Complete DHS Report for October 21, 2015

Daily Report                                            

Top Stories

 • The North Dakota Department of Health reported October 20 that Oasis Petroleum North America, LLC was unable to regain control of a well after workers lost control October 17, causing tens of thousands of gallons of oil and saltwater to spill. – KXMC 13 Minot; Associated Press  

1. October 20, KXMC 13 Minot; Associated Press – (North Dakota) Oil, brine spill in ND after workers lose control of well. The North Dakota Department of Health reported October 20 that Oasis Petroleum North America, LLC has been unable to regain control of a well in Mountrail County after workers lost control of the well October 17, causing tens of thousands of gallons of saltwater and oil to spill. Crews were able to recover 73,920 gallons of oil and 84,000 gallons of saltwater by October 18, and are continuing efforts to remove the fluids from the well site.

 • Over 2,000 people were evacuated October 19 from a Smithfield Packing Plant in North Carolina after part of the ceiling fell into the building. – WECT 6 Wilmington

12. October 20, WECT 6 Wilmington – (North Carolina) Smithfield Packing plant evacuated after part of ceiling collapses. A Bladen County official reported October 19 that over 2,000 people were evacuated from the Smithfield Packing Plant after part of the ceiling fell from its Tar Heel, North Carolina facility, causing the plant to stop its production for an indeterminate amount of time. No injuries were reported and Smithfield Foods is working to fix the roof.

 • Colorado-based Good Food Concepts issued a voluntary recall for about 12,566 pounds of beef, pork, and poultry products October 18 due to misbranding and production without thorough analysis and control. – U.S. Department of Agriculture

14. October 18, U.S. Department of Agriculture – (Colorado; New Mexico) Good Food concepts recalls beef, pork, and poultry products produced without a fully implemented HACCP plan, and misbranded. Colorado Springs-based Good Food Concepts issued a voluntary recall for approximately 12,566 pounds of beef, pork, and poultry products October 18 after a food safety assessment revealed the products were produced without a fully implemented Hazard Analysis and Critical Control Points plan and were misbranded to include undeclared sodium nitrite. The items were produced from October 16, 2014 – October 16, 2015 and shipped to retail locations in Colorado and New Mexico. Source:

 • U.S. officials announced October 19 that Millennium Health agreed to pay $256 million to resolve allegations that the company billed health care programs for unnecessary urine and drug testing, among other charges. – U.S. Department of Justice

16. October 19, U.S. Department of Justice – (National) Millennium Health agrees to pay $256 million to resolve allegations of unnecessary drug and genetic testing and illegal remuneration to physicians. The U.S. Department of Justice announced October 19 that Millennium Health agreed to pay $256 million in a settlement resolving alleged violations of the False Claims Act after officials reportedly found that the company falsely billed Medicare, Medicaid, and other Federal health care programs for medically unnecessary urine drug and genetic testing, in addition to providing physicians with free items for referring laboratory testing to the company between 2008 and 2015. The company also entered into a corporate integrity agreement (CIA) with the U.S. Department of Health and Human Services-Office of Inspector General as part of the settlement terms.

Financial Services Sector

4. October 20, Cranston Patch – (Rhode Island) “Ponytail Bandit” pleads guilty to bank robbery spree. The suspect believed to be the “Ponytail Bandit” pleaded guilty October 16 to charges connected to 4 Providence and Cranston Citizen’s and Sovereign bank branch robberies in February 2013. Source:

5. October 19, Reuters – (National) UBS to pay $17.5 mln in SEC settlement over fund’s strategy change. U.S. Securities and Exchange Commission officials announced October 19 that UBS AG agreed to pay $17.5 million to settle allegations that UBS Willow Management, a joint venture between UBS Fund Advisor and Bond Street Capital, failed to notify investors of a shift to investing in credit default swaps in 2008 – 2009, leading to significant losses that eventually led to the UBS Willow Fund LLC’s liquidation in 2012. Source:

Information Technology Sector

19. October 20, Securityweek – (International) Vulnerabilities found in HP ArcSight products. HP began releasing security updates addressing vulnerabilities in HP’s ArcSight products, including an authentication bypass flaw in the ArcSight Logger interface in which a remote authenticated user without permissions could conduct searches through the Simple Object Access Protocol (SOAP) interface, improper restriction of excessive authentication attempts which could allow brute force attacks on the SOAP interface, and an insufficient compartmentalization vulnerability which could allow a user to escalate privileges to root. Source:

20. October 20, Softpedia – (International) Malware disguises as Google Chrome browser clone. Security researchers from PCRisk and Malwarebytes discovered a new Web browser designed to mimic Google Chrome called eFast, which delivers adware and malware and hijacks file and Uniform Resource Locator (URL) associations on infected systems. The application is based on the Chromium open source browser. Source:

21. October 20, Help Net Security – (International) 250+ iOS apps offered on Apple’s App Store found slurping user data. Security researchers from SourceDNA and Purdue University discovered that over 250 Apple App Store applications are built on a software development kit (SDK) that uses private application program interfaces (APIs) to gather user and device information, despite Apple disallowing the practice. Apple has removed an unspecified number of apps and Youmi, the China-based mobile advertising company that created the SDK is working with the company to resolve the issue. Source:

22. October 20, Help Net Security – (International) A slew of LTE 4G vulnerabilities endanger Android users and mobile carriers. Researchers from Carnegie Mellon University’s Computer Emergency Response Team Coordination Center reported that carriers and users of Long-Term Evolution (LTE 4G) devices are vulnerable to issues that may result in loss of privacy, data spoofing, incorrect billing, and denial-of-service (DoS) attacks due to LTE networks’ reliance on packet switching and the Internet Protocol (IP) schema versus circuit switching used in previous generations. Source:

23. October 20, Help Net Security – (International) 1 in 4 organizations have experienced an APT. ISACA released findings from a study surveying over 660 cybersecurity professionals revealing that about 28 percent of those surveyed have experienced an attack from an advanced persistent threat (APT), that mobile device security continues to be an issue, and that most organizations tend to focus on technical controls instead of education and training when most APT attacks tend to employ social engineering, among other findings. Source:

24. October 20, The Register – (International) Sites cling to a million flawed, fading SHA-1 certificates: Netcraft. Security researchers from Netcraft reported that over a million organizations are still using Secure Hash Algorithm 1 (SHA-1) certificates, that 120,000 were issued this year, and that another 250,000 surveyed are scheduled to live past 2017, despite documented weaknesses in the algorithm’s security. Source:

25. October 19, SC Magazine – (International) Flaws in LibreSSL could open Web servers to attack. Security researchers from Qualys discovered memory leak and buffer overflow vulnerabilities in all versions of LibreSSL which could allow attackers to create a denial-of-service (DoS) condition or execute arbitrary code. LibreSSL is a fork of the Open Secure Sockets Layer (SSL) library intended as a replacement after the Heartbleed vulnerability was discovered in Open SSL’s code, and the vulnerabilities were reportedly addressed in subsequent updates. Source:

Communications Sector

See item 22 above in the Information Technology Sector