Thursday, December 13, 2012
Daily Report
Top Stories
• A gasoline rationing plan that lets motorists
fill up every other day went into effect in New York November 9, as utility
crews made some progress erasing new outages that put thousands of homes and
businesses in the dark in a region still reeling from Superstorm Sandy. – Associated
Press
1.
November 9, Associated Press –
(Connecticut; New Jersey; New York) Gas rationing begins in NY as power
outages abate. A gasoline rationing plan that lets motorists fill up every
other day went into effect in New York November 9, as utility crews made some
progress erasing new outages that put thousands of homes and businesses in the
dark in a region still reeling from Superstorm Sandy. Police enforced the new
system at filling stations in New York City and on Long Island as drivers
turned out before dawn to line up for their rations. Gas was available to
drivers with license-plate numbers ending in an odd number or a letter November
9. November 10, drivers with license plates that end in even numbers or zero
could fuel up. Buses, taxis, and limousines, commercial vehicles, and emergency
vehicles are exempt from the plan, as were people carrying portable gas cans.
Only a quarter of the city's gas stations were open, the mayor said. Some were
closed because they were out of power, others because they could not get fuel
from terminals and storage tanks that could not unload their cargo. Snow
blanketed several States from New York to New England and stymied recovery
efforts from Superstorm Sandy as additional storm-weakened trees snapped and
more power lines came down. The New York governor joined the calls for an
investigation November 9, ripping the utilities as unprepared and badly
managed. The utilities have said they are dealing with damage unprecedented in
its scope and are doing the best they can. By November 9, there were more than
220,000 outages left in the New York area, mostly on Long Island, and about
250,000 in New Jersey. Almost all Connecticut residents had lights again, down
from 625,000 at the storm's height. Source: http://wcfcourier.com/news/national/gas-rationing-begins-in-ny-power-outages-persist/article_8d7c15fc-c103-5e33-a072-7f06bf94d27f.html
• Hundreds of millions of gallons of untreated
or partially treated wastewater have flowed into New Jersey's waterways since
Superstorm Sandy, affecting 1.4 million residents in 48 towns, the Associated
Press reported November 8. – Associated Press
28.
November 8, Associated Press – (New
Jersey) Sewage issues prompt call for NJ to curb water use. Hundreds of
millions of gallons of untreated or partially treated wastewater have flowed
into New Jersey's waterways since superstorm Sandy hit the week of October 29,
creating what the State's governor called "a huge problem" November
8. Most of the wastewater is coming from the crippled Passaic Valley Sewerage
Commission (PVSC) system, which suffered power outages and flooding from Sandy,
the State Department of Environmental Protection (DEP) said. November 8, the
governors office and the DEP urged the 1.4 million residents in 48 towns served
by the PVSC to restrict water use to reduce stress on the system. Right after
the storm, the PVSC system was releasing 500 million gallons of untreated
wastewater and stormwater a day into Newark Bay, a DEP spokesman said. The
PVSC, after restoring power and repairing some of the damage the weekend of
November 2, has been pumping 250 million gallons of partially treated
wastewater per day through its normal route into New York Harbor. Utilities are
not allowed to dump untreated or partially treated water into waterways unless
an emergency exists, the DEP spokesman said. The Middlesex County Utility
Authority's (MCUA) wastewater treatment system also sustained damage and has
been pumping about 65 million gallons of untreated wastewater per day into the
Raritan River, MCUA's executive director said November 8. The DEP issued a
water restriction advisory to the 38 towns and 797,000 customers of MCUA
November 6. Source: http://www.timesunion.com/news/science/article/Residents-in-48-NJ-towns-asked-to-reduce-water-use-4020252.php
• After 59 hang-up 9-1-1 calls in 2 days,
police staked out and arrested a southern Nevada man they think made more than
3,600 phantom emergency calls during the past year, the Associated Press
reported November 8. – Associated Press (See item 37)
37.
November 8, Associated Press –
(Nevada) Nevada man accused of making phantom 911 calls. After 59 hang-up
9-1-1 calls in 2 days, police staked out and arrested a southern Nevada man
they think made more than 3,600 phantom emergency calls during the past year. A
Henderson police spokesman said November 8 that detectives questioned the man
before, but he always denied making the calls or blamed them on others using
his phone. November 7, detectives confronted the man after watching him
allegedly make a call to the city's 9-1-1 dispatch center. The police spokesman
said he later told police his phone was broken and dialed 9-1-1 by itself. He
is being held at the Henderson jail on 59 counts of unlawful use of an
emergency phone number. Police said he could face 1 year in jail and a $2,000
fine on each charge. Source: http://www.timesunion.com/news/crime/article/Nevada-man-accused-of-making-phantom-911-calls-4021507.php
• Malware that disables computers and demands
that hefty cash payments be paid to purported law-enforcement agencies before
the machines are restored is extorting as much as $5 million from end-user
victims, researchers said. – Ars Technica See item 44
below in the Information Technology
Sector
Details
Banking and Finance Sector
12. November
9, Reuters – (International) MoneyGram settles fraud allegations with DoJ.
Payment transfer company MoneyGram International Inc said it reached a $100
million settlement with U.S. authorities related to suspected fraudulent
transactions by some agents, Reuters reported November 9. The settlement also
involves the appointment of an independent compliance monitor. The U.S.
Attorney's Office for the Middle District of Pennsylvania and the U.S.
Department of Justice had accused MoneyGram of aiding wire fraud and failing to
implement an effective anti-money laundering program, the company said.
MoneyGram did not provide details of the allegations, which relate to
transactions by third-party agents in the United States and Canada from 2003 to
early 2009. Source: http://www.reuters.com/article/2012/11/09/us-moneygram-fraud-idUSBRE8A80WO20121109
13. November
8, Reuters – (New York; National) Longtime Madoff employee admits decades
of fraud. One of Bernard L. Madoff Investment Securities LLC's
longest-serving employees pleaded guilty November 8 to falsifying records, a
conspiracy that a prosecutor said began in the 1970s at the start of the
multibillion-dollar Ponzi scheme. The man, a former controller, told a New York
City federal court judge that for years he fudged the books on the company's
founder's orders, but that at no point did he suspect the epic, decades-long
fraud. The former controller, who signed a plea agreement with federal
prosecutors, pleaded guilty to charges of conspiracy to commit securities fraud
and falsifying documents. The man's son, another former employee, pleaded
guilty in 2011 to criminal charges of bank fraud and charges that he reported
people were employees so they could receive retirement benefits. The father
joined the firm in 1964 and was the firm's first employee who was not a family
member. Although he retired in 1998, he and his wife illegally remained on the
payroll and received benefits but did not work. A prosecutor said that "as
early as the mid 1970s" he had begun changing the financial records of
accounts at the founder's direction. Source: http://www.chicagotribune.com/business/sns-rt-us-madoff-controller-pleabre8a804e-20121108,0,3089269.story
14. November
8, Chicago Sun-Times Media Wire – (Illinois) ‘Stringer Bell
Bandit’ strikes another Chicago bank. A man dubbed the ―Stringer Bell
Bandit‖ — named after a character from the TV series The Wire — robbed his
fifth bank in past in Chicago in the past month, the Chicago Sun-Times Media
Wire reported November 8. The most recent robbery happened at a Citibank on
North LaSalle Street, police said. The man is also suspected of robbing a
Citibank branch on West Adams Street October 10, a Citibank branch on West
Washington Street October 17, a PNC Bank branch on
West Monroe Street October
23, and a Fifth Third Bank branch on South Dearborn Street November 2, the FBI
said. Weapons were not shown in the robberies, which were described as
‖non-takeover.‖ Source: http://chicago.cbslocal.com/2012/11/08/stringer-bell-bandit-strikes-another-chicago-bank/
15. November
8, U.S. Securities and Exchange Commission – (Louisiana) SEC
charges Baton Rouge-based investment adviser with hiding losses from
mortgage-backed securities investments. The U.S. Securities and Exchange
Commission (SEC) November 8 charged a hedge fund manager in Baton Rouge, Louisiana,
with defrauding investors by hiding $32 million in losses suffered during the
financial crisis from investments tied to residential mortgage-backed
securities (RMBS). The SEC alleges that the man and his firm Commonwealth
Advisors Inc. caused the hedge funds they managed to buy the lowest and
riskiest tranches of a collateralized debt obligation (CDO) called Collybus.
They sold mortgage-backed securities into the CDO at prices they had obtained 4
months earlier while knowing that the RMBS market had declined precipitously in
the meantime. As the CDO investments continued to perform poorly, the man
instructed Commonwealth employees to conduct a series of manipulative trades
between the hedge funds they advised (called cross-trades) in order to conceal
a $32 million loss experienced by one of the funds in its Collybus investment.
He and Commonwealth lied to investors about the amount and value of
mortgage-backed assets held in the hedge funds, and they created phony internal
documents to justify their false valuations. He and employees under his
direction also continued to cross-trade and create false gains to conceal their
losses. Source: http://www.sec.gov/news/press/2012/2012-222.htm
16. November
8, U.S. Securities and Exchange Commission – (California) SEC
charges executives and auditor of electronic game card company with fraud. The
U.S. Securities and Exchange Commission (SEC) November 8 charged three
executives with repeatedly lying to investors about the operations and
financial condition of an Irvine, California-based company that purported to
sell credit card-size electronic games. The SEC also charged the company’s
independent auditor with facilitating the scheme. The SEC alleges that the
company's chief executive officer (CEO) and chief financial officer (CFO)
orchestrated a scheme in which Electronic Game Card Inc. (EGMI) enticed
investors by claiming to have millions of dollars in annual revenue, hold
millions of dollars in investments, and own an off-shore bank account worth
more than $10 million. In reality, many of the company’s purported contracts
were phony, the purported investments were merely in entities affiliated with
the two executives, and the bank account did not exist. As a result of EGMI’s
false claims, the company’s outstanding common stock was once valued as high as
$150 million. EGMI is now bankrupt and its stock is worthless. The SEC charged
the company’s outside auditor — certified public accountant — with repeatedly
issuing clean audit opinions about EGMI based on reckless and deficient audit
work. Also charged is a man who later replaced the CEO and ignored many red
flags about the accuracy of the company’s public statements and the integrity
of the former CEO and CFO. He provided false information during conference
calls with analysts and investors. Source: http://www.sec.gov/news/press/2012/2012-223.htm
17. November
8, Associated Press – (Idaho; California) AK-47 Bandit' hits Rexburg credit union. The
FBI said a robber who held up a Rexburg, Idaho credit union with an AK-47 rifle
November 6 likely has hit other banks elsewhere in the country. The federal law
enforcement agency released photos from the heist at the East Idaho Credit
Union showing the man brandishing an assault rifle. Officials said the man is
also known as the "AK-47 Bandit" and is suspected in robberies
including a holdup in California in February in which he wounded a police
officer. The subject entered the Rexburg bank wearing a mask, black gloves, a
black coat with a hood, and baggy jeans during the robbery. After ordering
employees into a vault, he was seen driving in a dark blue sedan on South
Yellowstone Highway. Source: http://seattletimes.com/html/localnews/2019640318_apidak47bandit.html
Information Technology Sector
39. November
9, Softpedia – (International) Joomla 3.0.2 and 2.5.8 available for
download, security fixes included. The Joomla Project released Joomla 3.0.2
and Joomla 2.5.8. Both variants come with a number of improvements, including
fixes for security issues. In Joomla 3.0.2, a medium priority cross-site
scripting (XSS) vulnerability that affected the language search component was
fixed. In the 2.5.8 version of Joomla, nine tracker issues were fixed, along
with a clickjacking vulnerability caused by ―inadequate protection.‖ Source: http://news.softpedia.com/news/Joomla-3-0-2-and-2-5-8-Available-for-Download-Security-Fixes-Included-305842.shtml
40. November
9, The Register – (International) Windows 8, Surface slabs already need
critical security patch. Microsoft will release critical updates for
Windows 8 and other software on November's Patch Tuesday the week of November
12. The upgrades will arrive within weeks of the Windows 8 launch at the end of
October. All supported versions of the Windows operating system from XP SP3 up
to and including Windows 8 and Windows Server 2012 will need patching to close
three security holes that enable hackers to execute malicious code remotely on
vulnerable systems. The fourth critical patch will address a vulnerability in
Internet Explorer 9 on Windows 7, Vista, and Server 2008. Two of the updates
for November will also patch Windows 8 RT as used in Microsoft's new Surface
tablet laptop. Microsoft's security experts also lined up an
"important" update that corrects a remote-code execution bug in Excel
in Microsoft Office 2010, 2007, and 2003. A sixth update, labelled
"moderate" in severity, prevents information leaking from Windows
Vista, 7, and Server 2008. Source: http://www.theregister.co.uk/2012/11/09/nov_patch_tuesday_pre_alert/
41. November
9, The Register – (International) Bloke flogged $1.2m of pirated Microsoft gear
on eBay, say Feds. A man from Atlanta, Michigan, was charged with selling
counterfeit Microsoft software valued at more than $1.2 million. He is accused
of five counts of criminal copyright infringement and one count of mail fraud
over the alleged resale of pirated software sourced from east Asia. According
to his charge sheet, the man unlawfully distributed Microsoft Office 2003
Professional and Microsoft Windows XP Professional by purchasing dodgy copies
of the products from China and Singapore, and then sold the software through
auctions on eBay. He allegedly made at least $140,000 through selling more than
2,500 copies of Microsoft programs between May 2008 and September 2010 before
he was arrested. If convicted, he faces up to 45 years in prison and $1.5
million in fines. Source: http://www.theregister.co.uk/2012/11/09/ebay_counterfeit_ms_software_prosecution/
42. November
8, ZDNet – (International) Twitter user passwords reset after accounts
breached. An unknown number of Twitter users received a genuine email from
the company warning they should change their password as soon as possible. However,
a Twitter spokesperson told ZDNet that the email was sent to a wider group of
users than intended. In the email, the microblogging company noted:
"Twitter believes that your account may have been compromised by a website
or service not associated with Twitter. We've reset your password to prevent
others from accessing your account." It remains unclear how many users
were affected by the password reset email or what caused the mass emailing of
Twitter's users. A post November 7 noted that in some cases when "large
numbers of Twitter accounts have been hijacked," the company sends out
these emails en masse; even sending messages to accounts that may not have been
affected by any hack or hijack to err on the side of caution. Source: http://www.zdnet.com/twitter-user-passwords-reset-after-accounts-breached-7000007108/
43. November
8, Softpedia – (International) Experts find DOM-based XSS vulnerability in
Google.com. Security researchers from Minded Security identified a document
object model (DOM)-based cross-site scripting (XSS) vulnerability on
Google.com. The security hole was identified with the aid of DOMinatorPro — a
runtime JavaScript DOM XSS analyzer. According to the researchers, DOMinatorPro
revealed a piece of code in googleadservices.com /pagead/landing.js which used
invalidated input to build the argument for two "document.write "
calls. They found that the buggy JavaScript was utilized by
google.com/toolbar/ie/index.html (both HTTP and HTTPS). "[This] means that
one more time a (almost) 3rd party script introduces a flaw in the context of
an unaware domain," a researcher from Minded Security explained. He
suggested a workaround, but Google decided to address this issue by removing
the problematic script altogether. Source: http://news.softpedia.com/news/Experts-Find-DOM-Based-XSS-Vulnerability-in-Google-com-305585.shtml
44. November
8, Ars Technica – (International) Mushrooming ransomware now extorts $5 million
a year. Malware that disables computers and demands that hefty cash
payments be paid to purported law-enforcement agencies before the machines are
restored is extorting as much as $5 million from end-user victims, researchers
said. The estimate, contained in a report published November 8 by researchers
from antivirus provider Symantec, is being fueled by the mushrooming growth of
so-called ransomware. Once infected, computers become unusable and often
display logos of local law-enforcement agencies, along with warnings that the
user has violated statutes involving child pornography or other serious
offenses. The warnings then offer to unlock the computers if users pay a fine
as high as $200 within 72 hours. The report identified at least 16 different
ransomware versions spawned by competing malware gangs. Many are completely
different families of malware, rather than multiple variants of the same
family, and most have their own unique behavior. Source: http://arstechnica.com/security/2012/11/mushrooming-growth-of-ransomware-extorts-5-million-a-year/
Communications Sector
Nothing to
report
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.