Complete DHS Report for
July 2, 2015
Daily Report
Top Stories
· Interstate
70 at Interstate 270 in Columbus, Ohio was closed indefinitely July 1 after a
semi-truck hauling 10,000 gallons of ethanol-based chemical fuel overturned and
caught on fire. – Columbus Dispatch
4. July 1,
Columbus Dispatch – (Ohio) I-70 still closed after crash on West
Side. Interstate 70 at Interstate 270 in Columbus is closed indefinitely
July 1 after a semi-truck hauling 10,000 gallons of ethanol-based chemical fuel
overturned and caught on fire. The driver was taken to an area hospital and a
team from the Ohio Environmental Protection Agency was on scene to respond to
the chemical fumes. Source: http://www.dispatch.com/content/stories/local/2015/07/01/fiery-crash-closes-i270-i70-on-west-side.html
· New York
officials reported June 30 that 12 more Clinton Correctional Facility employees
were put on administrative leave as part of an ongoing investigation into the
escape of two murder convicts June 6. – Associated Press
12. June
30, Associated Press – (New York) NY prison chief, 11 others put
on leave after escapes. New York officials reported June 30 that 12 more
employees at the Clinton Correctional Facility have been put on administrative
leave as part of an ongoing investigation to find potential accomplices in the
escape of two murder convicts June 6. Source: http://www.policeone.com/investigations/articles/8633939-NY-prison-chief-11-others-put-on-leave-after-escapes
· Apple
released iOS version 8.4 addressing 33 security vulnerabilities, including a
fix for the Logjam flaw that allows a man-in-the-middle attacker to downgrade
cryptographic security. – Softpedia See item 15
below in the Information Technology
Sector
· The FBI
is investigating at least 11 physical attacks on high-capacity Internet cables
in California’s San Francisco Bay Area dating back to July 2014. – USA Today See item 18 below in the Communications Sector
Financial Services Sector
3. June 30,
Reuters – (National) Goldman settles SEC charges over 2013 trading
incident. Goldman Sachs Group Inc., agreed to pay $7 million June 30 to
resolve U.S. Securities and Exchange Commission charges connected to the
“market access” rule, and a 2013 programming error which flooded the stock
options market with about 16,000 erroneous orders, causing 1.5 million options
contracts to be executed and costing the company $38 million. Source: http://www.reuters.com/article/2015/06/30/sec-goldmansachs-idUSL1N0ZG1JH20150630
Information Technology Sector
14. July 1, Securityweek
– (International) Attackers abuse RIPv1 Protocol for DDoS
reflection: Akami. Security researchers from Akami discovered that
malicious actors have been leveraging routers running Routing Information
Protocol version 1 (RIPv1) to reflect distributed denial-of-service (DDoS)
attacks by creating malicious requests for routes and then spoofing the source
Internet protocol (IP) address to match the one of the targeted system. Source:
http://www.securityweek.com/attackers-abuse-ripv1-protocol-ddos-reflection-akamai
15. July 1,
Softpedia – (International) iOS 8.4 fixes 33 security vulnerabilities. Apple
released iOS version 8.4 addressing 33 security vulnerabilities, including a
fix for the Logjam flaw that allows a man-in-the-middle (MitM) attacker to downgrade
cryptographic security, and other protection against potential arbitrary code
execution. Source: http://news.softpedia.com/news/ios-8-4-fixes-33-security-vulnerabilities-485771.shtml
16. July 1,
Softpedia – (International) Researchers expose attack on iOS that can
break system apps. Security researchers from FireEye reported two Apple iOS
flaws, dubbed Manifest Masque and Extension Masque, in which an attacker could
break or replace system apps and extensions on an affected device by taking
advantage of apps created in Xcode outside of Apple’s App Store. The
vulnerabilities behind Manifest Masque attacks were partially addressed in the
release of iOS 8.4. Source: http://news.softpedia.com/news/researchers-expose-attack-on-ios-that-can-break-system-apps-485756.shtml
17. June 30,
Securityweek – (International) ESET analyzes complex espionage platform used
by “Animal Farm” APT. ESET released research on the Dino cyber-espionage
platform used by the “Animal Farm” advanced persistent threat (APT) group
revealing that Dino is capable of retrieving information, executing Microsoft
Windows batch commands, searching for files, and transferring files back and
forth between a command and control (C&C) server. Researchers have not
determined the tool’s initial infection vector. Source: http://www.securityweek.com/eset-analyzes-complex-espionage-platform-used-animal-farm-apt
Communications Sector
18. July 1, USA Today –
(California) FBI investigating 11 attacks on San Francisco-area Internet
lines. The FBI is investigating at least 11 physical attacks on
high-capacity Internet cables in California’s San Francisco Bay Area as far
back as least July 2014, including a June 30 incident that disrupted Internet
service for businesses and residential customers near the Sacramento area.
Source: http://www.usatoday.com/story/tech/2015/06/30/california-internet-outage/29521335/
19. June 30, The
Oregonian/OregonLive.com – (Oregon; Washington) Frontier suffers
big cable TV outage. Level 3 Communications officials reported that service
was restored June 30 after Frontier Communications’ cable TV service
experienced an outage in Oregon and Washington due to severed communications
fiber-optic cable earlier that day. Source: http://www.oregonlive.com/silicon-forest/index.ssf/2015/06/frontier_suffers_big_cable_tv.html
For additional stories, see items 15 and 16 above in the Information Technology
Sector