Friday, August 4, 2012 


Daily Report

Top Stories

 • Toyota announced the recall August 1 of approximately 778,000 vehicles in the United States due to a suspension problem that could cause crashes. – CNN

8. August 1, CNN – (National; International) Toyota recalling 760,000 RAV4’s due to crash risk. Toyota announced the recall August 1 of some 778,000 vehicles in the United States due to a suspension problem that could cause crashes. The recall comprises roughly 760,000 Toyota RAV4’s from model years 2006 to 2011, as well as about 18,000 Lexus HS 250h’s from 2010. Toyota said if the nuts on the rear suspension arms of these vehicles are not tightened properly during a wheel alignment service, the arms may come loose or separate. A Toyota spokesman said that so far in the United States, there have been “nine crashes and three minor injuries alleged to be related to this condition.” About 100,000 vehicles in Canada were also part of the recall. Source: http://money.cnn.com/2012/08/01/autos/toyota-rav4-recall/index.htm?hpt=hp_t3

 • Nuclear operations were temporarily halted August 1 at a Tennessee complex that stores and processes uranium after three protesters were able to intrude into a high-security area the weekend of July 28. – Associated Press

9. August 1, Associated Press – (Tennessee) Nuke ops halted after protesters enter TN complex. Nuclear operations were temporarily halted August 1 at a Tennessee complex that stores and processes uranium after three protesters were able to intrude into a high-security area the weekend of July 28. The Y-12 National Security Complex said all nuclear material is safe. The temporary stand-down was expected to end by the week of August 6. Special nuclear material will be moved to vaults on site, and contractor security personnel will undergo training and refresher instruction. Source: http://www.seattlepi.com/news/article/Nuke-ops-halted-after-protesters-enter-TN-complex-3755281.php

 • Three commuter jets came within seconds of a midair collision July 31 at Reagan National Airport after confused air traffic controllers launched two outbound flights directly at another plane coming in to land. – Washington Post

14. August 1, Washington Post – (Virginia) Two planes taking off from National put on collision course with plane trying to land. Three commuter jets came within seconds of a midair collision July 31 at Reagan National Airport after confused air traffic controllers launched two outbound flights directly at another plane coming in to land, according to federal officials, the Washington Post reported August 1. The three planes, all operated by US Airways, carried 192 passengers and crew members, the airline said. A number of inbound planes were queued up to turn above Mount Vernon, fly north over the Potomac River, and land on National’s main runway. However, an approaching storm caused a significant wind shift, and the air traffic control center in Warrenton wanted to reverse the flow of planes into the airport, turning them north of Rosslyn and routing them south along the river to land from the opposite direction. The Warrenton controllers communicated the plan to the controller tower at Reagan National. However, an incoming flight cleared to land was flying head-on at two planes that just took off. The inbound plane and the first of the outbound planes were closing the 1.4 miles between them at a combined speed of 436 mph, a rate that meant they were about 12 seconds from impact when the tower controller recognized her mistake. The Federal Aviation Administration’s public affairs office issued a statement August 1 saying it was investigating the matter and would take appropriate action to address the miscommunication. Source: http://www.washingtonpost.com/local/trafficandcommuting/two-planes-taking-off-from-national-put-on-collision-course-with-plane-trying-to-land/2012/08/01/gJQAxxPSQX_story.html?wpisrc=al_excl

 • A computer security breach at the Environmental Protection Agency (EPA) exposed the Social Security numbers and banking information of nearly 8,000 people, most of them current employees, the EPA confirmed August 1. – Washington Business Journal

25. August 2, Washington Business Journal – (National) EPA security breach exposes personal information of 8,000 people. A computer security breach at the Environmental Protection Agency (EPA) exposed the Social Security numbers and banking information of nearly 8,000 people, most of them current employees, the EPA confirmed August 1. The EPA told the Washington Business Journal in a statement that it notified 5,100 current employees and some 2,700 “other individuals” about a March security incident that exposed personal information on an EPA database. Those impacted were informed about the breach July 31, 4 months after it occurred. The EPA is offering free credit-monitoring services for 1 year to people affected by the breach. “EPA conducted a risk analysis, [which] indicates it is unlikely the personal financial information has been used,” according to the EPA statement. “Vigilantly keeping data secure from increasingly sophisticated cyber threats is a top priority at EPA. The agency already added new safeguards in response to the incident.” The agency’s Office of the Inspector General confirmed an investigation is underway. Source: http://www.bizjournals.com/washington/news/2012/08/02/epa-security-breach-exposes-personal.html

Details

Banking and Finance Sector

11. August 1, Reuters – (International) Error by Knight Capital rips through stock market. A technology breakdown at a major trading firm roiled the prices of 140 stocks listed on the New York Stock Exchange August 1. The problems at Knight Capital Group Inc, one of the largest firms that buys and sells stocks to provide liquidity to the markets, emerged at the beginning of trading. Heavy computer-based trading caused a rush of orders for dozens of stocks, whose shares soared far beyond their previous day closing prices. The trading glitches were the latest in a series of market snafus that have hurt retail investors’ confidence, including the botched Facebook initial public offering, the 2010 “flash crash” in which nearly $1 trillion in market value disappeared in minutes, and the failed public offering of BATS Global Markets. The exact nature of the technology issues was unclear. Source: http://www.reuters.com/article/2012/08/01/us-usa-nyse-tradinghalts-idUSBRE8701BN20120801

12. August 1, Cerritos-Artesia Patch – (California) Elusive ‘Plain Jane Bandit’ strikes Chase Bank in Cerritos. A serial bank robber dubbed the “Plain Jane Bandit” held up a Chase bank in Cerritos, California, July 31, bringing the number of robberies she is associated with to eight. The incident was similar to previous bank robberies in which the “Plain Jane Bandit” either slipped a teller a note or verbally commanded the employee to give her money, claiming she had an accomplice waiting for her. After the suspect demand money in the July 31 holdup, the teller handed her an undisclosed amount of cash, and the woman then fled. Source: http://cerritos.patch.com/articles/plain-jane-robs-cerritos-chase-july-31-cerritos-chase-bank-latest-target-for-elusive-plain-janet-bandit

Information Technology Sector

29. August 1, ZDNet – (International) Privilege escalation security hole found in Nvidia Linux driver. An anonymous hacker found a security hole in the NVIDIA binary. He or she allegedly reported it to NVIDIA “over a month ago” and did not receive a reply, nor was the flaw ever patched. The exploit has now been made public. A software engineer was sent details of the vulnerability. After testing it and discovering that it works, he publicly posted the exploit. The flaw allows an attacker to write to any part of memory on the system by shifting the VGA window after attaining superuser privileges. Source: http://www.zdnet.com/privilege-escalation-security-hole-found-in-nvidia-linux-driver-7000001986/

30. August 2, Help Net Security – (National) Vulnerability disclosure framework for industrial control systems. The Industrial Control Systems Joint Working Group published “The Industrial Control Systems Common Vulnerability Disclosure Framework,” which is a significant step towards standardization of vulnerability disclosure policies for industrial control systems vendors and system integrators. The newly published framework is to be used as a consensus-based foundation for all involved parties in developing standardized vulnerability disclosure policies. As the framework is aimed towards a diverse set of systems, its content is not mandatory but should be used as a valuable starting point toward responsible disclosure. Source: http://www.net-security.org/article.php?id=1748&utm

31. August 2, The H – (International) LibreOffice vulnerable to multiple buffer overflows. Three weeks after releasing LibreOffice 3.5.5, The Document Foundation confirmed security holes in earlier versions of the open source LibreOffice productivity suite can be exploited by attackers to compromise a victim’s system. According to the project’s security advisory, these include multiple heap-based buffer overflow vulnerabilities in the XML manifest encryption tag parsing code. Successful exploitation of the vulnerabilities could lead to the execution of arbitrary code on a system with the privileges of a local user. For an attack to be successful, a victim must first open a specially crafted Open Document Format (ODF) file. Versions up to and including LibreOffice 3.5.4 are affected; upgrading to version 3.5.5 or later fixes these problems. Source: http://www.h-online.com/security/news/item/LibreOffice-vulnerable-to-multiple-buffer-overflows-1658328.html

32. August 2, Nextgov – (National) Cybersecurity bill fails to advance in Senate. August 2, after months of wrangling, the U.S. Senate rejected calls by the Presidential Administration and failed to advance sweeping legislation aimed at protecting American computer networks from cyberattacks. The cloture vote to end debate on the bill was 52-46, with 60 votes needed to advance the measure. The White House and top national security and defense leaders pressed the Senate to pass the Cybersecurity Act of 2012, but negotiations between Democratic supporters and Republican critics failed to yield an agreement. Republicans in the Senate echoed industry concerns that the bill could lead to government regulation, but debate over the legislation devolved into assigning blame. Source: http://www.nextgov.com/cybersecurity/2012/08/cybersecurity-bill-fails-advance-senate/57185/

33. August 1, Government Computer News – (International) BIOS’ ‘privileged position’ in servers makes it a target for sophisticated attacks. The Basic Input/Output System (BIOS) facilitates the hardware initialization process of a computer and hands off control to the operating system, giving it a trusted status that also could present opportunities for attackers. “Unauthorized modification of BIOS firmware by malicious software constitutes a significant threat because of the BIOS’s unique and privileged position within modern computer system architectures,” say the authors of new BIOS security guidelines for government from the National Institute of Standards and Technology. “Malicious BIOS modification could be part of a sophisticated, targeted attack on an organization — either a permanent denial of service or a persistent malware presence.” Source: http://gcn.com/articles/2012/08/01/nist-bios-security-target-for-sophisticated-attacks.aspx

34. August 1, ZDNet – (International) Skype spamming tool costs $10. Skype Flooder by Revi was updated to version 2.0. The do-it-yourself tool is used by cyber criminals who want to trick as many Microsoft Skype users as possible into interacting with their malicious scam and spam campaigns. Anyone can buy Skype Flooder; it is only $10. Furthermore, if a person buys it now, they will automatically receive 5,000 already-harvested Skype user names. The spamming tool can be used to harvest Skype user names by country or by gender. It can also check whether the user is online or not. The latest version also supports parsing of log files. Source: http://www.zdnet.com/skype-spamming-tool-costs-10-7000001975/

35. August 1, The H – (International) Avira now affected by Oracle’s file converter hole. Avira AntiVir for Exchange, and the Avira Small Business Security Suite, and Avira Business Security Suite that contain it, are all vulnerable to the Oracle file conversion holes that were revealed 2 weeks ago in Oracle’s monthly patch day. The holes in Oracle’s Outside In library have made a range of third party applications vulnerable to attackers with crafted files in particular formats. A product update for the Exchange package is now available; for the suites, this updated package just needs to be reinstalled. Source: http://www.h-online.com/security/news/item/Avira-now-affected-by-Oracle-s-file-converter-hole-1657943.html

Communications Sector

Nothing to report