Friday, August 21, 2015

Complete DHS Report for August 21, 2015

Daily Report                                            

Top Stories

 · Six Freedom Industries, Inc., officials pleaded guilty August 19 to Federal Clean Water Act and other violations in connection to a chemical spill that contaminated drinking water for 300,000 West Virginia residents. – WVVA 6 Bluefield; Associated Press

2. August 19, WVVA 6 Bluefield; Associated Press – (West Virginia) Company president enters plea in WV chemical spill. A U.S Attorney announced August 19 that 6 Freedom Industries, Inc., officials charged in a chemical spill which contaminated drinking water for 300,000 people in West Virginia pleaded guilty to violating the Federal Clean Water Act, negligently discharging refuse matter in violation of the Federal Refuse Act, as well as failing to have a pollution prevention plan. Freedom and four other Freedom officials previously pleaded guilty to environmental crimes in March. Source:

 · Officials reported that lanes of Interstate 75 in Michigan will be closed through August 24 after a semi-truck carrying 8,000 gallons of gasoline overturned and burst into flames on the roadway. – WWJ 62 Detroit

5. August 20, WWJ 62 Detroit – (Michigan) I-75 to be closed ‘for days’ after tanker carrying 8,000 gallons of gasoline crashes, catches fire. A semi-truck carrying 8,000 gallons of gasoline traveling on southbound on Interstate 75 in Lincoln Park, Michigan, struck the median wall and flipped over into northbound lanes, bursting into flames August 20. The driver was transported to an area hospital in critical condition and officials stated that southbound lanes of the interstate at Shaefer and northbound lanes at the Southfield Freeway will remain closed through at least August 24.

 · One worker was killed and an evacuation order near the Liquid Transfer Terminals plant in Bainbridge, Georgia, was lifted following an August 19 chemical explosion in a 1 million gallon tank of sodium hydrosulfide. – WALB 10 Albany

10. August 20, WALB 10 Albany – (Georgia) Chemical fire is out as crews make sure the area is safe. One worker was killed and evacuation orders for people within a half-mile radius of the Liquid Transfer Terminals plant in Bainbridge were lifted after several hours following an August 19 chemical explosion that occurred in a 1 million gallon tank of sodium hydrosulfide while 2 workers were installing a gauge at the facility. Source:

 · Three firefighters were killed August 19 as crews across Washington, California, and Oregon battled several wildfires that have destroyed over 340,000 acres of forest and hundreds of structures. – CNN

21. August 19, CNN – (Washington; California; Oregon) Three firefighters killed in battle against Washington wildfire. Three firefighters were killed battling a wildfire that has burned more than 235,000 acres, destroyed over 110 homes and structures, and continues to threaten 11 counties in Washington August 19. Fire crews in California and Oregon worked to contain several wildfires that have burned over 115,000 acres, forced the evacuations of thousands of residents, and damaged or destroyed more than 100 homes and other structures. Source:

Financial Services Sector

4. August 19, Reuters – (National) Citigroup to pay $15 mln to settle U.S. compliance charges. The U.S. Securities and Exchange Commission announced August 19 that a unit of Citigroup Inc., will pay $15 million to resolve civil charges that the company allegedly failed to review thousands of trades its trading desk carried out over a 10-year period, and that Citigroup improperly routed 467,0000 transactions for advisory clients to an affiliated market-making firm.Source:

Information Technology Sector

26. August 20, Securityweek – (International) iOS sandbox flaw exposes companies using MDM solutions. Security experts from Appthority reported that organizations using mobile device management solutions (MDM) and enterprise mobility management (EMM) solutions are vulnerable to third-party app sandbox issue dubbed “Quicksand” in Apple’s iOS, in which an attacker could develop a malicious application that reads the configuration settings of managed applications.Source:

27. August 20, Securityweek – (International) Drupal security updates patch five vulnerabilities. The developers of the Drupal open source content management system (CMS) released security updates addressing five cross-site scripting (XSS), Structured Query Language (SQL) injection, cross-site request forgery (CSRF), and information disclosure vulnerabilities. Source:

28. August 20, The Register – (International) Holes found in Pocket Firefox add-on. Mozilla released a fix August 17 for server-side vulnerabilities in the Pocket Firefox Web browser add-on in which an attacker could compromise the Pocket application to gain access to user data, and could use the add-on to populate links to malicious redirects. Source:

Communications Sector

See item 26 above in the Information Technology Sector