Thursday, October 1, 2015



Complete DHS Report for October 1, 2015

Daily Report                                            

Top Stories

  • Officials released findings on a November 2014 toxic chemical leak at a DuPont plant in Texas and found that that a combination of building, maintenance, and human errors led to the release of nearly 24,000 pounds of methyl mercaptan. – KPRC 2 Houston

4. September 30, KPRC 2 Houston – (Texas) Report finds series of errors caused deadly DuPont plant accident in La Porte. The U.S. Chemical Safety Board (CSB) released findings from an interim investigation into a November 2014 toxic chemical leak at a DuPont manufacturing plant in La Porte which killed 4 employees, revealing that the chain of events leading up to the incident was set in motion 5 days prior, when a water dilution system was inadvertently activated, and that a combination of building, maintenance, and human errors led to the release of nearly 24,000 pounds of methyl mercaptan. CSB made seven safety recommendations, including a comprehensive engineering analysis of the building along with safer design options to be reported to the agency.

 • Ford Motor Company issued recalls September 30 for approximately 380,000 model year 1998 – 2016 vehicles due to various compliance and mechanical issues. – WWJ 62 Detroit

5. September 30, WWJ 62 Detroit (National) Ford issues six separate recalls for 380K vans, trucks, SUVs, and cars. Ford Motor Company issued recalls September 30 for approximately 340,000 model years 1998 – 2003 Windstar minivans due to potential risks of corrosion and cracking in vehicle axles, about 37,000 model year 2015 F-150 trucks due to an issue with the vehicle’s adaptive cruise control system that could cause it to engage its automatic brakes and collision warning system when passing large, highly reflective trucks, and about 1,500 model year 2016 F-53 and F-59 stripped chassis vehicles due to a potential issue with the vehicles’ shift brackets which could allow shifting into reverse without braking. The announcement included recalls for more than 1,000 additional vehicles due to various compliance and mechanical issues.Source: http://detroit.cbslocal.com/2015/09/30/ford-issues-six-separate-recalls-for-380k-vans-trucks-suvs-and-cars/

 • Thirteen manufacturers and distributors issued recalls September 29 for about 1.3 million bicycles due to an issue which could stop the front wheel abruptly or separate it from the bicycle. – U.S. Consumer Product Safety Commission

6. September 29, U.S. Consumer Product Safety Commission – (National) Thirteen manufacturers, distributors recall bicycles with front disc brakes to replace quick release lever due to crash hazard. Thirteen manufacturers and distributors issued recalls September 29 for about 1.3 million bicycles in the U.S. equipped with front disc brakes and quick release levers due to an issue which could cause an open quick release lever to contact the front disc brake rotor, stopping the front wheel abruptly or separating it from the bicycle. The products were sold at various retailers nationwide from 1998 – 2015. Source: http://www.cpsc.gov/en/Recalls/2015/Thirteen-Manufacturers-Distributors-Recall-Bicycles-with-Front-Disc-Brakes-to-Replace-Quick-Release-Lever/?utm

 • Proofpoint published research revealing that the Dyreza trojan has been used to phish information technology (IT) supply chain credentials for up to 20 organizations. – Threatpost See item 25 below in the Information Technology Sector

Financial Services Sector

7. September 30, U.S. Securities and Exchange Commission – (National) SEC sanctions 22 underwriting firms for fraudulent municipal bond offerings. The U.S. Securities and Exchange Commission announced enforcement actions September 30 against 22 municipal underwriting firms under the Municipalities Continuing Disclosure Cooperation (MCDC) Initiative, reportedly finding that the firms violated Federal securities laws by selling municipal bonds using offering documents containing materially false statements or omissions regarding the bond issuers’ compliance with disclosure obligations. The underwriting firms agreed to cease all operations of such violations and pay civil penalties. Source: http://www.sec.gov/news/pressrelease/2015-220.html

8. September 29, WBBM 2 Chicago – (Illinois) FBI searching for ‘North Center Bandit.’ The FBI is searching for information leading to the arrest of a suspect dubbed the “North Center Bandit,” who allegedly robbed 3 bank branches in North Center from August 21 – September 25. Source: http://chicago.cbslocal.com/2015/09/29/fbi-searching-for-north-center-bandit/

Information Technology Sector

22. September 30, Help Net Security – (International) Scammers use Google AdWords, fake Windows BSOD to steal money from users. Security researchers from Malwarebytes discovered that cybercriminals are using Google’s AdWords to place malicious links at the top of Google’s search page for common searches, which would lead to a fake “Blue Screen of Death” (BSOD) page prompting users to call a toll-free “helpline” with scammers that would solicit payments for support services and personal and bank account information. Source: http://www.net-security.org/secworld.php?id=18913

23. September 30, Softpedia – (International) Microsoft Exchange Server fixed against information disclosure bug. Microsoft released an update for Exchange Server 2013 addressing a vulnerability in Outlook Web Access (OWA) that could allow an attacker to gain access to an active Webmail session by forcing Exchange Server to dump debug data via a maliciously crafted Uniform Resource Locator (URL), granting access to previously inaccessible cookie session information. Source: http://news.softpedia.com/news/microsoft-exchange-server-fixed-against-information-disclosure-bug-493157.shtml

24. September 30, Threatpost – (International) Apple Gatekeeper bypass opens door for malicious code. Security researchers from Synack discovered that Apple’s Gatekeeper security platform could be bypassed by tricking a user into downloading a signed and infected application from a third-party source, or by loading a malicious library over an insecure HyperText Transfer Protocol (HTTP) download via a man-in-the-middle (MitM) position to gain access to the system. Source: https://threatpost.com/apple-gatekeeper-bypass-opens-door-for-malicious-code/114851/

25. September 29, Threatpost – (International) Dyreza trojan targeting IT supply chain credentials. Security researchers from Proofpoint published research revealing that the Dyreza trojan has been used to phish information technology (IT) supply chain credentials for up to 20 organizations, including software companies supporting fulfillment and warehousing, and computer distributors. Researchers believe that hackers intend to infect all points of the supply chain to possibly divert physical shipments, issue payments and invoices to artificial companies, or enact large-scale gift-card issuances. Source: https://threatpost.com/dyreza-trojan-targeting-it-supply-chain-credentials/114836/

26. September 29, Threatpost – (International) SAP patches 12 SQL injection, XSS vulnerabilities in HANA. SAP released updates addressing 12 structured query language (SQL), cross-site scripting (XSS), and memory corruption vulnerabilities in its HANA in-memory management system that could allow an attacker to abuse management interfaces and compromise stored information, or lock users out of the platform, among other exploits. Source: https://threatpost.com/sap-patches-12-sql-injection-xss-vulnerabilities-in-hana/114840/

27. September 29, Securityweek – (International) Linux XOR DDoS botnet flexes muscles with 150+ Gbps attacks. Security researchers from Akamai Technologies released details of a botnet targeting primarily corporations in Asia that is capable of launching 150+ gigabit-per-second (Gbps) distributed denial-of-service (DDoS) attacks from Linux systems compromised by the XOR DDoS trojan, as well as being able to download and execute arbitrary code and self-update. Source: http://www.securityweek.com/linux-xor-ddos-botnet-flexes-muscles-150-gbps-attacks

For another story, see item 16 below from the Government Facilities Sector

16. September 30, Softpedia – (New Jersey) Despite new equipment, Rutgers University goes down after DDoS attack. Rutgers University announced September 28 that the university experienced network issues due to a distributed-denial-of-service (DDoS) attack, which limited access to the Internet for several hours. The attack was allegedly orchestrated by a hacker known as Exfocus, and followed four previous attacks against the university between March and May. Source: http://news.softpedia.com/news/despite-new-equipment-rutgers-university-goes-down-after-ddos-attack-493155.shtml

Communications Sector

Nothing to report