Complete DHS Report for November 29, 2016
Daily Report
Top Stories
• More than 9,000 gallons of fuel spilled from an overturned
tanker truck in Cape Coral, Florida, November 27 and caught fire, prompting
officials to evacuate all residents within a half-mile radius of the spill for
several hours. – WBBH 20 Fort Myers
1. November 28, WBBH 20
Fort Myers – (Florida) Leaking fuel tanker catches fire in Cape, causes
evacuations. More than 9,000 gallons of fuel spilled from an overturned
tanker truck on Del Prado Boulevard in Cape Coral, Florida, November 27 and
caught fire, prompting officials to evacuate all residents within a half-mile
radius of the spill for several hours. A portion of the road was shut down for
several hours while officials worked to clean up the gasoline and contain the
fire. Source: http://www.nbc-2.com/story/33800101/evacuations-begin-as-leaking-fuel-tanker-catches-fire-in-cape
• Officials reported November 26 that roughly 3,200 gallons of
sewage overflowed from a manhole on Kuhio Highway in Hanamaulu, Hawaii, into
Hanamaulu Stream. – Lihue Garden Island
12. November 27, Lihue
Garden Island – (Hawaii) Lanes closed after crash, sewage spill. Officials
from the Kauai County Public Works Department, Wastewater Division reported
November 26 that roughly 3,200 gallons of sewage overflowed from a manhole on
Kuhio Highway in Hanamaulu, Hawaii, into Hanamaulu Stream due to a
partially-blocked sewer line that crosses the stream along the highway.
Officials advised the public to avoid the water until further notice. Source: http://thegardenisland.com/news/local/lanes-closed-after-crash-sewage-spill/article_930bb5c7-c192-5f36-b511-bde4418906f7.html
• Officials from the Berkshire Medical Center in Massachusetts
reported November 23 that the personal information of 1,745 cardiology patients
may have been exposed after the records were discovered on thumb drives
recovered from a former employee of Ambucor Health Solutions. – Berkshire
Eagle
13. November 24,
Berkshire Eagle – (Massachusetts) Hundreds of BMC patients’ info found
on vendor’s thumb drives. Officials from the Berkshire Medical Center in
Pittsfield, Massachusetts, reported November 23 that the personal information
of 1,745 cardiology patients may have been exposed after the records were
discovered on thumb drives recovered from a former employee of Ambucor Health
Solutions, an outside service vendor. The thumb drive did not include patients’
Social Security numbers, Medicare, insurance, or financial information, and
officials stated there is no evidence the information was misused. Source: http://www.berkshireeagle.com/stories/hundreds-of-bmc-patients-info-found-on-vendors-thumb-drives,490304
• Fire crews from 25 States reached more than 50 percent
containment November 26 of almost all of the major wildfires burning in western
North Carolina. – WSOC 9 Charlotte
14. November 28, WSOC 9
Charlotte – (North Carolina) Rain to bring some relief to NC wildfires. Fire
crews from 25 States reached more than 50 percent containment November 26 of
almost all of the major wildfires burning in western North Carolina, including
77 percent containment of the 9,036-acre Boteler Fire and 90 percent
containment of the 7,145-acre Party Rock Fire. Burn bans remain in effect for
47 counties across North Carolina. Source: http://www.wsoctv.com/news/north-carolina/firefighters-make-progress-on-north-carolina-wildfires_/470603987
Financial Services Sector
See item 23 below from the Commercial Facilities
Sector
23. November 24,
Softpedia – (New York) Hackers hijack Madison Square Garden payment
systems, credit card data at risk. The Madison Square Garden Company
reported November 24 that it detected an attack on its payment system that may
have exposed the credit card information of all of its customers between
November 9, 2015 and October 24, 2016, including card numbers, verification
codes, cardholder names, and expiration dates. The firm stated the attack took
place outside of its network and did not leverage accessories attached to the
Point-of-Sale (PoS) systems, and the hack remains under investigation. Source:
http://news.softpedia.com/news/hackers-hijack-madison-square-garden-payment-systems-credit-card-data-at-risk-510472.shtml
Information Technology Sector
16. November 28,
SecurityWeek – (International) cURL security audit reveals several
vulnerabilities. The developer of cURL released version 7.51.0 to resolve a
total of 11 vulnerabilities following a security audit by Cure53, which
revealed the open source tool was plagued with 23 issues and 9 security flaws
including 4 high severity issues that could lead to remote code execution. Source:
http://www.securityweek.com/curl-security-audit-reveals-several-vulnerabilities
17. November 25,
SecurityWeek – (International) Cerber 5.0 ransomware uses new IP ranges.
Check Point security researchers discovered that version 5.0 of the Cerber
ransomware was released and now uses new Internet Protocol (IP) ranges for the
command and control (C&C) communication, skips 640 bytes when encrypting a
file, targets files that feature the secret extension, and no longer encrypts
files smaller than 2,560 bytes, among other new features. Check Point also
found that the ransomware leverages spam email campaigns and the Rig-V exploit
kit for distribution, and as with previous versions, Cerber 5.0 randomly
generates encrypted file extensions using four alphabetic numbers. Source: http://www.securityweek.com/cerber-50-ransomware-uses-new-ip-ranges
18. November 25,
SecurityWeek – (International) Flaws in Uber’s UberCENTRAL tool exposed
user data. A security researcher discovered several issues in Uber
Technologies Inc.’s UberCENTRAL service including a flaw that allows attackers
to enumerate users’ universally unique identifiers (UUIDs) by sending requests
with possible email addresses, and an issue that can be exploited to obtain
full names, phone numbers, and email addresses of customers, among other flaws.
Uber released patches for the flaws.
Communications Sector
19. November 25, Roseburg
News-Review – (Oregon) Telephone and internet outage affecting thousands
on coast, possible 911 outages. Approximately 15,000 Charter Communications
customers from Florence to Coos Bay, Oregon, were without telephone and
Internet service for roughly 9 hours November 25. Officials reported during the
outage, customers may not have been able to dial 9-1-1 from a landline, but
emergency services were reachable via cell phone. Source: http://www.nrtoday.com/news/local/north_county/reedsport/telephone-and-internet-outage-affecting-thousands-on-coast-possible-outages/article_ab5b8a6a-66d6-5510-9d60-f927ac38a821.html