Thursday, August 6, 2015




Complete DHS Report for August 6, 2015

Daily Report                                            

Top Stories
 
 · Officials stated that about 2,665 hospitals were issued fines totaling approximately $40 million and 38 hospitals in the U.S. will be docked 3 percent of its Medicare reimbursement for readmitting too many patients. – Columbus Dispatch

9. August 5, Columbus Dispatch – (National) Central Ohio hospitals fined for too many readmissions of Medicare patients. The Federal government released findings and announced that 38 hospitals in the U.S. will be docked 3 percent of its Medicare reimbursement for readmitting too many patients. Regulators also penalized about 2,665 hospitals nationwide with fines totaling approximately $40 million for the readmission of patients.Source: http://www.dispatch.com/content/stories/local/2015/08/04/readmission-penalties-for-hospitals.html

 · An August 4 inspector general’s report found several cybersecurity gaps in the U.S. Department of Labor’s information security program. – Washington Examiner

11. August 4, Washington Examiner – (National) Labor Department vulnerable to data breach. The inspector general’s office released a report August 4 which found several cybersecurity gaps in the U.S. Department of Labor’s information security program, including serious control deficiencies in how the department handles its personal identity verification (PIV) cards and related systems, as well as a lack of a system to lock out individuals after multiple unsuccessful log-in attempts, among other findings. The report stated that the department was made aware of the findings and continues to work to address the issues.Source: http://www.washingtonexaminer.com/labor-department-vulnerable-to-data-breach/article/2569530

 · Crews reached 20 percent containment August 4 of the 67,000-acre Rocky Fire that destroyed 24 homes and 26 outbuildings in Lake, Yolo, and Colusia counties in California. – CNN

12. August 4, CNN – (California) Thousands abandon homes as California fires spread. Crews reached 20 percent containment August 4 of the 67,000-acre Rocky Fire that destroyed 24 homes and 26 outbuildings in Lake, Yolo, and Colusia counties. Nearly 10,000 firefighters are continuing to battle the 22 wildfires in the State which have burned over 134,000 acres.Source: http://www.cnn.com/2015/08/04/us/california-wildfires/

 · Multiple carriers worked to restore wireless and wireline services August 4 after a hardware-related network issue caused a major outage in parts of the Southeast. – Louisville Courier-Journal See item 18 below in the Communications Sector

Financial Services Sector

3. August 4, Miami Herald – (Florida) South Florida developers plundered money meant for housing poor, U.S. says. Two officers at the Miami-based Carlisle Development Group and 4 others were charged August 4 for allegedly stealing $36 million in U.S. tax credits from 14 government-subsidized low-income housing projects in Miami-Dade County by inflating construction costs of rental properties to secure higher tax credit amounts while receiving kickbacks from contractors.Source: http://www.miamiherald.com/news/local/community/miami-dade/article29949909.html

Information Technology Sector

16. August 5, Securityweek – (International) Symantec patches critical vulnerabilities in Endpoint Protection. Security researchers from Code White discovered 6 vulnerabilities in Symantec Endpoint Protection (SEP) 12.1, including an authentication bypass, 3 path traversals, a privilege escalation, multiple structured query language (SQL) injections, and a high severity binary planting flaw which could allow an unauthenticated attacker to execute arbitrary commands on the SEP Manager (SEPM) server and on SEP clients running Microsoft Windows. Symantec released a patch addressing the vulnerabilities and users are urged to update their SEP installations. Source: http://www.securityweek.com/symantec-patches-critical-vulnerabilities-endpoint-protection

17. August 5, Securityweek – (International) “Man-in-the-Cloud” attacks leverage storage services to steal data. Findings from Imperva’s latest Hacker Intelligence Initiative report revealed that attackers can abuse popular cloud storage services for command and control (C&C) communications, endpoint hacking, remote access, and data exfiltration via Man-in-the-Cloud (MITC) techniques in which they access and decrypt stored user synchronization tokens. Source: http://www.securityweek.com/man-cloud-attacks-leverage-storage-services-steal-data

For another story, see item 11 above in Top Stories

Communications Sector

18. August 5, Louisville Courier-Journal – (National) AT&T blames cellphone outage on hardware. Multiple carriers worked to restore wireless and wireline services August 4 after a hardware-related network issue caused a major outage in parts of the Southeast, including areas in Indiana, Kentucky, Alabama, and Tennessee. MetroSafe activated its emergency procedures to assist police departments in Jefferson Counties and surrounding counties in Kentucky that might have been affected by the outages. Source: http://www.usatoday.com/story/money/business/2015/08/05/hardware-blamed-cellphone-outage/31153921/