Department of Homeland Security Daily Open Source Infrastructure Report

Monday, February 12, 2009

Complete DHS Daily Report for February 12, 2009

Daily Report


 KTBS 3 Shreveport reports that a one-mile radius around a Panola County, Texas natural gas plant was evacuated Wednesday morning after an explosion there. One person suffered minor injuries. (See item 2)

2. February 11, KTBS 3 Shreveport – (Texas) Explosion at gas pipeline plant forces evacuations. A one-mile radius around a Panola County, Texas, natural gas plant was evacuated Wednesday morning after an explosion there. Panola County sheriff’s deputies said one person suffered minor injuries but was not hospitalized. Fire crews were working late Wednesday morning to stabilize the situation and extinguish the fire, authorities said. A section of U.S. Highway 79 around the plant was closed. The explosion and fire happened at the DCP plant on U.S. 79 north of Carthage. The plant was part of a natural gas pipeline operation. The explosion happened just before 10:30 a.m. Source:

 According to CNN, police arrested a man near the U.S. Capitol on Tuesday after he drove up to one of the building’s barricades with a rifle in his vehicle and told officers that he had a delivery for the U.S. President, a Senate spokesman said. (See item 26)

26. February 10, CNN – (District of Columbia) Man arrested with rifle said he had delivery for Obama. Police arrested a man near the U.S. Capitol on Tuesday after he drove up to one of the building’s barricades with a rifle in his vehicle and told officers that he had a delivery for the U.S. President, a Senate spokesman said. The 64 year old man, of Winnfield, Louisiana, was charged with possession of an unregistered firearm and unregistered ammunition. The man drove up to the north barricade at the Capitol late Tuesday afternoon, saying he had a delivery for the President, a police sergeant said. After further questioning, the man admitted he had a rifle in his truck. He was arrested and taken to police headquarters for processing, she said. A search of his truck turned up several rounds of ammunition, the sergeant said. Police also checked the area around the barricade, but found nothing hazardous. Source:


Banking and Finance Sector

9. February 10, KDKA 2 Pittsburgh – (Pennsylvania) Scam targets credit union members in New Castle. Customers at the First Choice Credit Union in New Castle were targets of a cyber scam. Someone set up a fake Web site that looked just like the one for the credit union. They text messaged unsuspecting customers saying there was a problem with their accounts and directed them to the fake Web site. That is where the scammers asked for account information. “I cannot stress it enough. Do not reply to these. They are just scams. There is nothing true about them,” the CEO of First Choice Credit Union said. Hundreds of customers fell for the scam and gave out confidential information.


10. February 10, Portal IT – (International) Phishing alert: PayPal hit with XSS exploit. The online payments site PayPal has been crippled thanks to another cross-site scripting (XSS) bug that would enable hackers to get away with user passwords. Even worse, it appears that the bug would also allow the theft of authentication cookies, The Register reports. Soon-to-be victims arrive on a malicious page designed to open a javascript window. The message in the window reads the following: “Fugitif was here another time.” PayPal is aware of the problem but the company has yet to announce a solution. This is not the first time that PayPal fell victim to an XSS bug that allowed the injection of unauthorized code. The online payments site had to patch a similar vulnerability in May 2008, after being informed by a Finnish researcher. Source:

Information Technology

33. February 11, SpamFighter News – (Florida) Public warned of fraudulent AOL phishing campaign. The commissioner of Florida Agriculture and Consumer Services on January 27 issued an alert about a phishing campaign using the brand name of AOL (America Online), a popular Internet service provider, to capture the personal details of consumers, as reported by SunSentinel on January 27. Consumers have recently reported of receiving e-mail messages from an ISP that pretends to represent the “AOL Safety and Security Group.” The messages ask recipients for their billing details and warn that non-compliance would lead to the suspension of their accounts. The phishing e-mail generally contains exciting or upsetting statements to lure victims to respond instantly. It typically asks the consumer to provide information such as his AOL screen name, other user ID and password, social security and payment card numbers, etc. However, the consumer scam investigators confirmed with AOL and declared that the e-mail messages are fake, according to Florida State regulators. The investigators also said that AOL never asks customers personal data over e-mail. Many organizations strikingly and repeatedly tell their consumers that the organization or its representatives would never ever request end-users to reveal their password. Thus, consumers have been advised to ignore any pop-up or e-mail message asking for financial or other personal information. Also, end-users who are concerned about the security of their account must directly call the organization or visit its Web site by entering the address manually into their browser. Source:

34. February 10, CNET News – (International) Microsoft patches four critical IE, Exchange holes. Microsoft on February 10 released security updates that fix four critical vulnerabilities in Internet Explorer and Exchange Server that could allow an attacker to take control of an affected computer remotely. Microsoft Security Bulletin MS09-002 plugs two critical holes in IE that could allow remote code execution if an IE user views a Web page that has malicious code, according to Microsoft’s notification. “Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights,” the bulletin said. Security Bulletin MS09-003 fixes two critical vulnerabilities in Exchange Server. One could allow for remote code execution if a maliciously crafted TNEF (Transport Neutral Encapsulation Format) message is sent to an Exchange Server and could allow an attacker to take complete control of the system with Exchange Server service account privileges. The second hole could allow for a denial of service attack if a maliciously crafted MAPI (Messaging Application Programming Interface) command is sent to an Exchange Server. Security Bulletin MS09-004 fixes an important remote code execution vulnerability in SQL Server that could be exploited if untrusted users access an affected system or if a SQL injection attack occurs. The vulnerability was discovered in December 2008. And Security Bulletin MS09-005 closes three important vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a maliciously crafted Visio file. An attacker could then steal data and make changes to accounts with full user rights. Source:

Communications Sector

Nothing to report