Department of Homeland Security Daily Open Source Infrastructure Report

Friday, July 18, 2008

Complete DHS Daily Report for July 18, 2008

Daily Report

• The Transportation Security Administration announced a set of security recommendations, which will help to ensure the secure transportation across the nation’s highways of potentially dangerous materials that could cause a significant impact if used in an act of terrorism. (See item 19)

• According to the San Francisco Gate, Finjan reported that the San Francisco city’s website was one of over 1,000 sites treating visitors to malicious code. Vulnerable users got a Trojan loaded onto their machines that tries to join them to a smaller botnet that began expanding in May. (See item 35)

Banking and Finance Sector


10. July 16, KCCI 8 Des Moines – (Iowa) Officials warn of new phone scam. Iowa State Attorney General said Wednesday that Iowans are being targeted by a round of phone scammers claiming to be utility companies. He said the caller tells Iowans that their utilities will be disconnected soon if they do not make a credit card payment immediately. Both MidAmerican and Alliant Energy have reported to state officials that their customers have been tricked by the scam, most paying anywhere from $20 to more than $200. The official said some Iowans recognized the scam by checking their caller ID and noticing the call was coming from outside of Iowa. He recommends never giving out personal or financial information during any call that people did not initiate. Source: http://www.kcci.com/money/16902525/detail.html


11. July 16, WKYT 27 Lexington – (Kentucky) New scam targets text messages. There is a scam alert involving a text message. The scam is designed to trick people into giving out personal information. Kentucky’s Better Business Bureau says it has been flooded with phone calls about the text message. The text claims to be from Commonwealth Credit Union and tells customers their on-line account access is limited for security purposes and they need to call a certain number. The con artists are trying to get people to call the number and reveal their bank account numbers. Source: http://www.wkyt.com/news/headlines/25523199.html

Information Technology


34. July 17, IDG News Service – (National) Facebook bug leaks members’ birthday data. A glitch in a test version of Facebook’s Web site inadvertently exposed the birthdays of Facebook’s 80 million members this week. Facebook allows users to control who sees private information such as their birth date, which can be a valuable nugget of data for identity thieves. But a researcher discovered that the new site was making this information public to other members. “For a brief period of time, a small number of users were able to access a private beta of Facebook’s new site design meant only for developers. During that time, some of those users had their birthdays revealed due to a bug,” Facebook said Wednesday in a statement. The company could not say exactly how long this data was exposed or how many people viewed the beta site, but the bug was patched within hours of the discovery. Facebook may intend for the beta site to be private, but it has been open to the general public for several days. It features a new profile design that should be rolled out as an option to Facebook users some time this week. Source http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9110241&taxonomyId=17&intsrc=kc_top


35. July 16, San Francisco Gate – (California) San Francisco’s web site found serving malware. A security vendor, Finjan, reported Wednesday that the city of San Francisco Web site was one of over 1,000 sites treating visitors to malicious code. Other sites caught up in this latest round of Web attacks include uci.edu (the University of California at Irvine’s site); Snapple.com; a site registered to the Marysville, California’s police department; an ad network--atdmt.com--acquired by Microsoft; and several international sites. Vulnerable users got a Trojan loaded onto their machines that tries to join them to the Asprox botnet, a smaller botnet that began expanding in May, according to several security researchers. Asprox operators had confined themselves to phishing attacks but are now scanning the Web for flaws that let them perform SQL injection attacks on Web pages. The SFgov site is apparently fixed, but Finjan detected malicious code at many other sites as late as Tuesday. Unfortunately, less than half of the anti-virus vendors Finjan surveyed over the weekend detected this Trojan, even though it is exploiting older security flaws. That list is here: Symantec and McAfee are not on it, but Trend Micro and Sophos are. The deputy director of San Francisco’s department of telecommunications and information services said the city detected and fixed the problem. He said SFGov was vulnerable over the last weekend in June. He does not know how many people visited the site, but said no city employees’ machines were affected. Source: http://www.sfgate.com/cgi-bin/blogs/sfgate/detail?blogid=19&entry_id=28215


36. July 16, IDG News Service – (National) Data can leak from partially encrypted disks. Researchers at the University of Washington and BT Group PLC have discovered that popular programs such as Microsoft Corp.’s Word and Google Desktop store data on unencrypted sections of a computer’s hard drive, even when the programs are working with encrypted files. “Information is spilling out from the encrypted region into the unencrypted region,” said an assistant professor at the Seattle-based university and a co-author the study. He said there are probably many other applications and operating system components that leak information in a similar way. The researchers say that people who are using full-disk encryption, where every piece of data on their hard drives is encrypted, do not have to worry. However, the issue pops up when users create an encrypted partition or virtual disk on their hard drives, leaving part of the drives unencrypted, or when they store data on encrypted USB devices. Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxono

myName=security&articleId=9110221&taxonomyId=17&intsrc=kc_top


37. July 16, ZDNet Blogs – (National) US spam levels up, state of Illinois is the worst offender. Spam levels for the U.S. in June have reached 86 percent compared to spam levels at 81.5 percent in the rest of the world. Breaking this information down further, MessageLabs reports that some U.S. states are more affected than others. Varying socioeconomic factors are thought to affect the spam rates in certain states and the higher levels of spam can be attributed to the fact that consumers, employees and businesses do not place as high a priority on IT security as other states do. In addition, citizens of these states may be more willing to share personal information via the internet, increasing their likelihood of being spammed. Source: http://blogs.zdnet.com/security/?p=1503


Communications Sector


38. July 16, HD-Report – (New York) Verizon breaks into New York City. The New York State Public Service Commission (PSC) confirmed an agreement between the City of New York and Verizon to provide television service to all of New York City. The PSC confirmation is the final step in government regulations. Verizon will soon offer its FiOS TV service to the five boroughs of New York City which include Manhattan, Brooklyn, Queens, the Bronx and Staten Island. FiOS TV offers digital and high definition channels via the company’s fiber-optic network. New Yorkers had previously been locked into one provider, according to a Verizon spokesperson. Source: http://www.hd-report.com/2008/07/16/verizon-breaks-into-new-york-city