Friday, January 15, 2016



Complete DHS Report for January 15, 2016

Daily Report                                            

Top Stories

• A water main break in Conshohocken, Pennsylvania January 13 caused thousands of gallons of water to rupture skyward, freezing over power lines and roadways and causing damages to nearby businesses. – Montgomery Media

10. January 14, Montgomery Media – (Pennsylvania) Water main break in Conshohocken causes icy mess. A water main break in Conshohocken, Pennsylvania January 13 caused thousands of gallons of water to rupture skyward, freezing over power lines and roadways and causing damages to nearby businesses. The cause of the break is still under investigation. Source: http://www.montgomerynews.com/articles/2016/01/14/colonial_news/news/doc56966b1bf2ec2579347614.txt

• A U.S. Senate health committee released a report January 13 revealing that the specialized device, duodenoscopes caused more than two dozen outbreaks of antibiotic-resistant infections and revealed that the U.S. Food and Drug Administration failed to identify and alert the public about the faulty device, among other data. – Washington Post

11. January 13, Washington Post – (International) Tainted medical scopes have sickened hundreds in U.S., Europe, Senate investigation finds. A U.S. Senate health committee released a report January 13 that revealed the specialized device duodenoscopes, used to drain fluid from pancreatic and bile ducts, was linked to more than two dozen outbreaks of antibiotic-resistant infections that sickened 250 people in the U.S. and Europe and that the device’s manufacturers, hospitals, and the U.S. Food and Drug Administration failed to identify and alert problems with the device to the public. Source: https://www.washingtonpost.com/news/to-your-health/wp/2016/01/13/senate-report-tainted-medical-scopes-have-sickened-hundreds-in-u-s-europe/

• Cisco released software updates that addressed critical vulnerabilities in several of its networking and security products including an unauthorized access issue that allowed attackers to modify a device’s configuration. – SecurityWeek See item 18 below in the Information Technology Sector

• A Prince George Country fire official reported that a 2-alarm fire at the Presidential Park Condominiums displaced 10 residents, injured 5 people, and caused an estimated $200,000 in damages January 13. – WUSA 9 Washington

22. January 14, WUSA 9 Washington – (Maryland) Five recovering after massive Adelphi apartment building. A Prince George Country fire official reported that a 2-alarm fire at the Presidential Park Condominiums displaced 10 residents, injured 5 people, and caused an estimated $200,000 in damages January 13. Officials believe the fire was accidental and are investigating the cause of the blaze. Source: http://www.wusa9.com/story/news/local/maryland/2016/01/13/2-alarm-fire-apartment-building-adelphi/78759304/

Financial Services Sector

2. January 13, Associated Press – (New York; Florida) U.S. Treasury Department to track some real estate deals in NY and Miami. The U.S. Department of the Treasury announced January 13 that it will track sales of high-end real estates in Manhattan and Miami in order to discover and prevent money-laundering by establishing temporary disclosure requirements beginning March 2016, which will require certain title companies to identify individuals behind companies that purchase properties exceeding $3 million. Source: http://www.winnipegfreepress.com/business/the-treasury-department-says-it-will-begin-tracking-sales-of-high-end-real-estate-in-2-of-the-countrys-most-expensive-markets--365160081.html

3. January 13, Los Angeles Business Journal – (California) Former Mirae Bank exec charged with bank fraud. A former executive of Mirae Bank was charged January 13 with 6 counts of Federal bank fraud and 2 counts of falsifying statements to a financial institute after allegedly arranging $150 million in fraudulent loans on behalf of the bank and skimming money from the loans for personal profit, which reportedly led to approximately $33 million in losses and the bank’s failure by 2009.

4. January 13, U.S. Securities and Exchange Commission – (National) SEC charges 11 bank officers and directors with fraud. The U.S. Securities and Exchange Commission charged 11 former executives and board members of Birmingham-based Superior Bank and its holding company January 13 for their involvement in various fraud schemes in which they allegedly concealed or understated the bank’s allowances for loan and lease losses (ALLL) by propping up Super Bank’s financial condition through straw borrowers, fake appraisals, and insider deals. Source: http://www.sec.gov/news/pressrelease/2016-7.html

Information Technology Sector

18. January 14, SecurityWeek – (International) Cisco patches serious flaw in networking, security products. Cisco released software updates that addressed multiple critical vulnerabilities in several of its networking and security products including an unauthorized access issue that affects Cisco standalone and modular controllers running Wireless LAN Controller (LAN) software that allowed attackers to modify the device’s configuration and compromise the device. Source: http://www.securityweek.com/cisco-patches-serious-flaws-networking-security-products

19. January 13, Softpedia – (International) DHCP gets a fix for denial-of-service bug. The Internet Systems Consortium (ICS) patched a flaw in its Dynamic Host Configuration Profile (DHCP) software packages after a security researcher from Sophos discovered the vulnerability allowed attackers to crash the systems by sending a malicious network packet with an invalid IPv4 UDP length field. Source: http://news.softpedia.com/news/dhcp-gets-a-fix-for-denial-of-service-bug-498882.shtml

20. January 13, IDG News Service – (International) Microsoft fixes critical flaws in Windows, Office, Edge, IE and other products. Microsoft released security updates that patched critical flaws in its Windows, Office, Edge, Internet Explorer, Silverlight, and Visual Basic products, including remote code execution vulnerabilities, elevation of privilege vulnerabilities, and a spoofing flaw.

21. January 13, Softpedia – (International) Shoddy ransomware destroys user’s files. Security researchers from Trend Micro identified a ransomware dubbed RANSOME_CRYPTEAR.B that used a crypto flaw hidden in the Hidden Tear ransomware to infect users and encrypt their files by redirecting users to fake Adobe Flash Web sites that distributes a malicious Flash Player update and allows attackers to infect the victim’s system with a crypto-ransomware that would encrypt all data files. Authors of the malware were seen throwing away the encryption key, rendering all encrypted files unrecoverable. Source: http://news.softpedia.com/news/shoddy-ransomware-destroys-the-user-s-files-498889.shtml

Communications Sector

Nothing to report