Tuesday, April 21, 2015



Complete DHS Report for April 21, 2015

Daily Report

Top Stories

 · The U.S. Department of Transportation announced an emergency order April 17, making it a requirement for trains carrying crude oil and other flammable liquids to reduce speeds to no more than 40 mph in urban areas, in addition to several other requirements. – Associated Press

11. April 17, Associated Press – (National) Transportation Department issues safety measures for trains hauling oil, flammable liquids. The U.S. Department of Transportation announced an emergency order April 17 to help improve safety measures for trains, making it a requirement for trains carrying crude oil and other flammable liquids to reduce speeds to no more than 40 mph in urban areas. The department also issued an advisory to railroads to strengthen its procedures for checking flaws in train wheels, among other requirements. Source: http://www.newser.com/article/bb3750a7e17e47a79157355e04ec27d9/transportation-department-issues-safety-measures-for-trains-hauling-oil-flammable-liquids.html

 · Crews reached 35 percent containment of a wildfire April 19 that burned through 1.6 square miles and prompted the evacuation of about 300 homes along the border of the cities of Norco and Corona in California. – CBS News; Associated Press (See item 20)

20. April 20, CBS News; Associated Press – (California) Cooking fire blamed for “explosive” California wildfire. The California Department of Forestry and Fire Protection announced April 19 that an unattended cooking fire sparked a wildfire that burned through 1.6 square miles and prompted the evacuation of about 300 homes along the border of the cities of Norco and Corona. Crews reached 35 percent containment of the fire that also burned in the Prado Dam Flood Control Basin. Source: http://www.cbsnews.com/news/cooking-fire-blamed-for-explosive-california-wildfire/

 · The FBI and the U.S. Department of Justice acknowledged that nearly every investigator in the FBI’s microscopic hair comparison forensic unit gave flawed testimony favoring prosecutors in hundreds of trials for more than two decades prior to 2000. – Washington Post

22. April 20, Washington Post – (National) FBI admits flaws in hair analysis over decades. The FBI and the U.S. Department of Justice acknowledged that nearly every investigator in the FBI’s microscopic hair comparison forensic unit gave flawed testimony favoring prosecutors in hundreds of trials for more than two decades prior to 2000. The FBI and the U.S. Department of Justice are continuing their investigations and are working to notify all defendants affected by the errors. Source: http://www.msn.com/en-us/news/us/fbi-admits-flaws-in-hair-analysis-over-decades/ar-AAbgTt6

 · At least 6 businesses in Belmont, Massachusetts, suffered damage or were destroyed by a 3-alarm fire April 18 that caused over $1 million in damages. – Boston Globe (See item 28)

28. April 20, Boston Globe – (Massachusetts) Fire destroys one Belmont business, damages others. At least 6 businesses in Belmont, Massachusetts, suffered damage or were destroyed by a 3-alarm fire that broke out inside a convenience store April 18 and spread throughout the structure and into adjacent businesses. The cause of the fire remains under investigation, and damage was estimated to total more than $1 million. Source: http://www.bostonglobe.com/metro/2015/04/19/fire-causes-million-damage-belmont-businesses/u672mqnXY7J1Q7wXBJuqCP/story.html

Financial Services Sector

7. April 20, SC Magazine – (Indiana) Data at risk for 9,000 individuals following unauthorized access to SRI Inc. website. Indiana-based SRI Incorporated notified approximately 9,000 individuals that their personal information, as well as tax identification numbers, bank account and routing numbers, and Social Security numbers, may have been breached after new files were added to the software behind the company’s auction Web site, enabling unauthorized access to users to post and delete files. The company is investigating the incident and removed all personal information from its system. Source: http://www.scmagazine.com/data-at-risk-for-9000-individuals-following-unauthorized-access-to-sri-inc-website/article/409793/

8. April 17, Los Angeles Business Journal – (California) True religion subcontractors charged with insurance fraud. The California Department of Insurance charged three subcontractors of True Religion Brand Jeans, who were the heads of garment factories Meriko Inc., and SF Apparel Inc., along with their accountant, for alleged compensation insurance fraud totaling over $11 million in losses. The group reportedly conspired to avoid paying workers’ compensation insurance premiums and underreported $78.5 million in payroll to several insurers, including the State Compensation Insurance Fund. Source: http://www.bizjournals.com/losangeles/news/2015/04/17/true-religion-subcontractors-charged-with.html?page=all

For another story, see item 26 below in the Information Technology Sector

Information Technology Sector

25. April 20, Softpedia – (International) Russian hackers exploit Windows, Flash Player zero-day flaws in targeted attack. Microsoft is working to patch a privilege escalation flaw in its operating system (OS) affecting Windows 7 and earlier products after FireEye researchers reported the zero-day attack, allegedly run by a Russian group dubbed APT28, on Adobe Flash Player that relies on the Flash vulnerability to gain access to the targeted system. Adobe released a patch addressing the flaw with its current version of Flash Player. Source: http://news.softpedia.com/news/Russian-Hackers-Exploit-Windows-Flash-Player-Zero-Day-Flaws-in-Targeted-Attack-478836.shtml

26. April 20, Softpedia – (International) New variant of Upatre malware downloader integrates full SSL encryption. Talos researchers discovered new versions of the Upatre malware that adopts encrypted communication with command and control (C&C) servers, including a version that uses secure sockets layer (SSL) cryptographic protocol to hide the type of data flowing between the infected client and the C&C server. The new version of the malware downloads the payload in the background while the communication is encrypted. Source: http://news.softpedia.com/news/New-Variant-of-Upatre-Malware-Downloader-Integrates-Full-SSL-Encryption-478845.shtml

Communications Sector

27. April 19, Austin American-Statesmen – (Texas) Storms knock 3 Austin TV stations off the air. KXAN 36 Austin, KNVA 54 Austin, and KBVO 14 Austin were knocked off air for several hours April 18-19 due to a power outage prompted by heavy storms in central Texas. Source: http://tvradio.blog.austin360.com/2015/04/19/storms-knock-3-austin-tv-stations-off-the-air/