Complete DHS Report for August 4, 2016
Daily Report
Top Stories
• The U.S. Coast Guard reported that approximately 4,200 gallons
of crude oil spilled from a Texas Petroleum Investment Co. well into the Main
Pass of the Mississippi River in Louisiana August 2. – New Orleans
Times-Picayune
1. August 2,
New Orleans Time-Picayune – (Louisiana) As much as 4,200 gallons of
crude oil spill into mouth of Mississippi River. The U.S. Coast Guard
reported that approximately 4,200 gallons of crude oil spilled from a Texas
Petroleum Investment Co. well into the Main Pass of the Mississippi River in
Louisiana August 2 and 840 gallons spilled from the company’s pipeline into the
river’s South Pass July 28. The U.S. Coast Guard secured the pipe and installed
a containment boom and officials were investigating the cause of the spill. Source:
http://www.nola.com/environment/index.ssf/2016/08/as_much_as_4200_gallons_of_cru.html
• Rhode Island police are investigating August 2 after a
card-skimming device was found on an ATM at the Navigant Credit Union in
Cumberland August 1 and the skimmed payment information was used to steal more
than $110,000 from ATMs across the State. – WPRI 12 Providence See item 5 below in
the Financial Services Sector
• Two Detroit, Michigan residents were arrested in the Birmingham,
Alabama, area July 28 after authorities found 177 stolen identities from over
25 banks in the duo’s possession. – Birmingham News See item 6 below in
the Financial Services Sector
• Officials from the Nashville Fire Department reported August 2
that approximately 2 million of gallons of water were contaminated after 5
gallons of oil spilled from a nearby storm drain into the Cumberland River. – WZTV
17 Nashville
19. August 2,
WZTV 17 Nashville – (Tennessee) 2 million gallons of water contaminated by oil,
fire department says. Officials from the Nashville Fire Department reported
August 2 that approximately 2 million of gallons of water were contaminated
after 5 gallons of oil spilled from a nearby storm drain into the Cumberland
River. Officials stated the spill did not affect the area’s drinking source. Source:
http://fox17.com/news/local/2-million-gallons-of-water-contaminated-by-oil-fire-department-says
Financial Services Sector
5. August 2,
WPRI 12 Providence – (Rhode Island) Police: ATM skimming device used to steal
$110k. Rhode Island police are investigating August 2 after a card-skimming
device was found on an ATM at the Navigant Credit Union in Cumberland August 1
and the skimmed payment information was used to steal more than $110,000 from
ATMs across the State. Source: http://wpri.com/2016/08/02/police-atm-skimming-device-used-to-steal-110k/
6. August 1,
Birmingham News – (Alabama) 2 Detroit men busted in Alabama with 177 stolen
identities. Two Detroit, Michigan residents were arrested in the
Birmingham, Alabama, area July 28 after authorities found 177 stolen identities
from over 25 banks in the duo’s possession. Source: http://www.al.com/news/birmingham/index.ssf/2016/08/2_detroit_men_busted_in_alabam.html
Information Technology Sector
27. August 2,
Help Net Security – (International) 36,000 SAP systems exposed online, most open
to attacks. ERPScan released a comprehensive SAP Cybersecurity Threat
Report which revealed the average number of security patches for SAP products
per year has decreased, while the amount of vulnerable platforms has increased
and now includes modern cloud and mobile technologies such as HANA. The report
also found that SAP’s Customer Relationship Management (CRM), Enterprise Portal
(EP), and Supplier Relationship Management (SRM) products are most vulnerable
to flaws, and that the U.S. is one of the three countries with the most exposed
services, among other findings.
28. August 2,
Softpedia – (International) Google SEO trick leads users to online scam,
CryptMIC ransomware. Researchers from Malwarebytes discovered an active
campaign where malicious actors were abusing Google search featured snippets to
show links to compromised Websites and redirect users to online stores selling
product keys for Microsoft Office or hosting the Neutrino exploit kits (EK),
which would in turn infect the user’s device with the CryptMIC ransomware.
Researchers found the attackers could also actively search for third-party
Websites listed in featured snippets that run vulnerable content management
systems (CMSs), and hack the sites to deliver the ransomware. Source: http://news.softpedia.com/news/google-seo-trick-leads-users-to-online-scam-cryptmic-ransomware-506891.shtml
29. August 2,
SecurityWeek – (International) Google patches tens of critical vulnerabilities
in Android. Google released security patches for the Android operating
system (OS) resolving 81 vulnerabilities including 3 remote code execution
(RCE) flaws, 4 Elevation of Privilege (EoP) bugs, and 4 denial-of-service (DoS)
flaws in Mediaserver, a DoS issue in system clock, and a RCE flaw in libjhead,
among other vulnerabilities. Source: http://www.securityweek.com/google-patches-tens-critical-vulnerabilities-android
Communications Sector
Nothing to report