Monday, March 23, 2015



Complete DHS Report for  March 23, 2015

Daily Report

Top Stories

 · Authorities arrested a woman in Hartford March 19 after she escaped from prison and allegedly robbed 5 banks in Connecticut during a 2-week period in February. – WVIT 30 New Britain See item 5 below in the Financial Services Sector

 · U.S. Highway 26 in Clackamas County, Oregon, was closed for about 15 hours March 19 while authorities investigated an explosion near a car parked along the highway that killed 1 person. – KATU 2 Portland

8. March 20, KATU 2 Portland – (Oregon) One dead, explosion on Highway 26 near Welches. U.S. Highway 26 in the Rhododendron area of Clackamas County, Oregon, was closed for about 15 hours March 19 while authorities investigated an explosion near a car parked along the highway that killed 1 person. The area was rendered clear after a bomb squad found no further threats or explosives at the scene, and residue from the blast was sent to a lab to determine if it is explosive material or from an improvised explosive device. Source: http://www.katu.com/news/local/Highway-26-closed-for-report-of-explosion-296906581.html

 · At least 12 Indianapolis businesses remained without power March 20 after a series of underground explosions March 19 knocked out service and prompted the evacuation of residents from the Senate Manor apartment complex. – WISH 8 Indianapolis

23. March 20, WISH 8 Indianapolis – (Indiana) Downtown explosions cause businesses to close, apartments to evacuate. At least 12 downtown Indianapolis businesses remained without power March 20 after a series of underground utility explosions March 19 knocked out service in the area. The explosions also prompted the evacuation of dozens of residents from the Senate Manor apartment complex for several hours when the building lost power and suffered a carbon monoxide leak due to the blasts’ impact. Source: http://wishtv.com/2015/03/19/downtown-blast-forces-businesses-to-close-and-apartments-to-evacuate/

 · A suspect was arrested after a 4-hour search for allegedly killing 1 individual and wounding 5 others in a March 18 shooting rampage that started at the Tri City Inn motel in Mesa, Arizona, and spread to a nearby restaurant and 2 apartment complexes. – Reuters

24. March 19, Reuters – (Arizona) Suspect in fatal Arizona shooting rampage appears in court. Authorities arrested and charged a suspect that is accused of killing 1 individual and wounding 5 others in a March 18 shooting rampage that started at the Tri City Inn motel in Mesa, Arizona, and spread to a nearby restaurant and 2 apartment complexes in the area. The suspect was captured inside a vacant condominium following a 4-hour search by police. Source: http://www.reuters.com/article/2015/03/19/us-usa-arizona-shooting-idUSKBN0MF2BE20150319

Financial Services Sector

4. March 19, USA Today – (National) BNY Mellon to pay $714M to settle currency suits. The Bank of New York Mellon (BNY) agreed March 19 to a $714 million settlement with the U.S. Department of Justice, the State of New York, the U.S. Securities and Exchange Commission, the U.S. Department of Labor, and private investors to resolve allegations that the bank had misrepresented pricing to its clients in foreign exchange markets for years by claiming to provide them with the best rates while giving them the worst margin prices instead. The bank’s own rates became more favorable and profitable from the difference between the higher rates assigned to customers and their own foreign exchange trade rates. Source: http://www.usatoday.com/story/money/2015/03/19/bny-mellon-foreign-exchange-settlement/25034111/

5. March 19, WVIT 30 New Britain – (Connecticut) Woman charged in string of bank robberies. Authorities arrested a woman in Hartford March 19 after she escaped from prison and allegedly robbed 5 banks in Wallingford, East Hartford, Wethersfield, Vernon, and Cromwell during a 2-week period in February. Authorities were able to link her to the crimes after she left behind a pair of gloves and a bag of stolen cash. Source: http://www.nbcconnecticut.com/news/local/Suspected-Female-Serial-Bank-Robber-in-Custody-Sources-296849551.html

Information Technology Sector

20. March 19, Softpedia – (International) Zero-days for Firefox, IE 11, Adobe’s Flash and Reader exploited at Pwn2Own 2015. Security researchers leveraged multiple zero-day vulnerabilities to exploit 13 undisclosed bugs in Adobe’s Flash and Reader, Mozilla’s Firefox, and Microsoft’s Internet Explorer 11 to take control of compromised systems through various methods which included, heap overflow remote code execution, a cross-origin vulnerability, and a use-after-free (UAF) remote code execution, among others at Hewlett Packard and Google Project Zero’s Pwn2Own hacking competition. Source: http://news.softpedia.com/news/Zero-Days-for-Firefox-IE-11-Adobe-s-Flash-and-Reader-Exploited-at-Pwn2Own-2015-476239.shtml

21. March 19, Softpedia – (International) OpenSSL’s undisclosed high-severity issue is far from FREAK, POODLE, or Heartbleed. OpenSSL released an update for its cryptographic library addressing one high severity denial-of-service (DoS) vulnerability affecting version 1.0.2 that could allow a NULL pointer dereference to occur. The update also addressed a number of other moderate vulnerabilities affecting several OpenSSL versions including segmentation faults and an issue with processing Base64 encoded data. Source: http://news.softpedia.com/news/OpenSSL-s-Undisclosed-High-Severity-Issue-Is-Far-from-FREAK-POODLE-or-Heartbleed-476254.shtml

22. March 19, IDG News Service – (International) At least 700,000 routers given to customers by ISPs are vulnerable to hacking. A security researcher discovered that over 700,000 ADSL routers, mostly running firmware from the China-based Shenzhen Gongjin Electronics, doing business as T&W trademark, and distributed to customers from internet service providers (ISPs) worldwide, contain directory transversal flaws in their firmware that could allow attackers to extract sensitive data and change router configuration settings. The researcher notified the firmware developer, affected device vendors, and the U.S. Computer Emergency Readiness Team (US-CERT). Source: http://www.networkworld.com/article/2899733/security/at-least-700000-routers-given-to-customers-by-isps-are-vulnerable-to-hacking.html#tk.rss_all

Communications Sector

Nothing to report