Thursday, March 3, 2016



Complete DHS Report for March 3, 2016

Daily Report                                            

Top Stories

•The U.S. Department of Justice announced that the former chief executive officer (CEO) of Chesapeake Energy Corp was charged March 1 with conspiring to rig bids to buy oil and natural gas leases in Oklahoma from 2007 to 2012. – Reuters

1. March 2, Reuters – (Oklahoma) Former Chesapeake CEO charged with bid-rigging of land leases. The U.S. Department of Justice announced that the former chief executive officer (CEO) of Chesapeake Energy Corp was charged March 1 with conspiring to rig bids to buy oil and natural gas leases in Oklahoma by allegedly setting up a conspiracy involving two energy companies that agreed not to bid against each other in purchasing oil and natural gas leases in northwest Oklahoma from 2007 to 2012. Source: http://www.reuters.com/article/us-usa-crime-mcclendon-idUSKCN0W35Y7

•Five New York residents were arrested in Rhode Island February 27 and March 1 after authorities found a total of 309 stolen credit cards and gift cards in the suspects’ vehicles during traffic stops. – WJAR 10 Providence See item 6 below in the Financial Services Sector

•Crews worked to contain an ethanol leak from a tanker that derailed on a Norfolk Southern line in the town of Ripley, New York, March 1. – Associated Press

7. March 2, Associated Press – (New York) Train derails in Ripley, NY; homes evacuated due to ethanol tanker leak. Crews worked to contain an ethanol leak from a tanker that was part of 16 cars on a freight train that derailed on a Norfolk Southern line in the town of Ripley, New York, March 1. Officials stated that 25 to 30 people were evacuated as a precaution while cleanup work continued. Source: http://www.syracuse.com/state/index.ssf/2016/03/train_derails_in_ripley_ny_crews_working_to_contain_ethanol_tanker_leak.html

•Federal authorities announced March 1 that Qualcomm Incorporated agreed to pay $7.5million to settle charges after officials found that the company provided full-time employment, paid internships, and kickbacks to Chinese government officials and their relatives in order to obtain business at government-owned telecom companies in China. –U.S. Securities and Exchange Commission See item 20 below in the Communications Sector

Financial Services Sector

6. March 1, WJAR 10 Providence – (Rhode Island; Virginia) Police seize at least 250 stolen credit cards in West Greenwich, Cranston. Five New York residents were arrested in Rhode Island February 27 and March 1 after authorities found a total of 309 stolen credit cards and gift cards in the suspects’ vehicles during traffic stops. Three of the culprits used the stolen credit cards to purchase $19,000 worth of merchandise in Virginia and the remaining two suspects used the stolen credit cards to purchase additional gift cards at local Stop & Shop Supermarkets. Source: http://turnto10.com/news/local/police-seize-at-least-250-stolen-credit-cards-in-west-greenwich-cranston

Information Technology Sector

15. March 2, Agence France-Presse – (International) NSA chief worries about cyber attack on US infrastructure. The U.S. National Security Agency chief warned March 1 that attackers may try to execute a cyberattack against U.S. infrastructure similar to a 2015 Ukrainian incident in which a computer virus caused the networks of several regional electricity companies to go offline, and caused power grid failures throughout the country. Officials reported that partnerships between the public and private sectors were key to preventing such attacks.

16. March 1, SecurityWeek – (International) Kaspersky launches Targeted Attack protection platform. Kaspersky Lab released its new solution, Kaspersky Anti Targeted Attack Platform which can help companies reduce the risk of advanced threats and targeted attacks, detect security breaches and attempts to penetrate entities’ networks, and help organizations take immediate mitigation actions. The platform also helps predict where new targeted attacks will occur via an Advanced Sandbox, which provides an isolated environment for analysis of suspicious objects, as well as via a Targeted Attack Analyzer, which leverages data processing and machine learning technology to assess events and combine feedback from various analysis engines. Source: http://www.securityweek.com/kaspersky-launches-targeted-attack-protection-platform

17. March 1, SecurityWeek – (International) Microsoft unveils Advanced Threat Protection service. Microsoft released its new service titled, Windows Defender Advanced Threat Protection which is designed to help organizations detect, investigate, and respond to advanced attacks on organizations’ networks and will bring a post-breach layer of protection to the Windows 10 security platform by using Windows behavior sensors, cloud-based security analytics, and threat intelligence.

18. March 1, SecurityWeek – (International) Google’s DLP for Gmail adds optical character recognition. Google Inc., reported it will be releasing a new set of features for its Data Loss Prevention (DLP) for Gmail which will help administrators set DLP policies to analyze common image types and extract text for policy evaluation, in addition to improving attachment scanning, setting new predefined content detectors, and increasing control over content detection thresholds through new features such as Optical character recognition (OCR).

19. March 1, Help Net Security – (International) BluVector 2.0: Machine-learning malware detection. Acuity Solutions reported it will be releasing its BluVector version 2.0, a malware detection solution, which will help companies identify threats, find previously unclassified and undetected attacks, and help security analysts understand how their organizations are being targeted within milliseconds. The threat detection appliance analyzes files from the Hypertext Transfer Protocol (HTTP), Simple Mail Transfer Protocol (SMTP), and File Transfer Protocol (FTP) protocols using BluVector’s machine-learning classification engine and extracts features from each file to determine if the file is malicious based on the device’s knowledge of benign and malicious files. Source: https://www.helpnetsecurity.com/2016/03/01/bluvector-2-0-machine-learning-malware-detection/

Communications Sector
 
20. March 1, U.S. Securities and Exchange Commission – (International) SEC: Qualcomm hired relatives of Chinese officials to obtain business. The U.S. Securities and Exchange Commission announced March 1 that Qualcomm Incorporated agreed to pay $7.5 million to settle charges that it violated the Foreign Corrupt Practices Act (FCPA) after the company provided full-time employment and paid internships to relatives of Chinese government officials in order to obtain business at government-owned telecom companies in China. Qualcomm Inc., also provided the officials with gifts, travel, and entertainment and misrepresented the bribes as legitimate business expenses in its records. Source: https://www.sec.gov/news/pressrelease/2016-36.html

Wednesday, March 2, 2016



Complete DHS Report for March 2, 2016

Daily Report                                            

Top Stories

•Federal authorities are working with Minnesota and Wisconsin State health officials to investigate an outbreak of food borne illness, and advised consumers to avoid eating any alfalfa sprouts produced by Jack & The Green Sprouts February 25 following seven cases of E. coli illness. – U.S. Food and Drug Administration

11. February 29, U.S. Food and Drug Administration – (National) Jack and the Green Sprouts, Inc. is voluntarily recalling Alfalfa and Alfalfa Onion Sprouts. Minnesota State health officials, Wisconsin State health officials, the U.S. Food and Drug Administration, and the U.S. Centers for Disease Control and Prevention are investigating an outbreak of food borne illness February 25 after routine disease monitoring found seven E. coli illness cases had the same DNA fingerprint. Officials are working to collect samples to determine the source of the outbreak and advised consumers to avoid eating any alfalfa sprouts produced by Jack & The Green Sprouts. Source: http://www.fda.gov/Safety/Recalls/ucm488347.htm

•A former Florida sewage plant worker was arrested February 29 after setting his car on fire in the West Palm Beach sewage plant lot and claiming that he had placed bombs at both the plant and the Riviera Beach Utility District. – Palm Beach Post

12. February 29, Palm Beach Post – (Florida) Police: Ex-employee set car on fire, made bomb threats in WPB, Riviera. A former sewage plant worker was arrested February 29 after setting his car on fire in the West Palm Beach sewage plant lot and claiming that he had placed bombs at both the West Palm Beach plant and the Riviera Beach Utility District, forcing an evacuation of the utility district. A device found at the West Palm Beach plant was deemed a hoax and the site was declared safe. Source: http://www.palmbeachpost.com/news/news/bomb-threat-at-riviera-water-treatment-plant-fire-/nqZmx/

•Myrtle Beach, South Carolina city officials announced a 50,000-gallon sewage spill February 28 was caused by a failed air release valve on a sewer force main that leaked into a nearby drainage ditch. – WBTW 13 Florence

13. February 29, WBTW 13 Florence – (South Carolina) 50,000 gallons of raw sewage spills in Myrtle Beach, cleanup underway. Myrtle Beach city officials announced a 50,000-gallon sewage spill, near the Kampgrounds of America campground February 28 was caused by a failed air release valve on a sewer force main that leaked into a nearby drainage ditch. Crews stopped the leak, disinfected the drainage ditch, and worked to repair the air release valve February 29. Source: http://counton2.com/2016/02/29/50000-gallons-of-raw-sewage-spills-in-myrtle-beach-cleanup-underway/

•A student at Madison Junior-Senior High School in Butler County, Ohio, was arrested and charged after entering the school and opening fire, leaving 4 students injured. – WLWT 5Cincinnati

14. March 1, WLWT 5 Cincinnati – (Ohio) 4 hurt, 14-year-old student charged in Madison Jr/Sr High School shooting. A student at Madison Junior-Senior High School in Butler County, Ohio, was arrested and charged after entering the school and opening fire during lunch in the cafeteria, leaving 4 students injured. The suspect ran from the campus and dropped the weapon before being apprehended by police. Source: http://www.wlwt.com/news/report-of-2-people-shot-at-madison-high-school/38252402

Financial Services Sector

Nothing to report

Information Technology Sector

18. March 1, SecurityWeek – (International) Qualys launches threat intelligence solution. Qualys, a cloud security and compliance solutions provider, reported that its new ThreatPROTECT solution will let clients visualize, prioritize, and take action to minimize exposure from related vulnerabilities by collecting data via Qualys scanners and Qualys Cloud Agents, which will compare the data with Real-Time Threat Indicators (RTI) and provide clients with insights into which vulnerabilities should be addressed first. Source: http://www.securityweek.com/qualys-launches-threat-intelligence-solution

19. February 29, SecurityWeek – (International) Buggy ESET update blocks many websites. ESET released version 13103 for its virus signature database after the company received complaints that version 13102 prevented thousands of endpoint users from accessing important Web sites such as eBay, Amazon, MSN, Google, and several news sources, due to false detection of JS/ScrInject.B and HTML/Refresh.BC trojan infections. Source: http://www.securityweek.com/buggy-eset-update-blocks-many-websites

Communications Sector

Nothing to report