Complete DHS Report for
May 6, 2015
Daily Report
Top Stories
· The
Youngstown, Ohio wastewater treatment plant was evacuated May 4 when liquid
chlorine began leaking from a pipe as workers were trying to switch one-ton
tanks of the chemical, causing a loss of about 500 pounds of the substance. – WKBN
27 Youngstown
13. May 4,
WKBN 27 Youngstown – (Ohio) Chlorine leak stopped at Youngstown
wastewater plant. The Youngstown wastewater treatment plant in Ohio was
evacuated May 4 when liquid chlorine began leaking from a pipe as workers were
trying to switch one-ton tanks of the chemical, causing a loss of about 500
pounds of the substance. Residents near the facility were ordered to
shelter-in-place while crews remained in the building until the liquid chlorine
warmed up and dissipated after it froze into large puddles on the floor instead
of evaporating into the air. Source: http://wkbn.com/2015/05/04/chlorine-leak-causes-evacuation-at-youngstown-water-plant/
· A water
line rupture forced 13 schools in Donna, Texas, to close May 4 after water was
shut off to schools in the district while crews worked to repair the break. – McAllen
Monitor
16. May 4,
McAllen Monitor – (Texas) Boil water notice in effect for Donna after water
line break. A water line rupture forced 13 schools in Donna, Texas, to
close May 4 after water was shut off to the schools in the district while crews
worked to repair the break. The city was issued a boil water advisory until
further notice due to low water pressure. Source: http://www.themonitor.com/news/local/water-line-break-forces-several-donna-schools-to-close-for/article_551858ec-f26f-11e4-8e18-7381ac34f76d.html
· Operations
at the Beltsville, Maryland fire station were moved to a neighboring station
indefinitely after the station was closed when 300 gallons of kitchen waste was
discovered May 1 due to a broken sewage pipe. – WUSA 9 Washington, D.C.
20. May 4,
WUSA 9 Washington, D.C. – (Maryland) 300 gallons of sewage closes
Beltsville fire station. Personnel and operations at the Beltsville fire
station in Maryland were moved to the Calvert Station indefinitely after the
station was closed when 300 gallons of kitchen waste was discovered underneath
the kitchen floor May 1 due to a broken sewage pipe. Officials reported that
repairs were underway. Source: http://www.wusa9.com/story/news/local/maryland/2015/05/04/sewage-leak-beltsville-fire-house/26867425/
· A May 4
fire at a strip shopping center in Hollywood, Florida, destroyed three businesses
and damaged two others, while smoke filled about six additional businesses that
were safely evacuated. – South Florida Sun-Sentinel
26. May 5, South Florida Sun-Sentinel – (Florida) Fire
rips through Hollywood shopping center, destroys three businesses. A May 4
fire at a strip shopping center in Hollywood, Florida, destroyed three
businesses and damaged two others, while smoke filled about six additional
businesses that were safely evacuated. Firefighters remained at the scene May 5
to extinguish hot spots, while officials launched an investigation into the
cause of the blaze. Source: http://www.sun-sentinel.com/local/broward/hollywood/fl-hollywood-plaza-fire-20150504-story.html
Financial Services Sector
4. May 4,
KMGH 7 Denver – (Colorado) Longhorn Bandit strikes again: Suspect
robs credit union in Broomfield; 9th target, FBI says. Denver authorities
are searching for a suspect dubbed the “Longhorn Bandit” who is allegedly
responsible for six bank robberies, one casing, and two attempted robberies in
the area since February. The suspect’s most recent robbery included a Public
Service Credit Union branch in Broomfield May 4. Source: http://www.thedenverchannel.com/news/local-news/longhorn-bandit-strikes-again-suspect-robs-credit-union-in-broomfield-9th-target-fbi-says05042015
For another story, see item 24 below
in the Information Technology Sector
Information Technology Sector
22. May 5, Help Net Security – (International) New
AlphaCrypt ransomware delivered via Angler EK. Security researchers at
Webroot and Rackspace discovered and determined that a new form of ransomware
resembling TeslaCrypt and CryptoWall, dubbed AlphaCrypt, is being delivered via
the Angler exploit kit (EK). Researchers stated that it differs from other
ransomware variants by deleting volume snapshot services (VSS) and executing
quietly in background processes to avoid detection. Source: http://www.net-security.org/malware_news.php?id=3033
23. May 5, Help Net Security – (International) New
infostealer tries to foil analysis attempts by wiping hard drive. Security
researchers from Cisco discovered a new information-stealing trojan dubbed
Romberik, which is being delivered via spoofed emails purporting to be from the
“Windows Corporation,” and hooks into users’ browsers to read credentials and
other sensitive information for exfiltration to an attacker-controlled server.
If the trojan detects an analysis attempt, it attempts to destroy the affected
computer’s hard disk by overwriting the system’s master boot record (MBR).
Source: http://www.net-security.org/malware_news.php?id=3032
24. May 5, IDG News Service – (International) Cybercriminals
borrow from APT playbook in attack against PoS vendors. Security
researchers at RSA and FireEye reported cybercriminals began mimicking
cyberespionage advanced persistent threat (APT) groups by deploying
spear-phishing campaigns designed to infect point-of-sale PoS payment systems.
The attacks delivered the Vawtrak banking trojan and a new document-based
exploit kit (EK) called Microsoft Word Intruder (MWI). Source: http://www.networkworld.com/article/2918733/cybercriminals-borrow-from-apt-playbook-in-attack-against-pos-vendors.html#tk.rss_all
25. May 5, Help Net Security – (International) Crimeware
infects one-third of computers worldwide. The Anti-Phishing Working Group
(APWG) reported that 23.5 million malware variants were detected in the fourth
quarter of 2014, setting a new record that was up 59 percent from the second
quarter of 2014. According to researchers, the retail/service industry was the
most targeted sector, specifically through payment services. Source: http://www.net-security.org/secworld.php?id=18346
Communications Sector