Thursday, June 11, 2015




Complete DHS Report forJune 11, 2015

Daily Report

Top Stories


 • California Officials rejected an emergency permit application June 9 that Exxon Mobil Corp., had proposed to use semi-trucks to haul crude oil along Highway 101 to a refinery facility while crews repair a breach in Plains All American Pipeline’s Line 901. – Santa Barbara Independent

2. June 10, Santa Barbara Independent – (California) County denies ExxonMobil request to haul oil by truck. Santa Barbara County officials rejected an emergency permit application June 9 that Exxon Mobil Corp., had submitted requesting permission to use semi-trucks to haul up to 1,290,240 gallons of crude oil a day along Highway 101 to a refinery facility while crews repair a breach in Plains All American Pipeline’s Line 901, which spilled over 100,000 gallons into coastal waters in May. Source: http://www.independent.com/news/2015/jun/10/county-denies-exxonmobil-request-haul-oil-truck/

 • St. Mary’s Medical Center in Florida has suspended elective pediatric heart surgeries June 7 after an investigation revealed an abnormally high mortality rate within the hospital for the procedures, prompting a Federal probe into the hospital. – CNN

15. June 8, CNN – (Florida) Hospital suspends elective heart surgeries on children after CNN investigation. St. Mary’s Medical Center in West Palm Beach, Florida has suspended elective pediatric heart surgeries after an investigation revealed June 7 an abnormally high mortality rate within the hospital for the procedures, prompting a Federal probe into the hospital by Centers for Medicare and Medicaid Services. The hospital announced that it would launch a comprehensive review involving external experts. Source: http://www.cnn.com/2015/06/08/health/hospital-suspends-elective-heart-surgeries-on-children-after-cnn-investigation/

 • The White House press briefing room and portions of U.S. Senate Office Buildings in Washington, D.C., were evacuated June 9 after reports of suspicious packages and a phoned bomb threat. – NBC News

16. June 9, NBC News – (Washington, D.C.) White House briefing, two Senate buildings receive bomb threats. The White House press briefing room and portions of the Dirksen and Russell Senate Office Buildings were evacuated June 9 after a bomb threat was called in to the Metropolitan Police Department and suspicious packages were reported. Officials cleared the buildings in less than hour for re-entry. Source: http://www.nbcnews.com/news/us-news/capitol-police-clear-floor-senate-building-after-call-about-package-n372331

 • Los Angeles police commissioners issued June 9 a mixed ruling involving 2 police officers that fatally shot an unarmed man in August 2014, that found 1 officer’s actions justified while the other violated department policy. – Reuters

19. June 9, Reuters – (California) L.A. police commission says officer violated policy in shooting. Los Angeles police commissioners issued June 9 a mixed ruling involving 2 police officers that fatally shot an unarmed man in August 2014, that found 1 officer’s actions justified while the other violated department policy. The Los Angeles County District Attorney’s Office is investigating the incident further. Source: http://www.reuters.com/article/2015/06/09/us-usa-police-california-idUSKBN0OP2CX20150609

Financial Services Sector

5. June 9, Chicago Tribune – (Illinois) ‘Bandage Bandit’ strikes 8th bank in robbery. The FBI is offering a $10,000 reward for information leading to the capture of the suspect dubbed the “Bandage Bandit,” who allegedly robbed a Fifth Third Bank branch in Chicago June 9 and is tied to 7 other robberies or attempted robberies since March. Source: http://www.chicagotribune.com/news/local/breaking/ct-bandage-bandit-robberies-20150609-story.html

6. June 9, Orange County Register – (California) Fullerton man among three convicted in loan modification scheme. The co-owner Rancho Cucamonga, California-based 21st Century Legal Services Inc., and 2 co-defendants were convicted June 9 for their roles in a $7 million loan modification scheme that victimized over 4,000 distressed home owners who were falsely promised loan modifications and other services. Seven other defendants previously pleaded guilty in connection to the scheme. Source: http://www.ocregister.com/articles/fraud-665516-faces-mail.html

Information Technology Sector

20. June 10, Softpedia – (International) Microsoft patches zero-day used in targeted attacks. Microsoft released eight security bulletins, including vulnerability in Windows’ kernel-mode driver Win32k.sys that was leveraged by threat actors to elevate privileges and execute arbitrary code on affected machines. The bulletins also included two critical security patches for Internet Explorer and Windows Media Player that could have allowed the possibility of remote code execution. Source: http://news.softpedia.com/news/Microsoft-Patches-Zero-Day-Used-in-Targeted-Attacks-483879.shtml

21. June 10, Help Net Security – (International) Financial impact of SaaS storage breaches now $13.85 million. Findings from analysis in Elastica’s Shadow Data Report revealed that the direct financial impact of exposed data in software as a service models can be up to $13.85 million, and that 1.34 percent of all accounts had signs of malicious activities. Analysis also indicated that the healthcare industry suffers the highest frequency of policy violations due to leaks of protected health information, among other findings. Source: http://www.net-security.org/secworld.php?id=18493

22. June 10, Securityweek – (International) VMware fixes critical security issues in Workstation, Fusion, Horizon View. VMware published fixes for several memory manipulation issues and denial-of-service (DoS) vulnerabilities affecting its Workstation, Player, and Horizon View Client for Microsoft Windows. Source: http://www.securityweek.com/vmware-fixes-critical-security-issues-workstation-fusion-horizon-view

23. June 9, Softpedia – (International) DDoS attacks increase in Q2 2015, largest one over 253Gbps strong. Incapsula released findings from a report on distributed denial-of-service attacks in the second quarter of 2015 which revealed that powerful user datagram protocol (UDP) and synchronize (SYN) floods were the preferred method of network-layer attacks, while botnet-for-hire services were typically used to probe defenses. Incapsula reported that out of 56 percent of UDP and SYN floods seen, 8 percent were launched from “Internet of Things” (IoT) devices, among other findings. Source: http://news.softpedia.com/news/DDoS-Attacks-Increase-in-Q2-2015-Largest-One-Over-253Gbps-Strong-483814.shtml

24. June 9, Softpedia – (International) Flash Player 18.0.0.160 fixes 13 vulnerabilities. Adobe released updates for Flash Player addressing 13 security flaws, including vulnerabilities that could be leveraged for information disclosure, privilege escalation, and remote code execution, among others. Source: http://news.softpedia.com/news/Flash-Player-18-0-0-160-Fixes-13-Vulnerabilities-483817.shtml

Communications Sector

Nothing to report