Complete DHS Report for January 7, 2016
Daily Report
Top Stories
• Utility crews began casting demister pads January 6 to
contain an oily mist that appeared from a methane leak at the company’s Aliso
Canyon Storage Facility in California. – Los Angeles Daily News
1. January 6,
Los Angeles Daily News – (California) Oily mist surfaces at Porter
Ranch gas leak as well pressure drops. Southern California Gas Company
announced January 6 that crews began casting demister pads, which contain a
mesh screen, to contain an oily mist that has appeared from a methane leak at
the company’s Aliso Canyon Storage Facility above Porter Ranch. The utility
reported that the pads will trap droplets that mix with the gas as it rises. Source: http://www.dailynews.com/environment-and-nature/20160105/oily-mist-surfaces-at-porter-ranch-gas-leak-as-well-pressure-drops
• Rapid7 discovered a flaw in the Comcast XFINITY Home
Security system that can allow burglars to enter homes without triggering the
alarm by causing interference or deauthentication to the ZigBee-based protocol.
– Help Net Security
4. January 6,
Help Net Security – (International) Flaw in Comcast’s home security system lets
burglars in without triggering alarm. A researcher at Rapid7 discovered a
critical flaw in the Comcast XFINITY Home Security system that can allow
burglars to enter homes without triggering the alarm by causing interference or
deauthentication to the ZigBee-based communications protocol via commodity
radio jamming equipment and software-based deauthentication attacks on the
protocol itself. There are currently no patches for the flaw. Source: http://www.net-security.org/secworld.php?id=19288
• A former partner at McKinsey & Company’s Chicago
office and a former internal consultant for State Farm were charged January 5
for allegedly bilking both companies out of $900,000 in phony consulting fees.
– Chicago Sun-Times See
item 6 below in the Financial Services Sector
• A Transit Express (TRAX) train was struck by a car in
Salt Lake City January 4, killing 1 man, leaving 18 others injured, and causing
the train to teeter on the North Temple overpass. – KSL 5 Salt Lake City
10. January 4,
KSL 5 Salt Lake City – (Utah) Ogden man killed, 18 injured in TRAX train collision. A
Transit Express (TRAX) train was struck by a fast-moving car in Salt Lake City
January 4, killing 1 man, leaving 18 others injured, and causing the train to
teeter on the North Temple overpass after it was knocked off its tracks. Crews
worked to remove the train and inspect the track.Source: https://www.ksl.com/index.php?sid=38006765&nid=148&title=1-killed-trax-train-derailed-after-collision-on-north-temple&fm=home_page&s_cid=topstory
Financial Services Sector
6. January 5,
Chicago Sun-Times – (National) Former McKinsey partner, McLean County Board chair
indicted for wire fraud. A former partner at McKinsey & Company’s
Chicago office and a former internal consultant for State Farm were charged
January 5 for allegedly bilking both companies out of $900,000 in phony
consulting fees through two companies, Gabriel Solutions and Andy’s BCB, while
using the funds to pay for personal trips that were listed as business
expenses. Source: http://chicago.suntimes.com/news/7/71/1228078/former-mckinsey-partner-state-farm-consultant-facing-federal-wire-fraud-charges
Information Technology Sector
22. January 6,
SecurityWeek – (International) Linode resets user passwords after breach. Linode
reported that it reset customers’ Linode Manager passwords after the company
discovered that a massive distributed denial-of-service (DDoS) attack was
launched on its Web site, data centers, and Domain Name System (DNS)
infrastructure, in addition to multiple volumetric attacks that targeted its
authoritative nameservers and public Web sites, which may have compromised user
credentials’ from the company’s database. The exposed database included
usernames, email addresses, password hashes, and encrypted two-factor
authentication seeds. Source: http://www.securityweek.com/linode-resets-user-passwords-after-breach
23. January 6,
SecurityWeek – (International) Researchers publish default passwords for ICS
products. SCADA StrangeLove research team released a list of default
credentials for industrial control system (ICS) products from various vendors
including industrial routers, programmable logic controllers (PLC), and
wireless gateways, among other products, to reveal that default passwords can
pose a serious vulnerability for systems if remotely accessed. The team
reported that vendors should implement proper security controls such as
establishing password strength policies and forcing users to change passwords
on the first login. Source: http://www.securityweek.com/researchers-publish-default-passwords-ics-products
24. January 6,
SecurityWeek – (International) Vulnerability exposed Blackphone to complete
takeover. Silent Circle released updates for its privacy-focused Blackphone
1 mobile device that patched several security flaws including a modem
vulnerability that can be exploited by attackers to take control of the
device’s functions through an open-access socket that interacts with an NVIDIA
Icera modem binary named agps_daemon, embedded with elevated privileges, to
communicate directly to the Blackphone modem and record anything it receives to
the ttySHM3 port. Attackers disguised with shell user privileges could send
commands to the modem to exploit the flaw. Source: http://www.securityweek.com/vulnerability-exposed-blackphone-complete-takeover
25. January 5,
Softpedia – (International) Author of Linux.Encoder fails for the third
time, ransomware is still decryptable. Researchers from Bitdefender
reported that a Linux.Encoder decryption tool was available for free following
the discovery of a third version of the Linux.Encoder malware which has
infected about 600 servers. The ransomware targets Web servers and looks to encrypt
files used in Web hosting and Web development environments. Source: http://news.softpedia.com/news/author-of-linux-encoder-fails-for-the-third-time-ransomware-is-still-decryptable-498483.shtml
For another story, see item 4 above in Top Stories
Communications Sector
See items 23 and 24 above
in the Information Technology Sector