Wednesday, March 30, 2016



Complete DHS Report for March 30, 2016

Daily Report                                            

Top Stories

• The U.S. Coast Guard worked March 29 to clean approximately 11,500 gallons of crude oil that spilled and reached the Bayou Teche while a tank was being filled at PSC Industrial Outsourcing in Louisiana March 28. – WAFB 9 Baton Rouge; Associated Press

1. March 29, WAFB 9 Baton Rouge; Associated Press – (Louisiana) Contractor reportedly cleaning more than 11,000 gallons of oil due to spill near Charenton. The U.S. Coast Guard was working to clean March 29 approximately 11,500 gallons of crude oil that spilled and reached the Bayou Teche while a tank was being filled at PSC Industrial Outsourcing in Louisiana March 28. The spill prompted a shelter in place advisory for nearby residents, the closure of LA 98, and the closure of the Bayou Teche to all commercial boat traffic between Jeanerette and Charenton for several hours. Source: http://www.ksla.com/story/31584484/charenton-sorrel-area-residents-under-shelter-in-place-advisory-due-to-chemical-spill

• A dust storm that passed through San Bernardino County March 28 led to a 15-car pileup near California 18 and Rabbit Springs Road that left 28 people injured. – Los Angeles Times

12. March 28, Los Angeles Times – (California) Dust storm triggers 15-vehicle pile-up in Lucerne Valley; 28 people injured. A dust storm that passed through San Bernardino County March 28 led to a 15-car pileup near California 18 and Rabbit Springs Road that left 28 people injured.

• Rainfall and melting snow led to the discharge of more than 49 million gallons of treated wastewater after 3 of Saginaw’s retention treatment basins overflowed March 24 – March 27. – Saginaw News

15. March 28, Saginaw News – (Michigan) 49 million gallons of treated sewage discharged into Saginaw River. Rainfall and melting snow led to the discharge of more than 49 million gallons of treated wastewater into the Saginaw River after 3 of Saginaw’s retention treatment basins overflowed beginning March 24 through March 27. Source: http://www.mlive.com/news/saginaw/index.ssf/2016/03/49_million_gallons_of_treated.html

• MedStar Health Inc., reported March 28 that a computer virus forced its records systems offline in Washington, D.C and Maryland, leaving patients unable to book appointments and locking staff out of email access. – Associated Press (See item 16)

16. March 29, Associated Press – (Maryland; Washington, D.C.) FBI probing virus behind outage at MedStar Health facilities. MedStar Health Inc., reported March 28 that a computer virus forced its records systems offline for thousands of patients and doctors in Washington, D.C and Maryland, leaving patients unable to book appointments and kept staff locked out of email accounts. The FBI is assisting in the investigation. Source: http://www.newscenter1.tv/story/31582141/fbi-probing-virus-behind-outage-at-medstar-health-facilities

Financial Services Sector

7. March 29, Softpedia – (National) TreasureHunt PoS malware linked to illegal credit card sharing forum. Researchers from FireEye reported that a new strain of point of sale (PoS) malware, dubbed TreasureHunt was being used by BearsInc, a cyber-crime group, to power its malicious campaign targeting small businesses and banks in the U.S. that have not yet transitioned to the new Europay, MasterCard, and Visa (EMV) chip and Personal Identification Number (PIN) card system. The new strain adds a registry key for boot persistence to a device, scans the device’s memory for credit card information, and encodes and sends the data to a command and control (C&C) server.

8. March 29, McDonough Henry Herald – (Georgia) Miami men arrested for possessing over 100 fraudulent bank cards. Two Florida men were arrested in Henry County, Georgia, March 22 after authorities found 187 fraudulent bank cards and 2 electronic card skimming devices in the pair’s vehicle after a Police Department K-9 unit detected the illicit materials during a traffic stop, prompting a search of the vehicle. Source: http://www.henryherald.com/news/miami-men-arrested-for-possessing-over-fraudulent-bank-cards/article_b7a3c22e-dfb4-5589-a9b7-22762fd24a66.html

9. March 28, U.S. Securities and Exchange Commission – (New York) Securities professional charged with defrauding institutional investors. The U.S. Securities and Exchange Commission charged a New York-based securities professional March 28 after he allegedly solicited approximately $95 million from 2 institutional investors by offering promissory notes issued by Irving Place III SPV LLC, a shell entity with no legitimate business operations, obtained a $25 million investment in November 2015 and used the funds for personal use, and attempted to solicit an additional $70 million from 2 investors using false and misleading statements. The U.S. Attorney’s Office for the Southern District of New York announced March 28 parallel criminal charges against the securities officer. Source: https://www.sec.gov/news/pressrelease/2016-58.html

10. March 28, KHON 2 Honolulu – (International) Honolulu man arrested in credit card scheme involving cyber black market. FBI officials arrested a man from Hawaii March 28 after he allegedly purchased information on the cyber black market to obtain credit cards from Russia, China, and Vietnam as part of an elaborate scheme that used online credit card applications, temporary mail forwarding requests, burner phones, and shopping sprees to steal the identities of over 40 people, open 80 bank accounts with the stolen information, and accumulate over $100,000 in fraudulent credit card activity. Source: http://khon2.com/2016/03/28/fbi-arrests-honolulu-man-for-credit-card-fraud/

Information Technology Sector

21. March 28, Softpedia – (International) Flaw in Truecaller Android app leaves data of millions of users exposed. Security researchers from Cheetah Mobile Security Research Lab discovered a remotely exploitable flaw in the Truecaller app that exposed the personal information of millions of users and could allow attackers to modify users’ account settings through the application’s international mobile equipment identity (IMEI) code. Attackers could write scripts through query random IMEI codes to collect a user’s data and subsequently, use the collected data in spam or phishing campaigns.

22. March 28, SecurityWeek – (International) Zen Cart patches multiple XSS vulnerabilities. Zen Cart released an updated version to its online open source shopping cart application, Zen Cart 1.5.4 that patched several cross-site scripting (XSS) vulnerabilities after researchers from Trustwave found the flaws in the administrative section of Zen Cart that could result in access to cookies, sensitive information, or site defacement. Researchers advised users to upgrade their software to the latest version to avoid the flaws. Source: http://www.securityweek.com/zen-cart-patches-multiple-xss-vulnerabilities

23. March 28, Softpedia – (International) Facebook fixes Instagram issue that allowed account takeover. A Belgian security researcher discovered critical flaws in Instagram that could have allowed an attacker to reset emails attached to an account and reset the account’s password after Facebook was discovered printing sensitive Instagram user information on the Web page. In addition, an Insecure Direct Object Reference vulnerability allowed unauthenticated users to access other users’ information and could potentially allow an attacker to do the same. Source: http://news.softpedia.com/news/facebook-fixes-instagram-issue-that-allowed-account-takeover-502277.shtml

For another story, see item 7 above in the Information Technology Sector

Communications Sector

24. March 28, CNBC – (National) Sprint struck with multistate network problems. Sprint Corporation announced March 28 that network issues prompted a loss of service for customers across several States. All services were restored after crews spent several hours resolving the issue.