Monday, August 13, 2012
Daily Report
Top Stories
• A sinkhole the size of a football field in
southern Louisiana forced energy companies to halt nearby natural gas pipeline
activity — idling about 150 million cubic feet of gas — and draw down fuel from
a storage cavern. – Reuters
4.
August 8, Reuters – (Louisiana) Louisiana
sinkhole roils local natural gas network. A sinkhole the size of a football
field in southern Louisiana forced energy companies to halt nearby natural gas
pipeline activity and draw down fuel from a local storage cavern, Reuters
reported August 8. Chevron Corp’s subsidiary, Bridgeline Holdings, declared
force majeure on new injections into its salt dome storage facility near the
sinkhole and the town of Napoleonville in Assumption Parish through the rest of
2012, according to a notice on its Web site. Natural gas traders said Chevron’s
move to purge the gas could push an additional 4 billion to 5 billion cubic
feet of gas on the market. The sinkhole, which local media reported was
372-feet wide, was discovered near the cavern August 3. The Louisiana
Commissioner of Conservation issued a Declaration of Emergency August 3 due to
the sinkhole, and led authorities to order evacuations. The Texas Brine
Company, which has a plugged salt cavern within 100 yards of the sinkhole, was
ordered to investigate the site. Unexplained bubbles discovered in the region
in recent months and reported tremors were under investigation. Enterprise
Product Partners, owner of the Arcadian Gas Pipeline System, said it was forced
to shut two 20-inch gas pipelines near the area. Crosstex Energy said the
company shut a portion of its 36-inch natural gas pipeline, taking about 150
million cubic feet a day of supply offline. Source: http://www.reuters.com/article/2012/08/08/us-chevron-natgas-idUSBRE87716I20120808
• The Federal Aviation Administration proposed
a $1 million civil penalty against a regional airline for allegedly using
improper rivets on cockpit doors that it said made at least 186,189 flights
―unairworthy.‖ – CNN
15.
August 9, CNN – (National;
International) FAA proposes $1 million penalty against Horizon Air for
cockpit door rivets. The Federal Aviation Administration (FAA) proposed a
$1 million civil penalty against a regional airline for allegedly using
improper rivets on cockpit doors, saying the rivets could have damaged wiring
and other aircraft components, CNN reported August 9. The agency said Horizon
Air operated 22 aircraft for more than 3 years with the improper rivets, making
at least 186,189 flights while the planes were ―unairworthy.‖ The FAA
discovered the violations in 2011 when Horizon modified a 23rd aircraft with
blind rivets, and the plane experienced an incident during a flight because of
wire damage, the agency said. Horizon Air was required to use solid rivets on
the doors, but instead used blind rivets, which can be fastened from one side
of a panel or structure, ―blind‖ to the opposite side. Source: http://www.cnn.com/2012/08/08/travel/horizon-air-penalty/index.html
• A Dallas County, Texas judge declared a
public health emergency in Dallas County August 9 due to the West Nile virus
epidemic that has killed 9 people in the county this summer. – WFAA 8 Dallas
29.
August 10, WFAA 8 Dallas – (Texas) Dallas
County declares state of emergency due to West Nile. A Dallas County, Texas
judge declared a public health emergency in Dallas County August 9 due to the
West Nile virus epidemic. The judge instructed the Homeland Security and
Emergency Management Department to file a local disaster declaration with the
State. There have been 9 West Nile-related deaths in Dallas County this summer
and 12 overall in North Texas. The judge organized a work session August 10
with county, State, and federal health and emergency management officials to
discuss their response to the virus outbreak. Source: http://www.kvue.com/news/state/165714236.html
• Extensive
analysis on a new cyber espionage weapon dubbed ―Gauss‖ was released August 10,
stating the tool has capabilities to attack industrial control systems and
steal financial data. – Help Net Security See item 37 below in the Information Technology Sector
Details
Banking and Finance Sector
11. August 9, Associated Press – (Mississippi) 3
men indicted on credit card fraud charges. Three men were indicted on
charges related to the discovery of 485 credit cards and gift cards during a
traffic stop in Rankin County, Mississippi, July 1, the Associated Press
reported August 9. An affidavit filed in the case by a Secret Service agent
said the men were pulled over in a car with Texas plates because the car
allegedly swerved over a line on the highway. The affidavit said the cards were
found hidden behind the dashboard. Some of the cards had the defendants’ names
on them but the magnetic strips pulled up other people’s accounts. Source: http://www.sacbee.com/2012/08/09/4710014/3-men-indicted-on-credit-card.html
12. August 9, Philadelphia Inquirer – (New Jersey;
South Carolina; Georgia) 10 charged in $40 million shore, resort mortgage
fraud. Ten New Jersey residents were charged in a $40 million mortgage
fraud scheme involving properties and resorts in New Jersey, South Carolina,
and Georgia, federal officials said August 9. A New Jersey man and some of his
alleged co-conspirators sought out oceanfront condominiums overbuilt by financially
distressed developers and recruited straw buyers for the properties. The
plotters then created false documents that made the straw buyers appear more
credit-worthy than they were, the indictment alleged. Working with brokers in
on the scheme, the alleged conspirators then obtained mortgages for the
properties. Source: http://www.philly.com/philly/news/20120809_10_charged_in__40_million_Shore__resort_mortgage_fraud.html
13. August 9, Wired – (New York) Goldman Sachs
programmer back in court on new charges. A former programmer for Goldman
Sachs who downloaded source code for the investment firm’s high-speed trading
system from the company’s computers was back in New York State court on new
charges that he unlawfully duplicated and used the company’s proprietary code.
The programmer was re-arrested the week of July 30, according to his attorney,
and was slated to be arraigned in Manhattan criminal court August 9 on State
charges of ―unlawful use of secret scientific material‖ and ―unlawful
duplication of computer related material.‖ The new charges come after the
programmer defeated previous federal charges against him for theft of the code.
He was convicted in 2010 under the Economic Espionage Act of 1996. But in
February 2011, an appellate court reversed that conviction. Source: http://www.wired.com/threatlevel/2012/08/sergey-aleynikov-new-charges/
For another story,
see item 37 below in the Information Technology Sector
Information Technology Sector
37. August 10,
Help Net Security – (International) Stuxnet cousin able to attack industrial
control systems. Extensive analysis on a new cyber espionage weapon dubbed
―Gauss‖ was released August 10, stating the tool has capabilities to attack
national critical infrastructure and steal financial data. Experts believe it
was designed by the same source behind the state-sponsored Flame and Stuxnet
cyberweapons, Gauss was discovered in June and was already found to have
infected personal computers in Lebanon and other countries in the Middle East.
The sophisticated malware, which not only steals system information but has a
potentially dangerous ―mysterious payload,‖ also contains a module known as
―Godel,‖ which researchers concluded contains a weapon for attacking industrial
control systems. Source: http://www.net-security.org/malware_news.php?id=2215
38. August
10, Help Net Security – (International) Blizzard confirms hack,
urges users to change passwords. The chief executive office (CEO) of
Blizzard confirmed in a letter that the company’s internal network was breached
the week of August 6. The ―unauthorized and illegal access‖ was closed off, and
an investigation in the matter started. It appeared that no financial
information was compromised. ―Some data was illegally accessed, including a
list of email addresses for global Battle.net users, outside of China. For
players on North American servers (which generally includes players from North
America, Latin America, Australia, New Zealand, and Southeast Asia) the answer
to the personal security question, and information relating to Mobile and
Dial-In Authenticators were also accessed. Based on what we currently know,
this information alone is NOT enough for anyone to gain access to Battle.net
accounts,‖ the CEO said. Cryptographically scrambled versions of Battle.net
passwords for players on North American servers were also taken, so players
were advised to change their password. Source: http://www.net-security.org/secworld.php?id=13410
39. August
10, Softpedia – (International) NIST and Venafi highlight the risks of CA
compromises. With the release of a study entitled ―Preparing for and
Responding to Certificate Authority Compromise and Fraudulent Certificate Issuance,‖
the National Institute of Standards and Technology (NIST) and Venafi are aiming
to alert organizations to the risks posed by a security breach that affects
certificate authorities (CAs). The bulletin, a result of the collaboration
between NIST’s Information Technology Laboratory (ITL) and the EKCM solutions
provider, is meant to alert and advise government and private agencies on what
must be done if certificates are fraudulently issued. In the past few years,
digital certificates, their issuers and private keys have become a tempting
target for cyber criminals. Large organizations may use up to tens of thousands
of certificates and encryption keys to secure communications, and they must be
aware that misplacing any of them could have devastating consequences. To
mitigate the risks posed by an incident that affects a CA, organizations must
secure CAs, establish a proper inventory of all the certificates they utilize,
identify certificate replacement procedures, and seek out backup sources for
the rapid acquisition of new certificates. Source: http://news.softpedia.com/news/NIST-and-Venafi-Highlight-the-Risks-of-CA-Compromises-286026.shtml
40. August
10, Softpedia – (National) FBI on Reveton ransomware: We are getting dozens
of complaints every day. The FBI’s Internet Crime Complaint Center has
become inundated with complaints received from Internet users who have had
their computers locked-down by a malicious computer virus. The main actor in
these incidents is the Reventon ransomware. Some variants hijack the Web
camera, take a picture of the computer’s owner, and display it on the locked
screen. The organization issued a warning regarding Reveton in May 2012, but
the number of infections has increased considerably since then. Source: http://news.softpedia.com/news/FBI-on-Reveton-Ransomware-We-are-Getting-Dozens-of-Complaints-Every-Day-286054.shtml
41. August 9, ZDNet – (International) Adobe warns
of critical holes in Reader, Acrobat. August 9, Adobe announced it would
release an update for Adobe Reader (9.5.1) and Acrobat (10.1.3) and earlier
versions for both Windows and Mac to fix critical security flaws. The updates
will be released August 14. The flaws are rated ―critical,‖ meaning malicious
native-code can be executed without a user’s knowledge. Out of the six versions
of Adobe Reader and Adobe Acrobat, four have a priority rating of 2, signifying
―a vulnerability that has historically been at elevated risk,‖ despite ―no
known exploits.‖ However, both products have versions for Windows and Mac that
are at rating 1, noting that a vulnerability is ―being targeted‖ or at a
―higher risk of being targeted.‖ These updates should be installed within 72
hours of the security fix release. Source: http://www.zdnet.com/adobe-warns-of-critical-holes-in-reader-acrobat-7000002395/
42. August 9, Computerworld – (International) Microsoft
plans patches for ‘hacker’s playground’. August 9, Microsoft said it will
patch at least 14 vulnerabilities August 14, including 4 in Internet Explorer,
making it 3 months in a row that the company plugged holes in its browser. Of
the nine updates, five will be labeled ―critical.‖ The other four will be
pegged ―important.‖ The most important items are the patches for Exchange, the
email server software used by most companies, and SQL Server, the database that
runs many corporations’ internal and external processes, including powering Web
sites and providing workers with everything from business intelligence to
financial information. Source: http://www.computerworld.com/s/article/9230147/Microsoft_plans_patches_for_hacker_s_playground
43. August 9, Threatpost – (International) Researcher
finds technique to bypass Microsoft’s EMET protections. The Enhanced
Mitigation Experience Toolkit (EMET), which Microsoft updated in July to include
one of the three technologies that were finalists in the company’s BlueHat
Prize competition, is designed to prevent certain kinds of exploits from
targeting software vulnerabilities. However, a researcher posted two exploits
he developed that can bypass the protections in the newest version of EMET. The
researcher said he used an exploit for CVE-2011-1260, a flaw in Internet
Explorer, to demonstrate the bypass. Source: http://threatpost.com/en_us/blogs/researcher-finds-technique-bypass-microsofts-emet-protections-080912
For more stories, see items 13 above in
the Banking and Finance Sector
Communications Sector
44.
August 10, Youngstown Vindicator –
(Ohio) AT&T confirms recent cellular outage. An AT&T spokesman
confirmed that several towers and cell sites were knocked offline in the
Youngstown, Ohio area August 8, the Youngstown Vindicator reported August 10. A
spokesman for the communications company said AT&T had not yet found the
cause of the outage, but he did say that it led to ―degraded service‖ for some
area customers most of August 8. The company’s technicians and engineers were
able to resolve the problem by the afternoon of August 8. He said the outage is
not common, and the incident was confined to sites in and around Youngstown.
Source: http://www.vindy.com/news/2012/aug/10/atampt-confirms-recent-cellular-outage/
45.
August 9, Charleston Daily Mail –
(West Virginia) Thousands without Frontier service. Services were
disrupted to about 3,000 Frontier Communications customers in Kanawha County,
West Virginia August 8. The company notified customers by automated calls. The
outage occurred when a contractor involved in a construction project at Spring
and Bullitt streets cut two major underground Frontier Communications cables,
knocking out service to customers from Bigley Avenue to the Mink Shoals area.
The company’s communications manager for West Virginia said the cables were
―significant‖ in size. A crew worked overnight August 8 into August 9 to repair
the cable, he said. Source: http://www.dailymail.com/News/Kanawha/201208090071
For
another story, see item 42 above in the Information Technology
Sector