Complete DHS Report for February 9, 2016
Daily Report
Top Stories
• The California Department of Conservation announced
emergency regulations and orders for enhanced inspections and testing of all
gas wells in the State February 8, in response to a nonstop leak of a gas well
in Porter Ranch. – San Jose Mercury News
1.
February 8, San Jose Mercury News –
(California) State orders inspections, new rules for gas wells after SoCal
gas leak. The California Department of Conservation announced emergency
regulations and orders for enhanced inspections and testing of all gas wells in
California effective immediately February 8, in response to a nonstop leak of a
gas well at the Aliso Canyon gas storage complex in Porter Ranch. The agency
also issued six new safety and reliability measures including daily inspections
of gas storage well heads and ongoing measurement of gas pressure or flow
within wells, among other requirements. Source: http://www.mercurynews.com/business/ci_29487761/state-orders-inspections-and-new-rules-gas-wells
• The New York health and environmental officials will be
investigating the Indian Point nuclear power plant after finding the Buchanan
facility spilled highly radioactive water. – Lower Hudson Valley Journal
News
3. February
6, Lower Hudson Valley Journal News – (New York) NY to probe
‘radioactive’ water leak at Indian Point. The New York Health Department
and the New York State Department of Environmental Conversation will be
investigating Entergy Corp.-owned Indian Point nuclear power plant February 5
after the State governor found the Buchanan facility spilled highly radioactive
water containing tritium into an underground monitoring well. The investigation
will determine the duration, cause, and potential impacts to the environment
and to public health. Source: http://www.lohud.com/story/news/politics/politics-on-the-hudson/2016/02/06/ny-probe-radioactive-water-leak-indian-point/79929984/
• The FBI announced the arrest of five top officials in Crystal
City, Texas, February 4 under a Federal indictment accusing the group of taking
tens of thousands of dollars in bribes. – Washington Post
25. February
8, Washington Post – (Texas) FBI arrests nearly all of the top officials of
Crystal City, Tex. The FBI announced February 4 the arrest of five top
officials in Crystal City, Texas, under a Federal indictment which accuses the
group of taking tens of thousands of dollars in bribes and helping the leader
of an illegal gambling operation in exchange for payments and other material
goods. The officials also reportedly voted to award contracts in exchange for
bribes and extorted payments from contractors, among other illegal actions. Source: https://www.washingtonpost.com/news/morning-mix/wp/2016/02/08/theres-only-one-person-left-on-this-texas-city-council-after-fbi-arrests-top-officials-on-corruption-charges/
• A Michigan man was arrested and accused of allegedly
supporting the Islamic State and plotting to attack a Detroit church February 6
after an FBI investigation revealed that he made incriminating statements to an
undercover agent. – Associated Press
34. February
6, Associated Press – (Michigan) Man accused of IS-inspired plot to attack Detroit
church. The U.S. District Court in Detroit reported February 6 that a
Michigan man was arrested and accused of allegedly supporting the Islamic State
and plotting to attack a Detroit church after an FBI investigation revealed the
man made incriminating statements to an undercover FBI agent to shoot a church
and behead someone on behalf of the foreign terrorist group. Source: http://www.monroenews.com/article/20160206/NEWS/160209185
Financial Services Sector
5. February
8, Softpedia – (International) Loanbase hacked due to WordPress bug, loses
customer Bitcoins. Loanbase released an advisory February 7 stating that a
security hole in its WordPress blog allowed unknown hackers to breach its
Structured Query Language (SQL) database, steal approximately $3,000 worth of
Bitcoins from its users, and access sensitive user data like email addresses,
phone numbers, and names of user accounts that did not have two-factor
authentication (2FA) turned on. Loanbase took its Web site offline to reset
passwords for all users, cancel all 2FA tokens, and reject all approved withdrawals
to prevent further abuse. Source: http://news.softpedia.com/news/loanbase-hacked-due-to-wordpress-bug-loses-customer-bitcoins-500057.shtml
6. February
6, Minneapolis Star Tribune – (Minnesota) Ex-Viking found
guilty in one bank fraud count. The former chairman of First Commercial
Bank in Bloomington, Minnesota, and his business partner were found guilty in
Federal court February 5 for bilking investors out of millions of dollars after
the former chairman’s business partner used money invested in his Hennessey
Financial LLC to pay off prior investors and other debts instead of financing
real estate projects. The former executive also failed to disclose to the bank
that his partner owed $12 million in debts while he applied for a line of credit.
Source: http://www.startribune.com/ex-viking-stu-voigt-found-guilty-in-one-bank-fraud-count/367874771/
7. February
5, WPMT 43 York – (Pennsylvania) Former York Federal Credit Union manager
charged with embezzlement and fraud. The former chief executive
officer-manager of the HD York Federal Credit Union in York, Pennsylvania,
reached a plea agreement February 5 for allegedly embezzling $252,106 from 2010
– 2013 and failing to report $70,983 in stolen income on her 2011 Federal
income tax return. Source: http://fox43.com/2016/02/05/former-york-federal-credit-union-manager-charged-with-embezzlement-and-fraud/
Information Technology Sector
27. February
8, Help Net Security – (International) Twitter suspended 125,000 terrorism-related
accounts. Twitter reported that they have suspended over 125,000 accounts
since 2015 for threatening or promoting terrorist acts related to the Islamic State
and have started using spam-fighting tools to discover potentially offending
accounts to counter extremist content online. The company is working with law
enforcement agencies around the world to stop terrorist organizations from
using Twitter as a platform for communication. Source: http://www.net-security.org/secworld.php?id=19415
28. February
8, The Register – (International) Oracle issues emergency patch for Java on
Windows. Oracle released an out-of-cycle emergency patch for its Java
products to fix a during-installation flaw on Microsoft Windows platform that
if exploited, can allow an attacker to trick users into visiting a compromised
Web site and enable an attacker to compromise a user’s system. Oracle released
Java versions 6, 7, and 8 installers to protect users from the vulnerability. Source:
http://www.theregister.co.uk/2016/02/08/emergency_java_patch/
29. February
8, The Register – (International) Cisco recalls switches that could short power
to the case. And kill you. Cisco recalled two series of its Industrial
Ethernet 5000 switches due to electrical and fire safety hazards after a
factory test found the power source wiring could potentially cause a short to
the metal enclosure/barrier. Users were advised to check their serial numbers
as not all devices in the series were affected. Source: http://www.theregister.co.uk/2016/02/08/cisco_recalls_ie_5000_switches/
30. February
7, Softpedia – (International) T9000 backdoor malware targets Skype users,
records conversations. Researchers from Palo Alto Networks reported that
the new backdoor trojan dubbed T9000 was sent inside spear phishing emails to
U.S. entities to allow an attacker to create and delete files and directories,
encrypt data, and copy the user’s clipboard via malicious Rich Text Format
(RTF) files that uses the CVE-2012-1856 and CVE-2015-1641 flaws to control the
users’ personal computers (PC). Researchers found that the trojan was versatile
to be used against any target.
31. February
6, Softpedia – (International) Fake Flash Player update delivers scareware
to Mac OS X users. A researcher from SANS Technology Institute discovered a
new campaign that tricks users into installing malicious Flash Player update
packages that are embedded with valid and authentic Adobe Flash update files,
but were also seen containing malicious malware that executes popups with
apocalyptic messages to inform users that their computers were infected.
Attackers then send victims a phone number to trick users to call the number
and have their systems reset by professionals. Source: http://news.softpedia.com/news/fake-flash-player-update-delivers-scareware-to-mac-os-x-users-500002.shtml
For additional stories, see
item 5 above in the Financial Services Sector and item 33 below from the Commercial Facilities Sector
33. February
8, Help Net Security – (International) Sensitive data stolen in Gyft data breach. Gyft,
a digital gift card platform that allows users to buy, send, and manage gift
cards from hundreds of retailers, reported that from October 2015 – December
2015 an unknown unauthorized party accessed two cloud providers to view or
download certain user information that could have been used to make
unauthorized purchases. The information accessed reportedly included names,
contact information, dates of birth, and gift card numbers, and prompted the
company to advised users to change their online passwords. Source: http://www.net-security.org/secworld.php?id=19413
Communications Sector
Nothing to report