Tuesday, June 30, 2015




Complete DHS Report for June 30, 2015

Daily Report

Top Stories

 · Approximately 19,000 DTE Energy customers were still without power June 29 after strong winds and rain June 27 knocked out service to 158,000 homes and businesses across southeast Michigan. – Detroit Free Press

1. June 29, Detroit Free Press – (Michigan) 19,000 in metro Detroit still without power after rain, wind. Approximately 19,000 DTE Energy customers were still without power June 29 after strong winds and rain June 27 knocked out power to 158,000 customers across southeast Michigan. Officials reported that most customers will have service restored June 29. Source: http://www.freep.com/story/news/local/michigan/detroit/2015/06/27/power-outages-southeast-michigan/29412193/

 · All American Pipeline officials reported June 26 that oil from a 101,000 gallon spill in May in Santa Barbara, California had spread over 100 miles to Los Angeles County beaches. – Associated Press

5. June 26, Associated Press – (California) Report: oil from Santa Barbara spill spread to Redondo Beach. Plains All American Pipeline officials reported June 26 that oil from a 101,000 gallon spill in May in Santa Barbara, California had spread over 100 miles to Los Angeles County beaches, including Manhattan Beach near Redondo. Source: http://www.orovillemr.com/business/20150626/report-oil-from-santa-barbara-spill-spread-to-redondo-beach

 · A foreign national was charged with allegedly scheming to file hundreds of fraudulent tax returns using the stolen identities of thousands of University of Pittsburgh Medical Center employees in an indictment unsealed June 26. – Pittsburgh Post-Gazette

18. June 26, Pittsburgh Post-Gazette – (International) Foreign national indicted on charges of defrauding IRS in UPMC data breach. The U.S. attorney’s office announced June 26 the indictment of a foreign national for allegedly taking part in an international scheme to file hundreds of fraudulent tax returns using the stolen identities of thousands of University of Pittsburgh Medical Center employees. Prosecutors claim at least three others were involved in the conspiracy, and the investigation is ongoing. Source: http://www.post-gazette.com/local/region/2015/06/26/Venezuelan-indicted-on-charges-of-defrauding-IRS-in-UPMC-data-breach-pittsburgh/stories/201506260267

 · Officials reported June 29 that 2 escaped prisoners from the New York Clinton Correctional Facility were found after 1 escapee was found and fatally shot June 26, while the second was shot and detained near the Canadian border June 28. – CNN

20. June 29, CNN – (New York) Source: former prison escapee says he planned to go to Mexico. Officials reported June 29 that 2 escaped prisoners from the New York Clinton Correctional Facility were found after 1 escapee was located and fatally shot June 26, while the second escapee was traced 2 miles south of the Canadian border, where police shot and detained the man June 28. Authorities plan to investigate the case further. Source: http://www.cnn.com/2015/06/29/us/new-york-prison-break/index.html

Financial Services Sector

6. June 29, U.S. Securities and Exchange Commission – (International) SEC charges KKR with misallocating broken deal expenses. The U.S. Securities and Exchange Commission charged New York-based Kohlberg Kravis Roberts & Co., June 29 with misallocating over $17 million in “broken deal” expenses to co-investors in the firm’s private equity funds. The company agreed to pay $28.5 million to settle the charges. Source: http://www.sec.gov/news/pressrelease/2015-131.html

For another story, see item 23 below in the Information Technology Sector

Information Technology Sector

22. June 29, Securityweek – (International) Security firm discloses details of Amazon Fire Phone vulnerabilities. MWR InfoSecurity released details on three recently patched Amazon Fire Phone vulnerabilities, including flaws in the CertInstaller package that can allow third party applications to install digital certificates to intercept encrypted traffic via man-in-the-middle attacks, and an issue with the Android Debug Bridge (ADB) in which an attacker could bypass the lock screen, steal information, add and remove applications, and access a high privilege shell on the phone. Source: http://www.securityweek.com/security-firm-discloses-details-amazon-fire-phone-vulnerabilities


23. June 29, Help Net Security – (International) Hackers are exploiting Magento flaw to steal payment card info. A security researcher from Sucuri Security discovered that attackers are actively exploiting a flaw in eBay’s Magento platform to steal users’ billing and payment card information by injecting malicious code into Magento’s core file. Researchers are investigating the attack vectors to identify the vulnerability. Source: http://www.net-security.org/secworld.php?id=18565

24. June 29, Softpedia – (International) LG’s Update Center app fails to check server’s SSL certificate, MitM risk. Security researchers from Search-Lab discovered a vulnerability in LG’s Update Center application on Android phones in which an attacker could exploit the fact that the app does not check the secure sockets layer/transport layer security (SSL/TLS) certificate of the update server to execute a man-in-the-middle (MitM) attack and install arbitrary applications on the device. Source: http://news.softpedia.com/news/lg-s-update-center-app-fails-to-check-server-s-ssl-certificate-mitm-risk-485551.shtml

25. June 29, Securityweek – (International) Flash player flaw used by APT3 group added to Magnitude exploit kit. A French security researcher discovered that an exploit for a recently patched Adobe Flash Player heap buffer overflow vulnerability, leveraged by the APT3 threat group has been added to the Magnitude exploit kit (EK). Source: http://www.securityweek.com/flash-player-flaw-used-apt3-group-added-magnitude-exploit-kit

26. June 26, IDG News Service – (International) Samsung will stop blocking Microsoft software updates ‘within a few days’. Samsung reported that users will be receiving a patch through the Samsung Software Update notification process to revert back to restore default Microsoft Windows Update settings, after a security researcher discovered that the company had disabled Windows Update to de-conflict with its SW Update service. Source: http://www.networkworld.com/article/2941553/samsung-will-stop-blocking-microsoft-software-updates-within-a-few-days.html#tk.rss_all

Communications Sector

See items 22 and 24 above in the Information Technology Sector