Friday, July 17, 2015




Complete DHS Report for July 17, 2015

Daily Report                                            

Top Stories

  · Authorities reported that a July 14 explosion at the Zodiac Aerospace plant in Newport, Washington was a result of chemical vapor build-up, after the explosion hospitalized seven workers and severely damaged the plant’s structural integrity. – Reuters

4. July 15, Reuters – (Washington) Blast closes U.S. Zodiac Aero plant; Boeing, Airbus assess impact. Authorities reported that a July 14 explosion at the Zodiac Aerospace plant in Newport, Washington was a result of flammable chemical vapor build-up in a resin “treater” machine. The explosion hospitalized seven workers and severely damaged the plant’s structural integrity, prompting Boeing and Airbus to assess the incident’s impact on company operations. Source: http://www.reuters.com/article/2015/07/15/us-zodiac-aero-blast-idUSKCN0PP20D20150715

 · Tracks in Pulaski County, Virginia reopened after a 31-hour closure while crews cleared the scene of a train crash that caused 18 cars to derail, spilled 20,000 gallons of lube oil, and prompted an evacuation of nearby homes July 15. – WDBJ 7 Roanoke

10. July 15, WDBJ 7 Roanoke – (Virginia) Pulaski County Norfolk Southern tracks reopen after train derailment. Tracks in Pulaski County reopened after being closed for 31 hours while crews cleared the scene of a 2-train crash that caused 18 cars to derail, spilled 20,000 gallons of lube oil, and prompted an evacuation of nearby homes July 15. No injuries were reported.Source: http://www.wdbj7.com/news/local/pulaski-county-norfolk-southern-tracks-reopen-after-train-derailment/34191694

 · U.S. Highway 287 in Montana was shut down for about 7 hours July 15 after a head-on collision killed 3 people and injured 5 others. – The Missoulian

11. July 15, The Missoulian – (Montana) Three dead, five injured in morning head-on collision on Highway 287. U.S. Highway 287 was shut down for approximately 7 hours July 15 due to a head-on collision that killed 3 people and injured 5 others. The cause of the accident remains unknown and officials are investigating the incident.

 • Chattanooga State Community College and the Bradley Square Mall in Chattanooga, Tennessee were on lockdown July 16 after an active shooter situation at 2 U.S. Navy Reserve recruiting centers led to the deaths of 4 military personnel and the shooter. – Newsweek

20. July 16, Newsweek – (Tennessee) Report: at least five dead, including suspect, after shooting in Tennessee. Chattanooga State Community College and the Bradley Square Mall in Chattanooga, Tennessee were on lockdown July 16 after an active shooter situation was confirmed by the U.S. Navy at 2 recruiting centers on Amnicola Highway and Old Lee Highway. At least four military personnel and the suspect were killed.

Financial Services Sector

7. July 15, KAKE 10 Wichita – (Kansas) ATM skimmer use discovered at 7th Wichita bank. Home Bank & Trust Co., officials reported that an ATM skimming device was used at a Wichita location, bringing the total number of skimmers found in Wichita in July to seven.

8. July 15, Orange County Register – (California) Santa Ana man suspected of being “Big A Bandit’ is arrested. FBI officials reported July 15 that authorities had arrested a suspect believed to be the “Big A Bandit” responsible for robbing 3 banks in Anaheim, Fullerton, and La Habra. Source: http://www.ocregister.com/articles/bank-671912-simmons-west.html

Information Technology Sector

22. July 16, Threatpost – (International) Security support ends for remaining Windows XP machines. Microsoft ended security support for Microsoft Security Essentials customers running Windows XP as part of its July Patch Tuesday roll-out, and released security advisories for a patched race condition flaw in the Malicious Software Removal Tool (MSRT) allowing for privilege escalation, as well as an update enhancing use of Data Encryption Standard (DES) encryption keys.

23. July 16, Securityweek – (International) Siemens patches authentication bypass bug in telecontrol product. Siemens released a firmware update for its SICAM MIC modular telecontrol devices addressing an authentication bypass vulnerability in which an attacker with network access to the device’s web interface could bypass authentication and perform administrative operations. Source: http://www.securityweek.com/siemens-patches-authentication-bypass-bug-telecontrol-product

24. July 16, The Register – (International) Thunder-faced Mozilla lifts Flash Firefox block after 0-days plugged. Mozilla lifted a block on all versions of Adobe Flash in its Firefox Web browser after Adobe released cross-platform updates addressing two zero-day vulnerabilities that were revealed in a recent breach of the Italian surveillance company, Hacking Team. Source: http://www.theregister.co.uk/2015/07/16/mozilla_unblocks_flash_firefox/

25. July 16, Securityweek – (International) Vulnerability exposes Cisco Videoscape devices to DoS attacks. Cisco released an advisory warning of a security bug in its Videoscape Distribution Suite for Internet Streaming (VDS-IS) and VDS Service Broker products in which an unauthenticated remote attacker could cause a denial-of-service (DoS) condition by sending specially crafted Hypertext Transfer Protocol (HTTP) packets to trigger device instability. Source: http://www.securityweek.com/vulnerability-exposes-cisco-videoscape-devices-dos-attacks

26. July 15, Threatpost – (International) New RC4 attack dramatically reduces cookie decryption time. Belgian security researchers discovered biases in the Rivest Cipher 4 (RC4) encryption algorithm that could lead to attacks breaking encryption on websites running transport layer security (TLS) with RC4 and Wi-Fi Protected Access (WPA) Temporal Key Integrity Protocol (TKIP) to perform actions under a victim’s name or gain access to personal information. Source: https://threatpost.com/new-rc4-attack-dramatically-reduces-plaintext-recovery-time/113808

Communications Sector

27. July 15, Turlock City News – (California) Damaged fiber optic cable causing cell phone 911 outages, TID phone issues, AT&T and Verizon service issues. A fiber cable cut in San Joaquin County caused technical issues for some AT&T and Verizon cell phone users in Stanislaus County, including 9-1-1 service July 15.