Tuesday, May 26, 2015

Complete DHS Report for May 26, 2015

Daily Report

Top Stories

 · Officials ordered Amtrak May 21 to identify within 5 days, all curves that drop more than 20 mph in speed limit when approaching and to install an automatic control system that slows trains or come up with an acceptable alternative. – Philly.com

4. May 22, Philly.com – (National) Feds order Amtrak to improve safety on dangerous curves. The U.S. Federal Railroad Association ordered Amtrak May 21 to identify within 5 days, all curves that drop more than 20 mph in speed limit when approaching and to install an automatic control system that slows trains at the identified curves or come up with an acceptable alternative. Amtrak must submit a plan within 20 days. Source: http://www.philly.com/philly/business/20150522_Feds_order_Amtrak_to_improve_safety_on_dangerous_curves.html

 · New York’s Westchester County will pay roughly $22 million to settle a Federal government lawsuit that accused Westchester of having failed to comply the U.S. Environmental Protection Agency rule requiring public water systems to treat unfiltered surface water for cryptosporidium. – Reuters

9. May 21, Reuters – (New York) New York’s Westchester County settles U.S. water safety lawsuit, pays record fine. New York’s Westchester County will pay roughly $22 million to settle a 2013 Federal government lawsuit that accused Westchester of having failed to comply the U.S. Environmental Protection Agency rule requiring public water systems to treat unfiltered surface water for cryptosporidium exposing thousands of residents to greater risk of severe gastrointestinal illness since April 2012. Source: http://www.reuters.com/article/2015/05/21/us-newyork-westchester-water-decree-idUSKBN0O62KH20150521

 · A May 21 fire at the Louisiana State Police data center in Baton Rouge, Louisiana, shut down all automated systems at the Louisiana Department of Public Safety, including all motor vehicle offices in the State. – Associated Press

19. May 22, Associated Press – (Louisiana) Louisiana motor vehicle offices can’t process transactions after fire at data center. A May 21 fire at the Louisiana State Police data center in Baton Rouge shut down all automated systems at the Louisiana Department of Public Safety, including all motor vehicle offices in the State. Authorities worked to restore the system by May 22 and reported that the fire was caused due to an electrical malfunction, disrupted administrative processes, and shut down department-wide email and Internet systems. Source: http://www.nola.com/traffic/index.ssf/2015/05/fire_louisiana_dmv_baton_rouge.html

 · Officials adopted rules May 21 that ensure individuals who are blind or visually impaired can quickly access critical information shown on television in the event of an emergency. – U.S. Federal Communications Commission See item 24 below in the Communications Sector

Financial Services Sector

3. May 22, South Florida Sun-Sentinel – (International) South Florida men targeted seniors around the world in $28M sweepstakes fraud, feds say. Authorities arrested 4 individuals in connection to a sweepstakes fraud ring that allegedly bilked about $28 million from hundreds of thousands of victims internationally by targeting senior citizens with false notifications of sweepstake winnings that were guaranteed in exchange for small payments from the winners. Source: http://www.sun-sentinel.com/news/fl-sweepstakes-fraud-20150521-story.html

Information Technology Sector

21. May 22, Softpedia – (International) Apache Hive infrastructures vulnerable to authentication flaw in HiveServer2. Apache reported that a vulnerability in all versions of its HiveServer2 interface for Apache Hive enterprise data warehouse infrastructure in which users without proper credentials could gain access by exploiting a flaw in the Lightweight Directory Access Protocol (LDAP) authentication mode. The company recommended that users update to the newest version or disable unauthenticated binds in the LDAP service. Source: http://news.softpedia.com/news/Apache-Hive-Infrastructures-Vulnerable-to-Authentication-Flaw-in-HiveServer2-482001.shtml

22. May 22, Securityweek – (International) Flawed Android factory reset allows recovery of sensitive data: researchers. Security researchers at the University of Cambridge discovered that up to 500 million Android devices may not properly sanitize data partitions containing credentials and other personal data when users utilize the “factory reset” feature. Source: http://www.securityweek.com/flawed-android-factory-reset-allows-recovery-sensitive-data-researchers

23. May 22, Help Net Security – (International) mSpy finally admits they’ve been hacked. Officials from mSpy announced that their servers had been breached, and that data from 80,000 customers could have been stolen and leaked on the Dark Web. The software is intended for legal monitoring of individuals’ online and phone activity. Source: http://www.net-security.org/secworld.php?id=18420

Communications Sector

24. May 21, U.S. Federal Communications Commission – (National) FCC takes additional steps to make emergency information in TV programming accessible to individuals who are blind or visually impaired. The U.S. Federal Communications Commission adopted rules May 21 that ensure individuals who are blind or visually impaired can quickly access critical information shown on television in the event of an emergency by requiring that emergency information may be made accessible on secondary audio stream on tablets, smartphones, laptops, and similar devices when subscription television providers, such as cable and satellite operators, permit consumers to access programing over their networks using an app on these devices. These additional steps implement provisions of the Twenty-First Century Communications and Video Accessibility Act of 2010. Source: https://www.fcc.gov/document/fcc-adopts-cvaa-related-emergency-information-rules

25. May 21, Threatpost – (National) Charter communications fixes website data leak vulnerability. Charter Communications recently fixed a vulnerability that with its Web site that was inadvertently leaking information of tens of thousands of customers including payment details, modem serial numbers, device names, account numbers, home addresses. The vulnerability was found by researchers at Cinder and Blake Welsh. Source: https://threatpost.com/charter-communications-fixes-website-data-leak-vulnerability/112962

Friday, May 22, 2015

Complete DHS Report for May 22, 2015

While dated May 22, 2015 this report was not published until Tuesday, May 26, 2015 by the DHS!

Daily Report

Top Stories

 

 · Transocean Ltd., reached a settlement May 20 with the Plaintiffs Steering Committee for nearly $211.8 million involving 2 classes of businesses and individuals following the April 2010 drilling rig accident that killed 11 workers and released oil into the Gulf of Mexico for 87 days. – Associated Press

1. May 20, Associated Press – (National) A series of settlements in 2010 Gulf oil spill. Transocean Ltd., the owner of the Deepwater Horizon drilling rig, reached a settlement May 20 with the Plaintiffs Steering Committee for nearly $211.8 million involving 2 classes of businesses and individuals following the April 2010 drilling rig accident that killed 11 workers and released oil into the Gulf of Mexico for 87 days. BP, which leased the rig from Transocean, reached separate settlements with Transocean and the Halliburton Company. Source: http://news.yahoo.com/211m-settlement-reached-transocean-2010-oil-spill-215129824--finance.html

 

· ConAgra Foods agreed May 20 to pay $11.2 million to settle a 2007 Federal charge after traces of Salmonella were found in Peter Pan peanut butter produced at the company’s Sylvester, Georgia plant, resulting in at least 625 illnesses. – Associated Press

7. May 20, Associated Press – (Georgia) ConAgra to pay $11.2 million to settle charge - 4 - over tainted peanut butter. Omaha-based ConAgra Foods agreed May 20 to pay $11.2 million to settle a 2007 Federal charge after traces of Salmonella were found in Peter Pan peanut butter produced at the company’s Sylvester, Georgia plant, resulting in at least 625 illnesses across 47 States. Company officials reported that moisture from a leaky roof and a malfunctioning sprinkler system allowed Salmonella bacteria to grow on raw peanuts. Source: http://www.omaha.com/money/conagra-to-pay-million-to-settle-charge-over-tainted-peanut/article_c48f928c-ff0b-11e4-a067-4f113d778f28.html

 

· Miami-Dade police arrested 5 individuals May 20 for their alleged involvement in a pharmaceutical drug crime ring that netted approximately $6.5 million. – WPLG 10 Miami

13. May 20, WPLG 10 Miami – (Florida) 5 arrests in fight against widespread pharmaceutical fraud in Miami-Dade. Miami-Dade police arrested 5 individuals May 20 for their alleged involvement in a pharmaceutical drug crime ring that netted approximately $6.5 million, and involved the group purchasing drugs from patients and reselling them to manufacturers and pharmacies. Source: http://www.local10.com/news/3-arrests-in-widespread-pharmaceutical-fraud-in-miamidade/33125676

 

· CareFirst BlueCross BlueShield announced May 20 that 1.1 million clients in Maryland, Virginia, and Washington, D.C., had their personal information accessed in a June 2014 cyberattack on the health insurer’s Web site. – Washington Post

14. May 20, Washington Post – (Maryland; Virginia; Washington, D.C.) Cyberattack on CareFirst exposes data on 1.1 million customers in D.C., Md. and Va. CareFirst BlueCross BlueShield announced May 20 that 1.1 million current and former clients in Maryland, Virginia, and Washington, D.C., had their names, birth dates, email addresses, and subscriber identification numbers accessed in a June 2014 cyberattack on the health insurer’s Web site. Officials are investigating the nature and scope of the breach. Source: http://www.washingtonpost.com/blogs/the-switch/wp/2015/05/20/cyberattack-on-carefirst-exposes-data-on-1-1-million-customers-in-d-c-md-and-va/

Financial Services Sector

3. May 20, Miami Herald – (Florida) 31 arrested in organized insurance fraud scheme. Miami-Dade officials announced the arrest of 31 people May 20, involved in an alleged insurance fraud scheme that bilked insurance companies in Florida out of more than $7 million by intentionally setting fires and causing floods in homes across the State. Investigators reported that the individuals involved managed to stage 20 fires and 5 floods between 2011 and 2013 after being introduced to the homeowners through recruiters. Source: http://www.miamiherald.com/news/local/community/broward/article21530616.html

For additional stories, see item 21 below in the Information Technology Sector and item 26 below from the Commercial Facilities Sector

26. May 20, KCBS 2 Los Angeles – (California) 2 store owners charged in $1.3M cell phone insurance fraud scheme. The district attorney’s office in Los Angeles announced May 20 that 2 cell phone store owners in the county were charged for allegedly billing more than $1.3 million from an insurance company after filing false insurance claims for cell phones that were reported as stolen, lost, or damaged. The pair sold the replacement cell phones provided by the insurance company for a profit. Source: http://losangeles.cbslocal.com/2015/05/20/2-store-owners-charged-in-1-3m-cell-phone-insurance-fraud-scheme/

Information Technology Sector

20. May 21, Securityweek – (International) Hundreds of cloud services potentially vulnerable to Logjam attacks: Skyhigh. Skyhigh’s Service Intelligence Team found that 575 cloud services were potentially vulnerable to attacks following the discovery of the transport layer security (TLS) vulnerability dubbed Logjam which affects a number of cloud services. The vulnerability is caused as a result of the way the Diffie-Hellman (DHE) key exchange is deployed, and can be exploited by a man-in-the-middle (MitM) attacker to down grade TLS connections in order to gain access to the data. Source: http://www.securityweek.com/hundreds-cloud-services-potentially-vulnerable-logjam-attacks-skyhigh

21. May 20, Softpedia – (International) Amount of new malware strains more than doubled in second half of 2014. G Data researchers found that in the second half of 2014, hackers increased their malware threats as the amount of new strains grew to 125 percent, with the most prevalent being adware variants, which accounted for 31.4 percent of all threats. Researchers also determined that Vawtrak was the predominant banking trojan and focused on targets in the U.S., U.K., and Canada, in addition to new targets in France and Russia. Source: http://news.softpedia.com/news/Amount-of-New-Malware-Strains-More-than-Doubled-in-Second-Half-of-2014-481773.shtml

22. May 20, SC Magazine – (International) DDoS attacks increase and methods changed in Q1 2015, report says. Akamai released its Q1 2015 State of the Internet Report, which found that hackers are using lower bandwidth distributed denial of service (DDoS) attacks that occur more frequently and last longer, and that Simple Service Discovery Protocol (SSDP) attacks accounted for 20 percent of attack vectors. The report also found that the gaming industry was the most targeted industry, accounting for 35 percent of all attacks, and that more than 50 percent of all DDoS attacks targeted China, Germany, and the U.S. Source: http://www.scmagazine.com/q1-report-shows-uptick-in-low-bandwidth-ddos-attacks/article/415876/

23. May 20, Securityweek – (International) Apples fixes security bugs with first update for Watch OS. Apple released update 1.0.1 patching 13 vulnerabilities for its Watch operating system (OS), the iOS-based operating system that runs on the Apple Watch, addressing certain components including, the Secure Transport, kernel, Foundation framework, FontParser, IOHIDFamily, and IOAcceleratorFamily. The update also addresses the factoring RSA export key (FREAK) vulnerability, which allows a man-in-the-middle (MitM) attacker to access encrypted data. Source: http://www.securityweek.com/apple-fixes-security-bugs-first-update-watch-os

Communications Sector

24. May 20, Lewis County Chronicle – (Washington) CenturyLink outage affecting almost 1,200 customers in Centralia. Phone service for approximately 1,172 CenturyLink business and residential customers in Centralia, Washington, remained down May 20 after a construction crew inadvertently cut fiber optic lines May 19. Crews worked to repair the damaged line and did not provide an estimate on the restoration of service. Source: http://www.chronline.com/crime/article_8931401c-ff12-11e4-9364-ef93214054fc.html