Thursday, June 30, 2016



Complete DHS Report for June 30, 2016

Daily Report                                            

Top Stories

• The Destin gas pipeline system was shut down following a June 28 fire at an Enterprise Products Partners LP plant in Pascagoula, Mississippi forcing at least two offshore gas platforms in the U.S. Gulf of Mexico to halt operations. – Reuters

1. June 28, Reuters – (National) Fire at Mississippi gas plant halts two U.S. Gulf Coast platforms. The Destin gas pipeline system was shut down following a June 28 fire at an Enterprise Products Partners LP plant in Pascagoula, Mississippi. The pipeline’s closure forced at least two offshore gas platforms in the U.S. Gulf of Mexico to halt operations until the pipeline resumes production.

• Toyota Motor Corp., issued a recall June 29 for 3.37 million of its vehicles worldwide due to faulty fuel-emissions control canisters and Autoliv Inc.-supplied curtain air bag inflators. – Bloomberg News

4. June 29, Bloomberg News – (International) Toyota recalls 3.4 million cars over air bags, fuel tanks. Toyota Motor Corp., issued a recall June 29 for a total of 3.37 million of its vehicles worldwide including 2.87 million of its model years 2006 – 2015 Prius hybrid and Corolla vehicles due to faulty fuel-emissions control canisters that can crack and cause leaks when the vehicles have full gas tanks. The recall also includes 1.43 million of its model years 2008 – 2012 Prius hybrid and Lexus CT vehicles due to faulty Autoliv Inc.-supplied curtain air bag inflators that may partially inflate in parked vehicles and injure occupants. Source: http://www.bloomberg.com/news/articles/2016-06-29/toyota-recalls-more-than-4-million-cars-on-air-bags-fuel-tanks

• Three crew members are presumed dead and another is injured after two BNSF Railway freight trains collided in the Texas Panhandle June 28 causing several cars to erupt in flames and prompting officials to evacuate nearby residents. – Associated Press

6. June 29, Associated Press – (Texas) Authorities: 3 train workers in Texas wreck presumed dead. Three crew members are presumed dead and another is injured after two BNSF Railway freight trains collided 25 miles northeast of Amarillo June 28, causing several cars to erupt in flames and prompting officials to evacuate nearby residents. In response to the head on crash BNSF officials pledged to adopt technology called positive train control (PTC) that uses GPS, wireless radio, and computers to monitor train positions to automatically slow or stop trains in danger of colliding or derailing. Source: http://www.msn.com/en-us/news/us/crews-fighting-blaze-at-train-collision-site-with-3-missing/ar-AAhJaBR

• California fire crews continued June 28 to battle 9 wildfires burning across the State which have collectively scorched more than 71,010 acres of land. – Banning-Beaumont Patch

14. June 28, Banning-Beaumont Patch – (California) California wildfire update: Tuesday, June 28. California fire crews continued June 28 to battle 9 wildfires burning across the State which have collectively scorched more than 71,010 acres of land.

Financial Services Sector

Nothing to report

Information Technology Sector

16. June 29, Softpedia – (International) Symantec products affected by multiple “as bad as it gets” vulnerabilities. A security researcher from Google’s Project Zero initiative discovered several vulnerabilities in Symantec’s security products including buffer overflow flaws, memory corruption flaws, and a high-severity flaw that does not require user interaction, affects default configuration, and allows the software to run on the highest privilege levels possible due to a vulnerable code in ASPack. Attackers could exploit the vulnerabilities by sending an email with a malicious file or embed a malicious link inside the email, among other methods. Source: http://news.softpedia.com/news/symantec-products-affected-by-multiple-as-bad-as-it-gets-vulnerabilities-505786.shtml

17. June 28, Softpedia – (International) Alpine Linux 3.4.1 released with Linux Kernel 4.4.14 LTS, latest security fixes. Alpine Linux project released its Alpine Linux 3.4.1 operating system (OS) which included security updates in its kernel packages and in its core components, as well as other improvements to several other applications within its systems. Source: http://news.softpedia.com/news/alpine-linux-3-4-1-released-with-linux-kernel-4-4-14-lts-latest-security-fixes-505766.shtml

18. June 28, Softpedia – (International) LevelDropper Android app infected with autorooting malware. Lookout researchers identified the LevelDropper app in the Google Play Store which hides malware capable of rooting the user’s device in order to install unwanted applications. Researchers also found two privilege escalation exploits and supporting package files such as busybox and SuperSU, which also have the ability to root the device. Source: http://news.softpedia.com/news/leveldropper-android-app-infected-with-autorooting-malware-505727.shtml

Communications Sector

Nothing to report

Wednesday, June 29, 2016



Complete DHS Report for June 29, 2016

Daily Report                                            

Top Stories

• The U.S. Securities and Exchange Commission announced June 27 that beginning in 2018 oil, gas, and mining companies must disclose all payments made to foreign governments. – Reuters

3. June 27, Reuters – (International) SEC adopts rule on oil, mining payments to foreign governments. The U.S. Securities and Exchange Commission announced that it approved a rule June 27 requiring oil, gas, and mining companies to disclose payments made to foreign governments beginning in 2018. The rule requires companies to publicly release how much they pay governments in taxes, royalties, and other types of fees for exploration, extraction, and other activities.

• Volkswagen AG agreed June 28 to pay $14.7 billion to the State of California and the U.S. Federal Trade Commission to settle allegations that the company cheated emissions tests and deceived nearly 500,000 customers by installing illegal software in select model years 2009 – 2015 Volkswagen and Audi vehicles. – U.S. Department of Justice

6. June 28, U.S. Department of Justice – (National) Volkswagen to spend up to $14.7 billion to settle allegations of cheating emissions tests and deceiving customers on 2.0 liter diesel vehicles. In parallel settlements with the U.S. and the State of California, and the U.S. Federal Trade Commission, Volkswagen AG and related entities agreed June 28 to pay up to $14.7 billion to settle allegations that the company cheated emissions tests and deceived nearly 500,000 customers by installing illegal software in select makes of its model years 2009 – 2015 Volkswagen and Audi vehicles equipped with turbocharged direct injection (TDI) 2.0-liter diesel engines that detects when the car is being tested for compliance with Federal or California State emissions standards, and turns on full emissions controls only during the testing process. As part of the settlement, Volkswagen will spend $10.03 billion to compensate consumers and an additional $4.7 billion to mitigate the pollution from the vehicles and invest in green vehicle technology. Source: https://www.justice.gov/opa/pr/volkswagen-spend-147-billion-settle-allegations-cheating-emissions-tests-and-deceiving

• Two Michigan men were arrested in Canton, Ohio, June 24 for allegedly using stolen credit card information to clone a credit card and purchase 501 gift cards and pre-paid debit cards. – Canton Repository See item 10 below in the Financial Services Sector

• More than 5,000 firefighters worked June 27 to contain 9 wildfires in California that collectively burned nearly 70,000 acres and damaged hundreds of structures. – Los Angeles Times  

16. June 27, Los Angeles Times – (California) Nine California wildfires destroy almost 70,000 acres. More than 5,000 firefighters worked June 27 to contain 9 wildfires in California, which have collectively burned nearly 70,000 acres and damaged hundreds of structures, including the 45,388-acre Erskine Fire burning in Kern County which has destroyed 250 structures and caused 2 deaths. Source: http://www.latimes.com/local/lanow/la-me-ln-wildfire-update-20160627-snap-story.html

Financial Services Sector

9. June 27, U.S. Department of Justice – (California) Former attorney pleads guilty to participating in fraudulent mortgage modification scheme. A former Irvine, California-based attorney pleaded guilty June 27 to Federal charges for his role in a multi-million dollar fraudulent mortgage modification scheme where he and co-conspirators allegedly convinced homeowners facing foreclosure to pay up to $5,500 for services from the Rodis Law Group (RLG) by falsely claiming that RLG consisted of a team of attorneys experienced in negotiating loan modifications from the homeowners’ mortgage lenders, and by purporting that RLG was consistently successful in obtaining lower interest rates for homeowners, among other misrepresentations between October 2008 and June 2009. Source: http://www.ocregister.com/articles/rodis-720743-mortgage-fraud.html

10. June 27, Canton Repository – (Ohio) Michigan men suspected in Canton credit card fraud. Two Michigan men were arrested at a Walmart store in Canton, Ohio, June 24 for allegedly using stolen credit card information to clone a credit card and purchase 501 gift cards and pre-paid debit cards. Authorities stated the cards were worth over $50,000. Source: http://www.cantonrep.com/news/20160627/michigan-men-suspected-in-canton-credit-card-fraud

For another story, see item 3 above in Top Stories

Information Technology Sector

19. June 28, Softpedia – (International) Microsoft Office 365 corporate users hit by Cerber ransomware attack. Avanan researchers reported that about 57 percent of all companies using Microsoft Office 365 received at least 1 copy of the Cerber ransomware in their inboxes in a June 22 attack that lasted 5 hours before Microsoft blocked the malicious file attachments. Source: http://news.softpedia.com/news/microsoft-office-365-corporate-users-hit-by-cerber-ransomware-attack-505726.shtml

20. June 27, SecurityWeek – (International) MIRCOP ransomware claims to be victim, demands payback. Trend Micro researchers reported that the MIRCOP ransomware abuses Microsoft PowerShell to download and execute the malicious payload, and sends the user a ransom note claiming that the victim stole 48.48 Bitcoins, suggesting that the victim knows how to return the money. MIRCOP prepends files with the string “Lock” and can steal credentials from various applications including Mozilla Firefox, Google Chrome, Opera, FileZilla, and Skype. Source: http://www.securityweek.com/mircop-ransomware-claims-be-victim-demands-payback

For additional stories, see items 7 and 8 below from the Critical Manufacturing Sector


7. June 28, Help Net Security – (International) 25,000-strong CCTV botnet used for crippling DDoS attacks. Sucuri researchers discovered that a closed circuit television (CCTV) botnet comprised of 25,000 cameras worldwide was carrying out distributed denial-of-service (DDoS) attacks against a jewelry store Web site and found that the compromised cameras were able to emulate normal behavior of popular browsers in order to make the botnet more difficult to identify and block. Researchers reported that the attackers could have hacked the devices via a recently disclosed remote code execution (RCE) vulnerability in CCTV-Digital Video Recorders (DVRs).

8. June 28, The Register – (International) Riverbed’s NetProfiler, NetExpress virty appliances patched. Riverbed released an update for two of its virtual security appliances, the SteelCentral NetProfiler and NetExpress, patching a Structured Query Language (SQL) injection, command injection, privilege escalation, local file intrusion, cross-site scripting (XSS), account hijacks, and hard-coded credential vulnerabilities, which could be linked together to obtain unauthenticated remote code execution (RCE) as the root user. Source: http://www.theregister.co.uk/2016/06/28/riverbeds_netprofiler_netexpress_virty_appliances_patched/

Communications Sector

Nothing to report