Complete DHS Report for
December 14, 2015
Daily Report
Top Stories
• Crews worked to clean up an oil spill in Somis after a
Southern California Edison contractor inadvertently drilled into an oil
pipeline December 8, causing 7,980 gallons of oil to spill. – Ventura County
Star
1. December
9, Ventura County Star – (California) Crews make progress on Somis
oil cleanup; highway lane still closed. Crews worked to fully clean up an
oil spill in Somis before the weekend of December 12 after a Southern
California Edison contractor inadvertently drilled into an oil pipeline
December 8, causing 7,980 gallons of oil to spill. The eastbound lane of
Highway 118 remained closed while crews worked to clean up the site, and no
environmental damage was reported. Source: http://www.vcstar.com/news/local/camarillo/clean-up-crews-make-progress-at-somis-oil-spill-site-lane-still-closed-267b6d1e-1bda-2e54-e053-01000-361301481.html
• Officials announced December 10 that planes flying lower
than 2,000 feet were banned from flying over a gas leak in Porter Ranch,
California, through March 2016. – KCBS 2 Los Angeles
8. December
10, KCBS 2 Los Angeles – (California) FAA imposes temporary flight
restrictions over gas leak near Porter Ranch. Federal Aviation
Administration officials announced December 10 that planes flying lower than
2,000 feet were banned from flying over a gas leak in Porter Ranch through
March 2016 due to concerns that fumes from the leak could be ignited. Source: http://losangeles.cbslocal.com/2015/12/10/faa-imposes-temporary-flight-restriction-over-gas-leak-near-porter-ranch/
• Swift Middle
School in Connecticut remained closed December 11 after 40 students were
transported to hospitals following symptoms due to a reported odor in the
building. – Hartford Courant
19. December
11, Hartford Courant – (Connecticut) Watertown Middle School closed Friday after 40
students hospitalized. Swift Middle School in Watertown remained closed
December 11 after 40 students were transported to area hospitals following
symptoms of dizziness, headaches, and lightheadedness due to a reported odor in
the building. State officials were not able to determine the source of the odor
during testing. Source:
http://www.courant.com/breaking-news/hc-waterford-evacuation-1211-20151210-story.html
• FireEye reported that the backdoor malware dubbed,
LATENTBOT is nearly undetectable and primarily targets the financial services
and insurance sectors to steal passwords and record keystrokes. – SecurityWeek
See item 22 below in the Information Technology Sector
Financial Services Sector
4. December
11, WSPA 7 Spartanburg – (South Carolina) Oconee Co. highway closed
by crash, fuel spill. Highway 24 in Oconee County, South Carolina, was
closed for several hours December 10 while HAZMAT crews cleaned up a diesel and
hydraulic oil spill from a 2-vehicle crash involving a truck and a car. Source:
http://wspa.com/2015/12/11/oconee-co-highway-closed-by-crash-fuel-spill/
5. December
10, KXII 12 Sherman – (Texas) Pedestrian hit, killed on US75 in Howe. Northbound
lanes of Highway 75 in Howe were closed for over 3 hours December 10 while
officials investigated an accident where a semi-truck struck and killed a
pedestrian walking along the highway. Source: http://www.kxii.com/home/headlines/Fatality-Accident-on-Highway-75-361408221.html
6. December
10, KOVR 13 Stockton – (California) Deadly big rig crash blocks all northbound lanes
on I-5 in Sacramento. One person was killed after a FedEx semi-truck
crashed through the median and into the northbound lanes of Interstate 5 in
Sacramento, shutting down all northbound lanes for nearly 6 hours December 10
before 2 lanes were reopened. Two northbound lanes and all southbound lanes
remained closed for repairs. Source: http://sacramento.cbslocal.com/2015/12/10/big-rig-crash-blocking-northbound-i-5-in-south-sacramento/
7. December
10, Associated Press – (Massachusetts) Train leaves station without operator, passes
4 stations. A 6-car Massachusetts Bay Transportation Authority train
carrying approximately 50 passengers left the Braintree Station in Boston
without a driver December 10 and went through 4 stations before officials got
on board and drove it to the JFK/UMass stop where passengers disembarked.
Authorities are investigating the incident. Source: http://www.journalreview.com/news/article_ebb9c554-de08-5456-b10e-a55745dd7f3f.html
8. December
10, KCBS 2 Los Angeles – (California) FAA imposes temporary flight
restrictions over gas leak near Porter Ranch. Federal Aviation
Administration officials announced December 10 that planes flying lower than
2,000 feet were banned from flying over a gas leak in Porter Ranch through
March 2016 due to concerns that fumes from the leak could be ignited. Source: http://losangeles.cbslocal.com/2015/12/10/faa-imposes-temporary-flight-restriction-over-gas-leak-near-porter-ranch/
9. December
10, WOWT 6 Omaha – (Nebraska) Mail theft investigation – three in custody. Police
arrested three individuals December 9 for allegedly stealing mail from
mailboxes and packages from porches in the Omaha area. Authorities disabled the
suspects’ vehicle following a chase and found stolen checks inside the car and
mail strewn across Interstate 680 near Mormon Bridge. Source: http://www.wowt.com/home/headlines/Mail-Theft-Investigation---Three-in-Custody-361439511.html
For additional stories, see
item 1 above in the Top Stories
and 3 below from the Critical Manufacturing Sector
3. December
11, SecurityWeek – (International) Ship data recorders vulnerable to hacker
attacks. A researcher from IOActive released a report addressing serious
vulnerabilities in a Furuno voyage data recorder (VRD), used in ships,
including weak encryption, insecure authentication, a defective firmware
mechanism, services plagued by buffer overflow, and command injection
vulnerabilities that can be exploited by an unauthenticated attacker with
access to the vessel’s network in order to remotely execute arbitrary commands
with root privileges, fully compromising the devices.
Information Technology Sector
22. December
11, SecurityWeek – (International) Stealthy backdoor compromised global
organizations since 2013: FireEye. Researchers from FireEye reported that
the malicious backdoor malware dubbed, LATENTBOT primarily targets the
financial services and insurance sectors to steal passwords, record keystrokes,
transfer files, and enable attached microphones or webcams by leveraging
malicious emails with contaminated Word documents created with Microsoft Word Intruder
(MWI) exploit kit (EK) that when opened, executes malicious code and connects
to a MWISTAT server and a LuminosityLink, a remote access trojan (RAT). Source:
http://www.securityweek.com/stealthy-backdoor-compromised-global-organizations-2013-fireeye
23. December
11, SecurityWeek – (International) WP engine resets password after data breach. Officials
from WP Engine reported that users’ credentials may have been compromised in a
security breach and recommended that users reset passwords associated with WP
Engine user portal, the original WP-Admin account, the WordPress database, and
Secure File Transfer Protocol (SFTP), among others. The company continues to
investigate the breach. Source: http://www.securityweek.com/wp-engine-resets-passwords-after-data-breach
For another story, see item 3 above in the Financial Services Sector
Communications Sector
Nothing to report