks to deliver ransomware. Security researchers at FireEye discovered
that malware distributors are leveraging Real Time Bidding networks that are
either compromised or controlled entirely by attackers to deliver Cryptowall
and other ransomware variants and gain information about victims’ geographic
locations, operating systems (OS), and browsers. The malvertising campaign has
been active since February 4. Source: http://www.net-security.org/malware_news.php?id=2987
21. March 11,
SC Magazine – (International) Self-deleting malware targets home routers to
gather information. Trend Micro researchers identified malware called
VICEPASS that infects users’ systems via a fake Adobe Flash update, connects to
their home routers using a predefined list of usernames and passwords, and
attempts to spread to every device on their networks before sending information
to a command-and-control (C&C) server and deleting itself. The researchers
believe that the malware could be a reconnaissance tool for larger campaigns.
Source: http://www.scmagazine.com/malware-that-connects-to-home-routers-deletes-itself-without-a-trace/article/403050/
22. March 11,
USA Today – (International) Apple’s iTunes, App Store reopen after long
outage. Apple restored service to its iTunes, App Store, Mac App Store, and
iBooks store March 11 after an internal domain name system (DNS) error brought
the services down globally for approximately 12 hours. Source: http://www.usatoday.com/story/tech/2015/03/11/apple-itunes-down/70143594/
23. March 11,
Securityweek – (International) Dropbox Android SDK flaw exposes mobile users
to attack: IBM. Researchers at IBM Security discovered a flaw, dubbed
DroppedIn, in the Dropbox app’s Android software development kit (SDK) that
could have enabled attackers to connect to mobile apps using the kit to a
Dropbox account they control, and transfer sensitive information or inject
malicious data into apps. Dropbox released a fix for the vulnerability that was
distributed to other apps that use the same SDK. Source: http://www.securityweek.com/dropbox-android-sdk-flaw-exposes-mobile-users-attack-ibm
24. March 11,
Securityweek – (International) Intel Security launches new critical
infrastructure security platform. Intel Security announced the Intel
Security Critical Infrastructure Protection (CIP) platform, developed in a
joint project with Wind River, designed to protect new and legacy
infrastructure within electric power grids by separating security management
functions of the platform from operational applications, enhancing device
identity, malware, data protection, and resiliency. The company stated that CIP
can be leveraged across multiple industries and uses. Source: http://www.securityweek.com/intel-security-launches-new-critical-infrastructure-security-platform
Communications Sector
See item 19 above in the Information Technology
Sector