Monday, February 22, 2016



Complete DHS Report for February 22, 2016

Daily Report                                            

Top Stories

• California State officials announced February 18 that a leaking natural gas well at the Aliso Canyon storage field in Porter Ranch was permanently sealed and taken out of service. – Los Angeles Times

1. February 18, Los Angeles Times – (California) Porter Ranch gas leak permanently capped, officials say. The California Department of Conservation and Southern California Gas Company announced February 18 that a leaking natural gas well at the Aliso Canyon storage field in Porter Ranch was permanently sealed and taken out of service. The utility stated that it will develop a plan to mitigate the damage caused by the leaking well, support new regulations, and conduct a full inspection and testing of other wells at the storage field before resuming injections. Source: http://www.latimes.com/local/lanow/la-me-ln-porter-ranch-gas-leak-permanently-capped-20160218-story.html

• Apple Inc., issued a recall February 18 for 814,000 of its World Travel Adapter Kits and wall plug adapters due to electric shock hazards. – U.S. Consumer Product Safety Commission

2. February 18, U.S. Consumer Product Safety Commission – (International) Apple recalls travel adapter kits and plugs due to risk of electric shock. Apple Inc., issued a recall February 18 for 814,000 of its World Travel Adapter Kits and wall plug adapters due to electric shock hazards from two-prong wall plug adapters that can break and expose the metal portion of the adapter after the company received 12 reports of adaptors breaking and shocking consumers. An additional 81,000 adapters were sold in Canada.

• A Federal report released February 19 found that improper encryption and poorly trained employees helped expose the personal health information of approximately 1 million South Carolina Medicaid patients to the risk of cybertheft. – Associated Press

11. February 19, Associated Press – (South Carolina) SC Medicaid computer breach exposes data of 1 million. The U.S. Department of Health and Human Services’ Office of Inspector General released a report February 19 which found that a 4 decade old computer system without proper encryption and poorly trained employees helped expose the personal health information of approximately 1 million South Carolina Medicaid patients to the risk of cybertheft. The agency stated that it has implemented safety measures suggested in the report, which also found no evidence that any hacking of Medicaid data had occurred. Source: http://chronicle.augusta.com/news/government/2016-02-19/sc-medicaid-computer-breach-exposes-data-1-million

• Check Point researchers discovered that eBay’s platform was susceptible to a JSF*** cross-site scripting (XSS) attack that was exploited in the wild and allowed attackers to convert the site’s JavaScript syntax into the JSF*** non-standard character set and insert it in the product description field. – Softpedia See item 15 below in the Information Technology Sector

Financial Services Sector

3. February 18, U.S. Securities and Exchange Commission – (International) VimpelCom to pay $795 million in global settlement for FCPA violations. The U.S. Securities and Exchange Commission (SEC) announced February 18 that VimpelCom Ltd., agreed to pay a total of $795 million to the SEC, U.S. Department of Justice, and Dutch regulators to resolve its violations of the Foreign Corrupt Practices Act (FCPA) after the company paid an Uzbek government official tied to the president of Uzbekistan at least $114 million in bribes while attempting to enter the Uzbek telecommunications market and obtain government-issued licenses, frequencies, channels, and number blocks. VimpelCom Ltd., funneled the bribes through sham contracts and charitable contributions. Source: https://www.sec.gov/news/pressrelease/2016-34.html

4. February 18, Bowling Green Daily News – (Tennessee) BG man convicted in federal wire fraud in Tennessee. The U.S. District Court in Eastern Tennessee announced February 18 that a Bowling Green, Kentucky man was found guilty for his role in a $15 million Ponzi scheme after he impersonated a legitimate coal purchaser for New Century Coal and structured financial transactions to conceal the diversion of more than 160 investor’s funds into accounts used to pay for gambling trips, thoroughbred horses, racing cars, and other personal expenses from 2011 – 2014. Nine other co-defendants pleaded guilty to charges in connection with the scheme.

Information Technology Sector

15. February 19, Softpedia – (International) JSF***eBay XSS bug exploited in the wild, despite the company’s fix. Security researchers from Check Point discovered that eBay’s platform was susceptible to a JSF*** cross-site scripting (XSS) attack that was exploited in the wild and allowed attackers to convert the site’s JavaScript syntax into the JSF*** non-standard character set, disguise the code to pass through eBay’s XSS filters, and store the character set in the product’s description, allowing the malicious code to execute and infect a system once the victim opens the eBay store. Source: http://news.softpedia.com/news/jsf-ebay-xss-bug-exploited-in-the-wild-despite-the-company-s-fix-500651.shtml

16. February 19, SecurityWeek – (International) Google pays $25,000 reward for critical Chrome flaw. Google released an updated version for its Chrome Web browser affecting Microsoft Windows, Apple Mac, and Linux systems after a security researcher found a flaw in the Blink Web browser engine and Chrome sandbox escape.

17. February 18, SecurityWeek – (International) “Locky” ransomware encrypts unmapped network shares. Security researchers from BleepingComputer discovered that a new ransomware named Locky uses the Advanced Encryption Standard (AES) encryption algorithm to target certain file extensions after it creates and assigns a unique 16 hexadecimal number to a victim’s computer and scans all unmapped network shares and drives for files to encrypt. The ransomware renames encrypted files to [unique_id][identifier].locky and deletes all Shadow Volume Copies to prevent victims from restoring encrypted files. Source: http://www.securityweek.com/locky-ransomware-encrypts-unmapped-network-shares

Communications Sector

Nothing to report