Monday, March 7, 2016



Complete DHS Report for March 7, 2016

Daily Report                                            

Top Stories

• Montana officials reported March 3 that a pipe below a holding pond in Big Sky spilled an estimated 35 million gallons of treated sewage water into the West Fork of the Gallatin River. – Bozeman Daily Chronicle

11. March 4, Bozeman Daily Chronicle – (Montana) Sewage pond spills 35 million gallons into Gallatin. The Montana Department of Environmental Quality reported March 3 that there was no indication of potential public health issues after a pipe below a holding pond in Big Sky, Montana, spilled an estimated 35 million gallons of treated sewage water into the West Fork of the Gallatin River. Officials are investigating the cause of the spill. Source: http://www.bozemandailychronicle.com/news/environment/sewage-pond-spills-million-gallons-into-west-gallatin-river/article_e1f9b069-6b8b-582c-880b-92f2c5e8a1d0.html

• A bomb threat received by an employee at Cony High School prompted the closure of all Augusta, Maine-area schools March 4 after an email specified that there was a bomb at schools in the area. – Kennebec Journal/Waterville Morning Sentinel

14. March 4, Kennebec Journal/Waterville Morning Sentinel – (Maine) ‘Someone other than a student’ may have emailed Augusta schools bomb threat. An emailed bomb threat received by an employee at Cony High School prompted the closure of all Augusta-area schools March 4 after the email specified that there was a bomb at schools in the area. Police spent 5 hours searching all city schools before issuing an all clear once nothing suspicious was found. Source: https://www.centralmaine.com/2016/03/04/bomb-threat-closes-augusta-schools/

• The budget officer for the Northboro-Southboro School District in Massachusetts was arrested March 2 after he allegedly admitted to stealing $200,000 – $450,000 from the district’s petty cash account. – Worcester Telegram & Gazette

15. March 3, Worcester Telegram & Gazette – (Massachusetts) Northboro-Southboro school official accused of stealing up to $450K to fuel drug habit. The budget officer for the Northboro-Southboro School District in Massachusetts was arrested March 2 after allegedly admitting to stealing $200,000 – $450,000 from the district’s petty cash account by depositing reimbursement checks from various school districts and vendors into the petty cash account and writing checks out to cash, which he used for personal expenses.

• The Alexander Lofts building and an adjacent law office in West Palm Beach, Florida, were both evacuated March 3 and closed for at least 3 days after a portion of the Loft’s brick wall collapsed. – WPEC 12 West Palm Beach

22. March 3, WPEC 12 West Palm Beach – (Florida) Alexander Lofts, law office closed after brick wall collapse. The Alexander Lofts building and an adjacent law office in West Palm Beach were both evacuated March 3 and closed for at least 3 days after a portion of the Loft’s brick wall collapsed. Seventy-six residents were displaced and the building will remain closed until repairs are completed.

Financial Services Sector

3. March 4, Framingham Patch – (Massachusetts) Framingham man pleads guilty to securities fraud. The former owner of Graduate Leverage LLC and co-portfolio manager of the GL Beyond Income Fund pleaded guilty March 3 to Federal charges after he issued dozens of fraudulent loans and diverted more than $15 million from the GL Beyond Income Fund into a Graduate Leverage operating account and a personal bank account. The former owner used the money to pay the operating costs of his businesses, personal expenses, and interest on previous loans from February 2013 – December 2014. Source: http://patch.com/massachusetts/framingham/framingham-man-pleads-guilty-securities-fraud-0

Information Technology Sector

19. March 4, Softpedia – (International) XSS on Fortinet’s login page let attackers log passwords in cleartext. A security researcher at Synetis found that Fortinet’s Single-Sign-On (SSO) login system contained a reflected cross-site scripting (RXSS) vulnerability that could allow attackers to insert malicious parameters in cleartext inside the login page’s Uniform Resource Locator (URL). Fortinet released a patch for the vulnerability. Source: http://news.softpedia.com/news/xss-on-fortinet-s-login-page-let-attackers-log-passwords-in-cleartext-501343.shtml

20. March 4, SecurityWeek – (International) Adobe to patch flaws in Reader, Acrobat. Adobe Systems reported March 3 that it will be releasing security updates March 8 to patch critical vulnerabilities in Microsoft Windows and Apple Mac versions of Acrobat and Reader.

21. March 3, SecurityWeek – (International) Chrome 49 released with 26 security fixes. Google released Chrome 49 to the stable channel for Microsoft Windows, Apple Mac, and Linux systems, containing 26 security fixes and several other improvements including fixes for a same-origin bypass flaw in Blink, a same-origin bypass flaw in Pepper Plugin, and an information leak flaw in Skia, among other vulnerabilities. Source: http://www.securityweek.com/chrome-49-released-26-security-fixes

For another story, see item 2 below from the Critical Manufacturing Sector

2. March 3, Softpedia – (International) Building automation software exposes company headquarters to attacks. Schneider Electric released version 1.7.1 of its Automation Server software patching two issues after an independent security researcher discovered that default hard-coded credentials in Schneider Electric’s Automation Server software 1.7.0 and prior versions could be used by unskilled remote attackers to gain control of stand-alone servers installed in the headquarters of companies to take control over the energy supply to a building, cut off an alarm system, and facilitate trespassing. The researcher also found that by using the default hard-coded credentials, attackers could circumvent a Linux operating system’s administrative controls and execute malicious code on the server.
Source: http://news.softpedia.com/news/building-automation-software-exposes-company-headquarters-to-attacks-501294.shtml

Communications Sector

Nothing to report