Thursday, March 19, 2015



Complete DHS Report for  March 19, 2015

Daily Report

Top Stories

 • Cleanup is expected to last 3 weeks as crews worked to clear the area where 42,000 pounds of hazardous chemicals spilled from a semi-truck along U.S. Highway 40 on Rabbit Ears Pass in Steamboat Springs, Colorado, March 13. – Steamboat Pilot & Today

2. March 17, Steamboat Pilot & Today – (Colorado) Chemical spill cleanup continues on Rabbit Ears Pass. Crews worked March 17 to excavate the area where 42,000 pounds of hazardous chemicals spilled from an overturned semi-truck along U.S. Highway 40 on Rabbit Ears Pass in Steamboat Springs March 13, while standing water was being pumped into a large tank and contaminated dirt was being removed from the scene. Officials continue to assess the environmental impact and cleanup efforts are expected to last about 3 weeks. Source: http://www.steamboattoday.com/news/2015/mar/17/chemical-spill-clean-continues-rabbit-ears-pass/

  Kraft Foods Group announced March 17 a voluntary recall of about 242,000 cases of its Macaroni & Cheese Dinner product that were distributed throughout several countries due to the possibility that some boxes may contain metal fragments. – Washington Post

14. March 17, Washington Post – (International) Kraft recalls more than 6 million boxes of macaroni and cheese because they may contain metal. Kraft Foods Group announced March 17 a voluntary recall of about 242,000 cases containing 6.5 million boxes of its Macaroni & Cheese Dinner product that were distributed throughout the U.S., Puerto Rico, the Caribbean, and some South American countries due to the possibility that some boxes may contain metal fragments. The company warned consumers not to prepare and eat macaroni that comes in the original flavor, 7.25-ounce packages of the product. Source: http://www.washingtonpost.com/news/to-your-health/wp/2015/03/17/kraft-recalls-242000-cases-of-macaroni-and-cheese-because-they-may-contain-metal/

  Premera Blue Cross reported March 17 that hackers may have gained access to financial and personal information for 11 million customers following a cyber-attack that began in May 2014. – Reuters

19. March 17, Reuters – (National) Premera Blue Cross says data breach exposed medical data. Premera Blue Cross reported March 17 that hackers may have gained access to banking account numbers, Social Security numbers, and personal information for 11 million customers following a cyber-attack that began in May 2014. The health insurer is investigating and stated that this attack is unrelated to a previous Blue Cross Blue Shield breach in January. Source: http://www.nytimes.com/2015/03/18/business/premera-blue-cross-says-data-breach-exposed-medical-data.html

  Firefighters reached 70 percent containment March 17 of a fire that burned 22,300 acres in Woodward County, Oklahoma, and damaged or destroyed 25 structures causing an estimated $1.1 million in damage. – Enid News & Eagle

20. March 17, Enid News & Eagle – (Oklahoma) Wildfire damages $1.1 in Woodward area. Firefighters reached 70 percent containment March 17 of a fire that burned 22,300 acres in Woodward County, Oklahoma, and damaged or destroyed 25 structures causing an estimated $1.1 million in damage. Several people were evacuated March 16 and a stretch of Oklahoma 50 between Mooreland and Freedom was closed for several hours. Source: http://www.enidnews.com/news/update-wildfire-damages-in-woodward-area/article_a8ade7da-ccac-11e4-9cf0-871eee820f92.html

Financial Services Sector

6. March 17, KMGH 7 Denver – (Colorado) Thief dubbed ‘Longhorn Bandit’ robs Westerra Credit Union in Arvada, police say. Authorities are searching for a suspect dubbed the “Longhorn Bandit”, who allegedly robbed a Westerra Credit Union branch in Arvada March 17 and is believed to be linked to 5 other bank robberies in the area. Source: http://www.thedenverchannel.com/news/local-news/man-robs-westerra-credit-union-in-arvada-police-say-suspect-fled-scene-in-black-4-door-sedan03172015

For additional stories, see items 19 above in Top Stories and 29 below in the Information Technology Sector

Information Technology Sector

27. March 18, Securityweek – (International) Apple fixes WebKit vulnerabilities with release of Safari 8.0.4. Apple released Safari versions 8.0.4, 7.1.4, and 6.2.4 which address a total of 16 memory corruption issues that were identified in WebKit, by Apple’s own security team and Google Chrome Security Team, and included a user interface inconsistency. Source: http://www.securityweek.com/apple-fixes-webkit-vulnerabilities-release-safari-804

28. March 18, Securityweek – (International) Johnson Controls, XZERES, Honeywell patch vulnerable products. The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) announced that Johnson Controls, Honeywell, and XZERES released patches addressing vulnerabilities in their products which can be exploited by an attacker to gain administrative access and compromise affected systems through a cross-site request forgery (CSRF) flaw, an unrestricted file upload vulnerability, or a path traversal vulnerability. Source: http://www.securityweek.com/johnson-controls-xzeres-honeywell-patch-vulnerable-products

29. March 18, Softpedia – (International) Almost 2,000 popular Android and iOS apps are vulnerable to FREAK attack. FireEye researchers discovered that 1,999 popular Android and Apple iOS apps used for photo and video, financial, lifestyle, social networking, communication, or shopping are susceptible to the Factoring RSA-Export Key (FREAK) attack which weakens encryption due to a vulnerable build of OpenSSL cryptographic library. The apps all contain sensitive information including data related to online banking, account log-in credentials, or medical information. Source: http://news.softpedia.com/news/Almost-2-000-Popular-Android-and-iOS-Apps-Are-Vulnerable-to-FREAK-Attack-476101.shtml

30. March 17, Softpedia – (International) Windows Live SSL certificate issued to unauthorized third party. Microsoft released an advisory warning of a fraudulent certificate for the Finnish Windows Live domain which is generated by the Certificate Authority (CA) Comodo following an unauthorized request from a privileged email account which can be used by hackers to spoof Microsoft Web content and carry out man-in-the-middle (MitM) and phishing attacks. The certificate affects systems running certain Windows and Server versions, as well as Windows Phone 8 and Windows Phone 8.1. A standalone updater is available for revoked certificate. Source: http://news.softpedia.com/news/Windows-Live-SSL-Certificate-Issued-to-Unauthorized-Third-Party-476020.shtml

Communications Sector

See item 29 above in the Information Technology Sector