Tuesday, September 25, 2012 


Daily Report

Top Stories

 • Firefighters put out a fire and plugged a leak in an overturned propane tank truck that prompted the evacuation of buildings in a 1-mile radius, and the closure of many streets in Bedminster, Pennsylvania. – Philadelphia Inquirer

2. September 24, Philadelphia Inquirer – (Pennsylvania) Propane tank truck fire under control in Bucks. Firefighters put out a fire and plugged a leak in an overturned propane tank truck that prompted the evacuation of buildings in a 1-mile radius of the crash in a mostly rural stretch of Bedminster, Pennsylvania, the Philadelphia Inquirer reported September 24. It was not clear yet when evacuees would be allowed to return to their homes and businesses and roads remained closed in the area as crews prepared to transfer propane still in the tank to another vehicle. At least one person was reported injured in the crash between another vehicle and the tanker that sparked a stubborn fire on Easton Road (Route 611) near Creamery Road. Instead of attacking the fire directly, firefighters poured water on the propane tank to keep it cool and to prevent it from exploding. Some units were to remain at the scene while the remaining propane was transferred to another tank. During the operation, commanders brought in more units to relieve firefighters, and a diesel fuel truck to refuel fire vehicles. Buildings in the area include a Kimberton Whole Foods Store, medical offices, and the Ottisville Volunteer Fire Co. Source: http://www.philly.com/philly/news/20120924_Flaming_propane_truck_shuts_road__prompts_evacuations.html

 • Federal prosecutors announced charges against nine more defendants in an ongoing mortgage fraud case involving more than $100 million in loans and at least 80 homes in and around Union County, North Carolina. – Charlotte Observer See item 13 below in the Banking and Finance Sector

 • Heavy rains and flooding in Alaska forced the evacuation of a town, washed out roads, and damaged 70 miles of train tracks. – Associated Press
19. September 22, Associated Press – (Alaska) Floods bring evacuation in Alaska town. Residents of Talkeetna, Alaska, were asked to leave because of the threat of flooding from the rain-swollen Talkeetna River after it breached a levee west of town in two or three places, the Associated Press reported September 22. Flooding from heavy rains caused problems over a wide part of Alaska, from Talkeetna, near the base of Mount McKinley, to the port town of Seward, about 150 miles to the south. Many roads were closed or washed out, and landslides were reported. The governor toured the area by helicopter and declared a State disaster for the areas hit by the flooding. The flooding and high winds have interrupted passenger and freight train traffic since September 18, said a spokeswoman for Alaska Railroad. Trains scheduled to travel north of the Anchorage suburb of Wasilla were canceled at least until September 24. Crews were dealing with washouts and bridge damage in several areas along a 70-mile stretch of railway. Overnight rain totals ranged from 0.5 inches to 1.5 inches north of Anchorage in the Matanuska-Susitna Borough, a National Weather Service hydrologist said September 21. The Talkeetna River was 4 feet above flood level and within a foot of its record stage of 17.4 feet. Water covered 35 percent of Talkeetna September 21, said the borough spokeswoman. Source: http://www.nytimes.com/2012/09/23/us/talkeetna-alaska-faces-flooding.html?_r=1

 • Grocery store chain Trader Joe’s has recalled peanut butter linked to 29 Salmonella illnesses in 18 States. – Associated Press

24. September 24, Associated Press – (National) Trader Joe’s recalls peanut butter linked to Salmonella cases. Grocery store chain Trader Joe’s recalled peanut butter linked to 29 Salmonella illnesses in 18 States, the Associated Press reported September 24. The U.S. Food and Drug Administration (FDA) and the Centers for Disease Control (CDC) said the store’s Creamy Salted Valencia Peanut Butter, which is sold nationwide, is the likely source of the outbreak. The agencies are investigating whether any other items sold at the store could be contaminated. The FDA issued a statement saying the FDA, the CDC, and the State of California briefed Trader Joe’s on its investigation showing the link between the peanut butter and the illnesses September 20; Trader Joe’s then agreed to remove the product from store shelves. According to the individual States’ health departments, three cases were in Massachusetts, one was in Rhode Island, and one was in North Carolina. The CDC said people became sick June 11 to as recent as September 2. Source: http://www.latimes.com/business/la-fi-peanut-butter-recall-20120924,0,5228064.story

 • A female kitchen employee was killed and another seriously injured in a disturbance involving an inmate while breakfast was being prepared at Arkansas Valley Correctional Facility in Crowley, Colorado. – Associated Press
33. September 24, Associated Press – (Colorado) 1 staffer killed, another injured in Colo. prison. A female kitchen employee was killed and another seriously injured September 24 in a disturbance involving an inmate while breakfast was being prepared at Arkansas Valley Correctional Facility in Crowley, Colorado, a spokeswoman said. State investigators were called to the prison to try to determine what happened. Meals were being delivered from other facilities after the kitchen was shut down, and the prison was placed on lockdown. Source: http://www.wect.com/story/19622431/2-staffers-injured-in-sw-colo-prison-disturbance

Details

Banking and Finance Sector

11. September 24, Financial Industry Regulatory Authority – (National) FINRA fines Merrill Lynch $500,000 for failing to file required reports. The Financial Industry Regulatory Authority (FINRA) announced September 24 that it censured and fined Merrill Lynch, Pierce, Fenner & Smith Inc. $500,000 for supervisory failures that allowed widespread deficiencies in filing hundreds of required reports, including customer complaints, arbitration claims, and related U4 and U5 filings, and for its failure to file the required reports. The violations, which went undetected for years, may have hampered investors’ ability to assess the background of certain brokers via BrokerCheck, FINRA’s public disclosure program. They also may have compromised firms’ ability to conduct background checks when making hiring decisions, reduced the ability of securities regulators to review brokers’ transfer applications, and hindered FINRA from promptly investigating certain disclosure items. Merill Lynch failed to file or timely file required report, complains, and settlements, and failed to adequately train and supervise personnel responsible for complaint tracking and reporting. Source:
g/Newsroom/NewsReleases/2012/P177007?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+FINRANews+(FINRA+News)&utm_content=Google+Reader

12. September 23, Associated Press – (National) Justice Dept to highlight investment fraud scams. With investment fraud cases piling up in the weak economy, the U.S. Justice Department (DOJ) is holding summits around the country to warn investors about the scams, which are often carried out by people with personal ties to the victims, the Associated Press reported September 23. The first regional conference is set for October 1 in Connecticut, where federal prosecutors have announced several fraud cases in September, including that of a man who cheated clients from his church. Summits are also planned for later October in Cleveland, Nashville, Miami, Denver, and San Francisco. Nationwide, federal prosecutors looking at investment cases from the last 2 years identified 500 prosecutions that targeted 800 defendants and involved more than $20 billion in fraud, a U.S. attorney said. The northeastern summit, hosted by the DOJ as well as the Securities and Exchange Commission, will bring together officials from agencies including the FBI as well as top federal prosecutors from neighboring States at the Stamford campus of the University of Connecticut. Topics to be addressed include case studies and the perspective of fraud victims. Source: http://www.google.com/hostednews/ap/article/ALeqM5iQyVrPqzBZyH7yA_CrUc_FTXcg5A?docId=33e7e50f1f8145d5aba40fcc17d43880

13. September 21, Charlotte Observer – (North Carolina) Nine more charged in mortgage scheme. Federal prosecutors announced charges September 21 against nine more defendants in an ongoing mortgage fraud case involving more than $100 million in loans and at least 80 homes in and around Union County, North Carolina. The U.S. Attorney’s Office for the Western District of North Carolina charged six people with mortgage fraud, bank bribery, money laundering, and wire fraud. Three more defendants agreed to plead guilty. Prosecutors have charged 50 defendants to date. The charges were part of a long-running investigation known as Operation Wax House that targeted a mortgage fraud cell operating from 2006-2007 in Union and Mecklenburg counties. Defendants involved included promoters, mortgage brokers, lawyers, real estate agents, builders, and homebuyers. There was also a bank bribery conspiracy, involving a bank insider who provided false verifications of deposits. Those involved in the alleged fraud agreed with sellers that they would buy a new house at its true price. They then worked with buyers, who would pretend to have the assets to buy the homes, to take out a loan to buy the house from them at an inflated value, generally $200,000 to $500,000 over its actual value. At closing, the participants in the scheme would split the difference. Source: http://www.charlotteobserver.com/2012/09/21/3547589/nine-more-charged-in-mortgage.html

14. September 21, U.S Attorneys Office; Federal Bureau of Investigation; Internal Revenue Service – (Massachusetts) Former Needham real estate attorney convicted of mortgage fraud. An attorney formerly operating a real estate practice in Needham, Massachusetts, was convicted September 20 in federal court on 38 counts of wire fraud and money laundering in connection with $4.9 million in fraudulent mortgage loans. Evidence presented at trial showed that in December 2006 and January 2007, the attorney participated in a scheme to defraud 6 mortgage lenders in connection for the purchases of 24 condominium units in the Dorchester community in Boston. The evidence showed that when he and an associate acting under his direction closed the loans, documents sent to the mortgage lenders falsely represented that funds had been collected at the closings from borrowers when in fact borrowers made no down payments and paid no funds. The attorney entered into an undisclosed agreement with the seller to subtract from the seller’s proceeds all the funds reported to the lenders as coming from the borrowers, and he used various other means to conceal from the lenders that the borrowers had provided no funds for the purchases. Source: http://www.wickedlocal.com/needham/news/x670725293/Former-Needham-real-estate-attorney-convicted-of-mortgage-fraud#axzz27PFKqD3v

15. September 20, Wall Street Journal – (Nevada; International) U.S. regulators concerned about Vegas bets on Chinese VIPs. U.S. regulators are worried about a Macau-based foreign tour industry they say exposes Las Vegas to money laundering, the Wall Street Journal reported September 20. The paper reported how some Chinese high-roller gamblers use ―junkets,‖ as foreign-tour operators are known, to get around a requirement that Chinese residents only take $50,000 in currency abroad a year. U.S. casinos are increasing their bets on the business, much to the concern of regulators worried that junket operators are bringing new money laundering methods to Las Vegas. The U.S. Treasury Department’s Financial Crime Enforcement Network (FinCEN) issued a Web alert in August to casinos advising them to monitor junket operations and junket patrons and report ―all available information‖ on any suspicious activity. Some junket industry activity on FinCEN’s radar includes obscuring the source of their funding, the method for transferring it to high rollers, and the identities of the gamblers themselves. Source: http://blogs.wsj.com/corruption-currents/2012/09/20/u-s-regulators-concerned-about-vegas-bets-on-chinese-vips/

Information Technology Sector

38. September 24, SC Magazine Australia – (International) Hacktivism skews security trend analysis. The re-emergence of the hacktivist movement appears to have caused complications for those in the information security industry charged with data breach trend analysis. There has been a series of massive data breaches over the last 16 months — each of which compromised more than 1 million identities. During the same time, much smaller incidents occurred in which only a handful of records were stolen. CQR Consulting’s chief technology officer said in July that the Anonymous hacking collective ―tend[ed] to find the vulnerable sites first, and justify their actions afterwards.‖ The Symantec’s August Intelligence Report reflected the skewed results in a comparison of the first 8 months of 2012 against the last 8 months of 2011, covering what the company said was the revival of the hacktivist AntiSec (anti-security) campaign. Source: http://www.scmagazine.com.au/News/316698,hacktivism-skews-security-trend-analysis.aspx

39. September 24, The Register – (International) Google Go language gets used: For file-scrambling trojan, though. Virus writers are experimenting with Google’s Go as a programming language for malware. The Encriyoko trojan uses components written in Go, a compiled language developed by the search company. Go was originally developed by Google in 2009. Once installed on a Microsoft Windows PC, the trojan attempts to use the Blowfish algorithm to encrypt all files matching various criteria including particular document types and a range of file sizes. The key used to encrypt the data is either pulled from a particular file on the D: drive or is randomly generated. This renders the data useless to its owner if the cipher cannot be recovered. The malware is circulating in the wild, and disguises itself as a tool to ―root‖ Samsung Galaxy smartphones. Source: http://www.theregister.co.uk/2012/09/24/google_go_trojan/

40. September 23, Computerworld – (International) Clues, experts say Microsoft knew of IE zero-day for weeks before patching. Microsoft may have known about the recent zero-day bug in Internet Explorer (IE) from for some time, according to its security advisory. The vulnerability, which was patched September 21 in an emergency, or ―out-of-band,‖ update, first became public September 15 when a researcher found an exploit on a known hacker server. The news prompted Microsoft to create a blocking tool within 3 days, then a fix for the flaw 3 days later. However, the company’s security team likely knew of the bug long before that. Source: http://www.computerworld.com/s/article/9231620/Clues_experts_say_Microsoft_knew_of_IE_zero_day_for_weeks_before_patching

41. September 22, The Register – (International) Microsoft issues IE 10 Flash flaw fix for Windows 8. Soon after an update that fixed the recent zero-day flaw discovered in Internet Explorer (IE) versions 7, 8, and 9, Microsoft released a separate patch that solves issues related to the Adobe Flash Player component of IE 10. The current Flash vulnerabilities only affect IE 10 running on Windows 8 and Windows 2012 server, meaning most Windows users are not vulnerable. However, although Microsoft’s latest operating systems have yet to ship to retail customers, they are already available to volume licensees and subscribers to Microsoft’s MSDN and TechNet programs. Source: http://www.theregister.co.uk/2012/09/22/win8_ie10_flash_fix/

42. September 21, The H – (International) Brute-force attack on Oracle passwords feasible. A security researcher provided details on vulnerabilities in the authentication protocol of Oracle’s database that he originally discovered in 2010. The researcher, from security specialist AppSec, presented his findings and the methods by which they can be exploited at the ekoparty Security Conference in Buenos Aires, Brazil. Although Oracle closed the hole with the 11.2.0.3 patch set, which introduced the new version 12 of the protocol in mid-2011, the researcher said there has been no fix for versions 11.1 and 11.2 of the database because the update was never included in any of Oracle’s regular ―critical patch updates.‖ Source: http://www.h-online.com/security/news/item/Brute-force-attack-on-Oracle-passwords-feasible-1714357.html

Communications Sector

See item 39 above in the Information Technology Sector


Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport

Contact Information

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2314

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.

Removal from Distribution List:     Send mail to support@govdelivery.com.


Contact DHS

To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at  nicc@dhs.gov or (202) 282-9201.

To report cyber infrastructure incidents or to request information, please contact US-CERT at  soc@us-cert.gov or visit their Web page at  www.us-cert.go v.

Department of Homeland Security Disclaimer

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.