Tuesday, October 18, 2016



Complete DHS Report for October 18, 2016

Daily Report                                            

Top Stories

• Crews restored power October 17 to nearly all 174,581 customers in the San Francisco Bay Area who were without power between October 13 and October 16 following severe storms in the area. – KRON 4 San Francisco

1. October 17, KRON 4 San Francisco – (California) Storm causes 200k power outages across Bay Area. Crews restored power October 17 to nearly all 174,581 customers in the San Francisco Bay Area who were without power between October 13 and October 16 following severe storms in the area. Source: http://kron4.com/2016/10/17/storm-causes-200k-power-outages-across-bay-area/

• A former accountant at an investment advising company in Massachusetts pleaded guilty October 14 to embezzling over $3.5 million from his employer between April 2011 and November 2015. – U.S. Attorney’s Office, District of Massachusetts See item 4 below in the Financial Services Sector

• Michigan Turkey Producers issued a recall October 15 for approximately 54,011 pounds of its turkey breast products sold in 3 variations due to potential contamination with an unidentified black material. – U.S. Department of Agriculture

12. October 15, U.S. Department of Agriculture – (Florida; Puerto Rico) Michigan Turkey Producers recalls turkey products due to possible foreign matter contamination. Michigan Turkey Producers issued a recall October 15 for approximately 54,011 pounds of its turkey breast products sold in 3 variations due to potential contamination with an unidentified black material discovered after the firm received a customer complaint. No injuries or illnesses have been reported and the products were shipped to a distribution center in Florida, as well as food services in Florida and Puerto Rico. Source: http://www.fsis.usda.gov/wps/portal/fsis/topics/recalls-and-public-health-alerts/recall-case-archive/archive/2016/recall-097-2016-release

• Tampa Electric officials discovered October 13 that about 14,400 gallons of diluted wastewater spilled into Hillsborough Bay near Tampa, Florida, after a Tampa Bay Water project damaged a domestic waterline. – Tampa Bay Times

15. October 14, Tampa Bay Times – (Florida) Big Bend project spills 14,000 gallons of wastewater into Hillsborough Bay. Tampa Electric officials discovered October 13 that roughly 14,400 gallons of diluted wastewater and groundwater spilled into Hillsborough Bay near Tampa, Florida, after a Tampa Bay Water project near the Big Bend Power Station damaged a domestic waterline. Officials do not believe the spill poses a risk to public health or safety. Source: http://www.tampabay.com/news/business/energy/big-bend-project-spills-14000-gallons-of-wastewater-into-hillsborough-bay/2298165

Financial Services Sector

4. October 14, U.S. Attorney’s Office, District of Massachusetts – (Massachusetts) Accountant pleads guilty to stealing $3.5 million from employer. A former accountant at an investment advising company in Massachusetts pleaded guilty October 14 to embezzling over $3.5 million from his employer between April 2011 and November 2015 after he made wire transfers in excess of $3 million from his employer’s accounts to his personal accounts and forged signatures on approximately 46 checks payable to himself totaling roughly $456,000. The charges state the accountant concealed his scheme by making fraudulent entries in his employer’s electronic accounting system and modifying online bank statements before forwarding them to his manager.

For another story, see item 19 below in the Information Technology Sector

Information Technology Sector

18. October 17, SecurityWeek – (International) Siemens patches flaws in SIMATIC, license manager products. Siemens released software updates addressing several vulnerabilities in its SIMATIC and Automation License Manager (ALM) products after Kaspersky Lab researchers discovered ALM was plagued with a critical path traversal issue that could allow a remote attacker to upload files to the disk, create and remove files, or move existing files via specially crafted packets, as well as a denial-of-service (DoS) flaw, and a Structured Query Language (SQL) injection flaw. Siemens also patched two low severity issues in its SIMATIC STEP 7 engineering software after Positive Technologies researchers found the flaws can be exploited by a local attacker to access sensitive information and to brute-force pre-shared keys that protect device-to-device communications. Source: http://www.securityweek.com/siemens-patches-flaws-simatic-license-manager-products

19. October 16, Softpedia – (International) Locky ransomware accounted for 97 percent of all malicious email attachments. Proofpoint released its Quarterly Threat Summary for quarter 3 (Q3) 2016, which reported that the Locky ransomware was found in 96.8 percent of all malicious spam email attachments and typically manifests itself as a ZIP file with a JavaScript file inside, Microsoft Office documents with malicious macro scripts, Hypertext Markup Language Application (HTA) files, or Microsoft Windows Script Files (WSF). The report also stated that banking trojans continue to be a pervasive threat, while exploit kit (EK) activity has decreased 65 percent since Q2. Source: http://news.softpedia.com/news/locky-ransomware-accounted-for-97-percent-of-all-malicious-email-attachments-509335.shtml

Communications Sector

20. October 14, Softpedia – (International) Mirai IoT DDoS trojan now targets cellular network equipment. Sierra Wireless warned customers October 13 that its Airlink wireless routers and gateways deployed with 3G and 4G LTE cellular networks are at risk of having their devices infected by the Mirai Internet of Things (IoT) trojan and employed in distributed denial-of-service (DDoS) attacks. The company reported that rebooting the gateway will remove the infection, as the malware is located in the memory. Source: http://news.softpedia.com/news/mirai-iot-ddos-trojan-now-targets-cellular-network-equipment-509310.shtml