Complete DHS Report for November 20, 2014
Daily Report
Top Stories
• A fire and
explosion at Santa Clara Waste Water Co. in Santa Paula, California, November
18 shut down all lanes of Highway 126 for several hours, sent at least 46
people to hospitals for symptoms, and shut down 2 schools when approximately
1,000 gallons of an unknown chemical spilled and released a vapor cloud after a
vacuum truck exploded at the facility.– Ventura County Star
18. November 18, Ventura County Star – (California)
Santa Paula chemical explosion causes injuries, evacuations, road closures. A
fire and explosion at Santa Clara Waste Water Co., in Santa Paula shut down all
lanes of Highway 126 between Peck and Well roads for several hours November 18,
sent at least 46 people to hospitals for symptoms, and shut down 2 schools when
approximately 1,000 gallons of an unknown type of organic peroxide spilled and
released a vapor cloud after a vacuum truck exploded at the facility. A
mandatory evacuation was ordered for residents and businesses within a mile of
the scene. Source: http://www.vcstar.com/news/local-news/ventura/officials-working-to-decontaminate-people-at-vcmc-exposed-to-substance-in-santa-paula-explosion_29956958
• Two individuals were indicted by the U.S.
Attorney’s office November 17 for allegedly stealing the identities of roughly
1,400 Detroit patients while employed at Henry Ford West Bloomfield Hospital
and DMC Harper Hospital and using the patients’ personal information to file
about $489,000 in fake tax refunds. – Detroit Free Press (See item 21)
21. November
18, Detroit Free Press – (Michigan) Feds: Identity thieves hit 2
metro Detroit hospitals. The U.S. Attorney’s office unsealed an indictment
November 17 charging 2 individuals for allegedly stealing the identities of
roughly 1,400 Detroit patients while employed at Henry Ford West Bloomfield
Hospital and DMC Harper Hospital, and using the patients’ personal information
to file about $489,000 in fake tax refunds. The pair lived together in
Farmington Hills and authorities found bank records, credit cards, and hospital
patient records at the home in January. Source: http://www.freep.com/story/news/local/michigan/2014/11/18/hospital-identity-theft-metro-detroit/19239853/
• Microsoft released
an out-of-band patch November 18 to close a vulnerability in Microsoft Windows
Kerberos KDC that could allow an attacker to elevate unprivileged domain user
account privileges to domain administrator privileges. – See item 28 below in the Information Technology Sector
• A 4-alarm fire
broke at the Columbus Farmers Market in Springfield Township, New Jersey,
inside Building No. 4 November 18 and destroyed at least 10 businesses and
caused substantial damage to the structure. – Times of Trenton
35. November
18, Times of Trenton – (New Jersey) Four-alarm blaze destroys building at historic
Columbus Farmers Market in Burlington. A 4-alarm fire inside Building No. 4
at the Columbus Farmers Market in Springfield Township November 18 destroyed at
least 10 businesses housed within the structure. The market was closed at the
time of the fire and employees were safely evacuated. Source: http://www.nj.com/mercer/index.ssf/2014/11/four-alarm_blaze_destroys_building_at_historic_columbus_farmers_market_in_burlington_county.html
Financial Services Sector
5. November
19, WNBC 4 New York City – (New Jersey) Man stopped for stealing $17
worth of gas caught with 205 fake credit cards. A Brooklyn, New York man
who was pulled over by New Jersey State Troopers in Woodbridge Township, New
Jersey, on suspicion of gasoline theft was found in possession of 205
fraudulent payment cards with a value of around $100,000 November 11 after a
search of his vehicle. The man was later charged with possession and use of a
fraudulent credit card and theft of services. Source: http://www.nbcnewyork.com/news/local/Fake-Credit-Card-Gas-Station-Theft-Gianni-Simon-New-Jersey-New-York-283087031.html
6. November
18, Bloomberg News – (New York) Broker pleads guilty in IBM acquisition insider
scheme. A former stockbroker pleaded guilty November 18 to his role in an
insider trading scheme that originated in a tip from a New York law firm over
the acquisition of SPSS Inc., by International Business Machines Corp. The stockbroker
was charged with making around $300,000 in illicit profits from the scheme that
involved three others who have pleaded guilty and one other who was allegedly
involved. Source: http://www.businessweek.com/news/2014-11-18/broker-pleads-guilty-to-role-in-ibm-acquisition-insider-scheme
7. November
18, KXTV 10 Sacramento – (California) FBI seeks ‘Bad Breath Bandit’
in Northern California. The FBI is seeking information related to the
suspect known as the “Bad Breath Bandit” believed to be responsible for three
bank robberies in the northern California region. The suspect’s most recent
robbery occurred November 13 at a Tri Counties Bank branch in Durham, while the
previous robberies occurred September 25 and June 17. Source: http://www.news10.net/story/news/local/california/2014/11/18/fbi-seeks-bad-breath-bandit-in-northern-california/19231739/
8. November
18, U.S. Attorney’s Office, Southern District of Florida – (Florida)
Seventeen charged today in connection with stolen identity tax refund fraud
scheme involving student financial services accounts. Federal authorities
arrested 17 individuals November 18 for their alleged involvement in a stolen
identity tax refund fraud scheme that used services provided by Higher One
Inc., to Miami Dade College students in Florida and resulted in total intended
losses of $1.9 million. The alleged organizers of the scheme also sought to use
students’ Higher One accounts to commit federal benefit fraud, including Social
Security fraud. Source: http://www.fbi.gov/miami/press-releases/2014/charged-today-in-connection-with-stolen-identity-tax-refund-fraud-scheme-involving-student-financial-services-accounts
For another story, see item 21 above in Top Stories
Information Technology Sector
27. November
19, Securityweek – (International) Advanced variant of “NotCompatible” Android
malware a threat to enterprises. Researchers with Lookout identified a new
variant of the NotCompatible trojan for Android dubbed NotCompatible.C which
includes several changes to avoid detection by security software, including
encrypted communications and geographically distributed command and control
(C&C) servers. The malware is being spread by spam emails and compromised
Web sites and acts as a proxy on infected systems. Source: http://www.securityweek.com/advanced-variant-notcompatible-android-malware-threat-enterprises
28. November
18, Securityweek – (International) Microsoft fixes critical Kerberos flaw under
attack with out-of-band patch. Microsoft released an out-of-band patch
November 18 to close a vulnerability in Microsoft Windows Kerberos KDC that
could allow an attacker to elevate unprivileged domain user account privileges
to domain administrator privileges. The vulnerability has been exploited in
limited, targeted attacks and users were advised to apply the patch as soon as
possible due to the critical nature of the vulnerability. Source: http://www.securityweek.com/microsoft-fixes-critical-kerberos-flaw-under-attack-out-band-patch
29. November
18, SC Magazine – (International) Apple releases OS X Yosemite and iOS updates.
Apple released updates November 18 for its OS X Yosemite operating system
and iOS 8 mobile operating system, adding improvements and closing an unlimited
passcode attempt vulnerability in iOS 8. Source: http://www.scmagazine.com/apple-releases-updates-for-os-x-and-ios/article/383995/
30. November
18, Securityweek – (International) Flashpack exploit kit uses ad networks to
deliver Cryptowall, Dofoil malware. Trend Micro researchers identified a
malicious advertisement campaign that uses free ads to attempt to redirect
users to a page hosting the Flashpack exploit kit, which then attempts to serve
a variant of the Dofoil trojan or the Cryptowall ransomware. Source: http://www.securityweek.com/flashpack-exploit-kit-uses-ad-networks-deliver-cryptowall-dofoil-malware
31. November
18, Softpedia – (International) Legit Windows Phone apps can be replaced by
malicious ones through copy/paste. A researcher reported that rogue
versions of legitimate apps can be installed onto Windows Phone mobile devices
after the installation of the legitimate app by replacing the files with the
rogue app files. Source: http://news.softpedia.com/news/Legit-Windows-Phone-Apps-Can-Be-Replaced-By-Malicious-Ones-Through-Copy-Paste-465311.shtml
Communications Sector
32. November 19, Kennewick
Tri-City Herald – (Washington) Investigators probe Kennewick
radio transmitter arson, offer $10,000 reward. Authorities are searching
for the suspects responsible for November 15 arson fire at a radio transmitter
station in Kennewick that caused more than $100,000 in damages, destroyed
equipment, and knocked three local radio stations off the air. One station
remains off air indefinitely while authorities continue to investigate the
incident. Source: http://www.tri-cityherald.com/2014/11/18/3266962/investigators-probe-kennewick.html