Tuesday, February 16, 2016



Complete DHS Report for February 16, 2016

Daily Report                                            

Top Stories

• Southern California Gas Co., announced February 11 that it temporarily plugged an underground natural gas well in Los Angeles that was releasing methane into the air since the leak was first reported in October 2015. – Associated Press

2. February 12, Associated Press – (California) California natural gas leak plugged after 16 weeks. Southern California Gas Co., announced February 11 that it temporarily plugged an underground natural gas well in the Porter Ranch community in the San Fernando Valley that was releasing methane into the air since the leak was first reported in October 2015. The well still requires a permanent seal with cement and must undergo an inspection by California regulators. Source: http://www.oregonlive.com/today/index.ssf/2016/02/california_natural_gas_leak_pl.html

• The FBI arrested 46 current and former correctional officers, 2 civilians, and 1 inmate at 9 facilities around Georgia February 11 in connection to an alleged drug trafficking scheme. – CNN

19. February 12, CNN – (Georgia) ‘Staggering corruption’: 46 correctional officers charged in years-long drug trafficking sting. The FBI arrested 46 current and former correctional officers, 2 civilians, and 1 inmate at 9 facilities around Georgia February 11 in connection to an alleged drug trafficking scheme where prison guards and staff smuggled in contraband and let inmates use illegal cell phones to commit crimes in exchange for thousands of dollars in bribes. Source: http://www.cnn.com/2016/02/11/politics/fbi-georgia-correctional-drug-trafficking/index.html

• A 5-alarm fire at the Veterans Industrial Park in New Jersey caused extensive damage to the facility, closed Route 206, and prompted several fire departments to extinguish the blaze February 11. – Somerset County Courier News

23. February 12, Somerset County Courier News – (New Jersey) Hillsborough mayor on warehouse fire: ‘It’s going to be a tough night.’A 5-alarm fire at the Veterans Industrial Park in Hillsborough caused extensive damage to the facility, closed Route 206, caused power outages to 48 customers, and prompted several fire departments to extinguish the blaze February 11. One firefighter sustained minor injuries and officials are investigating the cause of the incident. Source: http://www.mycentraljersey.com/story/news/crime/jersey-mayhem/2016/02/11/firefighrters-battling-large-fire-hillsborough/80246076/

• The FBI and the Columbus police are investigating a February 11 incident after a man armed with a machete knife attacked and injured four patrons inside the Nazareth Mediterranean Cuisine restaurant in Ohio. – Fox News
24. February 12, Fox News – (Ohio) At least 4 injured in machete attack at Ohio restaurant. The Columbus police reported February 11 that the Nazareth Mediterranean Cuisine restaurant was evacuated and closed after a man armed with a machete knife attacked restaurant patrons, injuring four people. Police crews killed the culprit after finding him 5 miles away from the restaurant, and the FBI is investigating the incident. Source: http://www.foxnews.com/us/2016/02/12/ohio-police-kill-man-who-allegedly-attacked-people-with-machete.html

Financial Services Sector

5. February 11, U.S. Securities and Exchange Commission – (California; Minnesota) SEC: California man sold investors phony stock to pay gambling debts. The U.S. Securities and Exchange Commission announced criminal charges against an unregistered broker based in Oceanside, California, February 11 after he allegedly stole approximately $1.9 million from more than 100 investors since 2012 by misrepresenting to investors in California and Minnesota that he would sell them his personally-owned securities in ICB International, Inc., a La Jolla-based medical device company. Instead, the unregistered broker sold more securities than he owned, sent the investors phony stock certificates and confirmation documents, and spent the investors’ money on gambling debts and personal living expenses. Source: https://www.sec.gov/news/pressrelease/2016-28.html

For another story, see item 20 below in the Information Technology Sector

Information Technology Sector

20. February 11, Softpedia – (International) Fake Netflix apps deliver banking trojans. Symantec security researchers reported that a new malware campaign was targeting Netflix users in an effort to gain victims’ Netflix credentials and to steal users’ credit card data to make fraudulent purchases by tricking victims into believing the campaign is a company method of accessing online content at a cheaper rate. The malware steals information by using ads to redirect victims to a direct download Web site embedded with a banking trojan, Infostealer.Banload that steals credentials. Source: http://news.softpedia.com/news/fake-netflix-apps-deliver-banking-trojans-500300.shtml

21. February 11, SecurityWeek – (International) Flaws found in tollgrade power distribution monitoring product. Tollgrade Communications released software updates patching four vulnerabilities for its LightHouse Sensor Management System (SMS) used by energy corporations after a security researcher found flaws similar to a cross-site scripting (XSS) flaw, an information disclosure flaw, insecure credentials, and a cross-site request forgery (CSRF) flaw that can allow unauthenticated attackers to execute commands on an authenticated users’ behalf and gain access to their accounts, among other malicious actions. Source: http://www.securityweek.com/flaws-found-tollgrade-power-distribution-monitoring-product

For another story, see item 22 below in the Communications Sector

Communications Sector

22. February 12, Softpedia – (International) Bad UI design sabotages security of ASUS SoHo routers. An independent researcher reported that a design flaw in the Web administrative panel in 122,000 ASUS SoHo routers running ASUSWRT firmware unintentionally exposed devices to the Internet even after users configured the device as private, allowing attackers to access the devices’ administrator login via Hypertext Transfer Protocol (HTTP) and control the device if the default username and password were still intact. Researchers advised users to leave their firmware firewall on and have the “Enable Web Acces from WAN” setting left on “No.” Source: http://news.softpedia.com/news/bad-ui-design-sabotages-security-of-asus-soho-routers-500330.shtml