Thursday, June 16, 2016



Complete DHS Report for June 16, 2016

Daily Report                                            

Top Stories

• Georgia Power announced June 13 that it will spend up to $2 billion closing 29 of its toxic coal ash ponds across the State within 3 years to keep lead, arsenic, and other heavy metals in the ash from the groundwater. – Atlanta Journal-Constitution

3. June 13, Atlanta Journal-Constitution – (Georgia) Georgia Power to close ash lagoons sooner, could cost $2 billion. Georgia Power announced June 13 that it will spend up to $2 billion closing 29 of its toxic coal ash ponds across the State within 3 years. The company stated that ash from 16 of the ponds will be completely removed, added to other ponds and landfills, or recycled while the remaining 13 ponds will be closed in place with concrete barriers and other preventative measures to keep lead, arsenic, and other heavy metals in the ash from the groundwater. Source: http://www.ajc.com/news/business/georgia-power-to-close-ash-lagoons-sooner-could-co/nrfsc/

• A 3-alarm fire June 14 at a warehouse serving Gemini Plastic Enterprises Inc., in Maywood caused a series of strong explosions, knocked out power to more than 3,100 residents, and forced about 300 workers and area residents to be evacuated from their homes until at least June 15. – Southern California City News Service

5. June 14, Southern California City News Service – (California) 300 evacuated after ‘fireballs’ explode in giant Maywood blaze. A 3-alarm fire June 14 at a warehouse serving Gemini Plastic Enterprises Inc., in Maywood, California caused a series of strong explosions, knocked out power to more than 3,100 Southern California Edison customers, and forced about 300 workers and area residents to be evacuated from their homes until at least June 15 while HAZMAT crews worked to clear the scene. Officials from the South Coast Air Quality Management District issued a smoke advisory for the region and authorities worked to assess the air quality as the building housed metals, chemicals, and propane. Source: http://mynewsla.com/crime/2016/06/14/fireballs-explode-in-massive-3-alarm-fire-at-plastics-warehouse-200-evacuated/

• A June 14 fire at the Briar Pointe Apartments in Wharton damaged 55 apartment units, displaced 81 residents, and prompted 75 firefighters to remain on site for about 6 hours. – KTRK 13 Houston

24. June 15, KTRK 13 Houston – (Texas) 55 units damaged during massive Wharton apartment fire. A June 14 fire at the Briar Pointe Apartments in Wharton damaged 55 apartment units, displaced 81 residents, prompted 75 firefighters to remain on site for about 6 hours containing the incident. Ten firefighters were injured and officials were investigating the cause of the fire. Source: http://abc13.com/news/55-units-damaged-during-massive-wharton-apartment-fire/1386295/

• Disney officials reported June 15 that all of its resort beaches were closed out of an abundance of caution after an alligator attacked and dragged a boy into a lagoon outside the Grand Floridian hotel June 14. – CNN

25. June 15, CNN – (Florida) Disney gator attack: 2-year-old believed dead as rescue turns to recovery. Disney officials reported that all its resort beaches were closed out of an abundance of caution June 15 after an alligator attacked and dragged a boy into a lagoon outside the Grand Floridian hotel June 14. Authorities were searching to find the missing boy. Source: http://www.cnn.com/2016/06/15/us/alligator-attacks-child-disney-florida/index.html

Financial Services Sector

8. June 14, WJLA 7 Washington, D.C. – (Virginia) Serial bank robber ‘The Forever Loyal Bandit’ arrested in Virginia, police say. The “Forever Loyal Bandit” was arrested June 14 in Fairfax County, Virginia, after he allegedly committed six bank robberies and one attempted robbery in Fairfax and Arlington counties since June 2014. Source: http://wjla.com/news/crime/serial-bank-robber-the-forever-loyal-bandit-arrested-in-virginia-police-say

Information Technology Sector

19. June 15, Softpedia – (International) Hacker steals 45 million records from 1,100 home, sports and tech support forums. VerticalScope.com reported that its system was compromised in February after a hacker stole over 45 million user records from its database which contained details from over 1,100 tech, home, and sport support portals. Source: http://news.softpedia.com/news/hacker-steals-45-million-records-from-1-100-home-sports-and-tech-support-forums-505253.shtml

20. June 15, SecurityWeek – (International) APT group uses Flash zero-day to attack high-profile targets. Security researchers from Kaspersky Lab reported that a new advanced persistent threat (APT) group dubbed, “ScarCruft” was using a Flash Player zero-day vulnerability and Microsoft XML Core Services (MSXML) vulnerability to target high-profile people through a campaign dubbed “Operation Daybreak” and “Operation Erebus.” Kaspersky stated they will release more details on the campaigns after Adobe releases a patch. Source: http://www.securityweek.com/apt-group-uses-flash-zero-day-attack-high-profile-targets

21. June 15, The Register – (International) SAP patch batch includes fix for 3-year-old info disclosure vuln. SAP released patches for its Business Intelligence and Business Warehouse products, which addressed a three-year-old flaw and more than 20 vulnerabilities including a directory traversal vulnerability that can be exploited to access any file on the operating system (OS) and obtain critical data about the company’s finances. Source: http://www.theregister.co.uk/2016/06/15/sap_patch_batch_fixes_3_yr_old_vuln/

22. June 14, SecurityWeek – (International) Microsoft patches critical flaws in Windows, Edge, Office. Microsoft released 16 security bulletins which patched about 40 vulnerabilities in its Windows, Edge, Internet Explorer, Office, and Exchange Server products after security researchers found a remote attacker could exploit a use-after-free vulnerability for arbitrary code execution by sending a specially crafted request to the targeted Doman Name System (DNS) server. Other patched vulnerabilities included privilege escalation flaws, remote code execution (RCE) flaws, and a denial-of-service (DoS) flaw, among others. Source: http://www.securityweek.com/microsoft-patches-critical-flaws-windows-edge-office

23. June 14, Softpedia – (International) Flash security patch coming in two days to fix zero-day used in live attacks. Adobe announced that they will release an emergency patch June 16 that will fix a zero-day vulnerability affecting all Flash Player installations after security researchers from Kaspersky found the flaw was used in targeted attacks and exploited in the wild. An attacker could exploit the flaw to crash a Flash Player installation, enabling a hacker to run malicious code on the user’s system and control the machine. Source: http://news.softpedia.com/news/flash-security-patch-coming-in-two-days-to-fix-zero-day-used-in-live-attacks-505243.shtml

Communications Sector

Nothing to report