Wednesday, December 19, 2012
Daily Report
Top Stories
• About 22,000 people across Amador and
Calaveras counties in California lost electricity due to a power outage,
according to a Pacific Gas & Electric Co. spokeswoman. – Associated
Press
1.
December 17, Associated Press – (California)
Thousands in Sierra foothills without power. About 22,000 people across
Amador and Calaveras counties in California lost electricity due to a power
outage, according to a Pacific Gas & Electric Co. spokeswoman. Source: http://www.fresnobee.com/2012/12/17/3104865/thousands-in-sierra-foothills.html
• The Nuclear Regulatory Commission stated
that a Japanese company did not confirm that tubes being used in a generator
mock-up matched specifications for tubing fixed in generators at a California
nuclear power plant. – Associated Press
2.
December 18, Associated Press –
(California; International) Feds: Mitsubishi using wrong test equipment for
San Onofre nuclear plant. The Nuclear Regulatory Commission stated that a
Japanese company did not confirm that tubes being used in a generator mock-up
matched specifications for tubing fixed in generators at a nuclear power plant
in California. Source: http://www.scpr.org/news/2012/12/18/35293/feds-mitsubishi-using-wrong-test-equipment-flawed-/
• A “verified” vendor on one of the most
active underground online fraud forums is selling and shipping pre-hacked
wireless Verifone point-of-sale devices that record customers’ card data and
PINs. – Krebs on Security See item 5 below in the Banking and Finance Sector
• After two spills this year released an
approximate 26 million gallons in untreated sewage into local waterways,
Georgia environmental regulators fined the city of Atlanta $113,000 for failing
to detect broken pipes. – Atlanta Journal-Constitution
20.
December 17, Atlanta Journal-Constitution –
(Georgia) Atlanta faces $113,000 State fine for two massive sewage spills. After
two spills this year released an approximate 26 million gallons in untreated
sewage into local waterways, Georgia environmental regulators fined the city of
Atlanta $113,000 for failing to detect broken pipes. Source: http://www.ajc.com/news/news/local/atlanta-faces-113000-state-fine-for-two-massive-se/nTYZp/
• The owner of Health Care Solutions Network
Inc. plead guilty December 17 for fraudulently billing Medicare and the Florida
Medicaid program approximately $28 million over a span of 8 years. – U.S.
Department of Justice
22.
December 18, U.S. Department of Justice –
(Florida) Leader of $63 million mental health fraud scheme pleads guilty in
Miami. The owner of Health Care Solutions Network Inc. plead guilty
December 17 for fraudulently billing Medicare and the Florida Medicaid program
approximately $28 million over a span of 8 years. Source: http://www.enewspf.com/latest-news/police-reports/39220-leader-of-63-million-mental-health-fraud-scheme-pleads-guilty-in-miami.html
Details
Banking and Finance Sector
5. December
18, Krebs on Security – (International) Point-of-Sale skimmers:
No charge...yet. A “verified” vendor on one of the most active underground
online fraud forums is selling and shipping pre-hacked wireless Verifone
point-of-sale devices that record customers’ card data and PINs. Source: http://m.krebsonsecurity.com/2012/12/point-of-sale-skimmers-no-charge-yet/
6. December
18, Bloomberg News – (New York) Hedge fund managers convicted of insider-trading
scheme. A federal jury in New York found a Level Global Investors LP
co-founder and a former Diamondback Capital Management LLC portfolio manager
guilty of securities fraud and conspiracy for insider trading which netted the
two more than $72 million. Source: http://www.bloomberg.com/news/2012-12-17/hedge-fund-managers-convicted-of-insider-trading.html
7. December
17, IDG News Service – (International) Improved Carberp malware targets U.S. banks. The
creators of the Carberp banking trojan are now selling an upgraded version of
the malware and custom scripts that allow the trojan to target U.S. online
banking customers, researchers from Group-IB reported. Source: http://www.computerworld.com/s/article/9234809/Improved_Carberp_malware_targets_U.S._banks
8. December
17, U.S. Securities and Exchange Commission – (International) SEC
charges Germany-based Allianz SE with FCPA violations. Allianz SE, a German
insurance and asset management company, settled to pay over $12.3 million in
U.S. Securities and Exchange Commission (SEC) chargers after the SEC claimed
they violated provisions of the Foreign Corrupt Practices Act. Source: http://www.sec.gov/news/press/2012/2012-266.htm
Information Technology Sector
36.
December 18, Help Net Security –
(International) Android botnet spreads SMS spam. Security researchers
detected widespread SMS spam campaigns designed to infect users’ devices and
draw them into a mobile botnet so send out more spam. Researchers from Lookout
named the trojan “SpamSoldier” and warned that it could results in thousands of
spam SMS messages on the network level. Source: http://www.net-security.org/malware_news.php?id=2363
37.
December 17, Threatpost –
(International) WordPress pingback vulnerability could lead to DDoS attacks.
A pingback vulnerability in the popular WordPress blogging platform could
be exploited for use in distributed denial of service (DDoS) attacks and to
leak information, according to Acunetix. The vulnerability can be exploited
through WordPress’s XMLRPC API, where attackers could reconfigure internal
routers and use the hosts to participate in DDoS attacks. Source: http://threatpost.com/en_us/blogs/wordpress-pingback-vulnerability-could-lead-ddos-attacks-121712
Communications Sector
Nothing to
report
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.
No comments:
Post a Comment