Wednesday, May 1, 2013
Complete DHS Daily Report for May 1, 2013
Daily Report
Top Stories
• A man was charged with fraud and identity
theft for allegedly using information from insiders with access to Alabama Department
of Corrections systems to obtain inmates’ personal information and then file
false tax returns in their names. – Softpedia See item 8
below in the Banking and Financial
Sector
• Crude oil mixed with natural gas spewed
across U.S. Route 219 in Bradford, Pennsylvania, April 27 after a valve on a
pipeline broke, prompting authorities to close the highway for about 5 hours. –
Associated Press
17.
April 29, Associated Press –
(Pennsylvania) Bradford, Pa., highway closed by spewing oil from pipeline. Crude
oil mixed with natural gas spewed across U.S. Route 219 in Bradford April 27
after a valve on a pipeline broke, prompting authorities to close the highway
for about 5 hours. Source: http://www.the-leader.com/news/x91992959/Bradford-Pa-highway-closed-by-spewing-oil-from-pipeline
• A former water official was convicted on 11
counts of lying about mixing carcinogen-tainted well water into the village of
Crestwood, Illinois’s drinking supply from 1982 until 2008. – Associated
Press
22.
April 30, Associated Press –
(Illinois) Tainted well water case ends in guilty verdict. A former
suburban Chicago water official was convicted April 29 on 11 counts of lying
about mixing carcinogen-tainted well water into the village of Crestwood’s
drinking supply from 1982 until 2008 in order to cut costs. Source: http://www.businessweek.com/ap/2013-04-30/tainted-well-water-case-ends-in-guilty-verdict
• At least 8 people were injured and nearly
150 arrested in Virginia Beach after instances of violence and disorder as
between 30,000 and 40,000 people congregated for College Beach Weekend 2013
beginning April 26, an event city officials knew little about beforehand. – Associated
Press
39.
April 30, Associated Press –
(Virginia) Nearly 150 people arrested in violent VB weekend. At least 8
people were injured and nearly 150 arrested in Virginia Beach after instances
of violence and disorder as between 30,000 and 40,000 people congregated for
College Beach Weekend 2013 beginning April 26, an event city officials knew
little about beforehand. Source: http://www.sfgate.com/news/crime/article/Nearly-150-people-arrested-in-violent-VB-weekend-4475606.php
Details
Banking and Finance Sector
7. April
30, V3.co.uk – (International) Ramnit sleeping malware targets UK financial
sector. A new variant of the Ramnit malware with advanced detection-evading
characteristics was found attacking online banking customers in the U.K.,
according to Trusteer researchers. Source: http://www.v3.co.uk/v3-uk/news/2264999/ramnit-sleeping-malware-targets-uk-financial-sector
8. April 29, Softpedia – (Alabama) Alabama man
charged on suspicion of using prisoner identities in fraud scheme. A man
was charged with 34 counts of fraud and identity theft for allegedly using
information from insiders with access to Alabama Department of Corrections
systems to obtain inmates’ personal information and then file false tax returns
in their names, fraudulently earning over $2.5 million between 2010 and 2012.
Source: http://news.softpedia.com/news/Alabama-Man-Charged-on-Suspicion-of-Using-Prisoner-Identities-in-Fraud-Scheme-349198.shtml
9. April
29, St. Louis Post-Dispatch – (Missouri) FDIC sues former
directors of failed Champion Bank. The Federal Deposit Insurance
Corporation filed a $15.6 million suit against 10 executives and board members
of the failed Champion Bank for allegedly investing recklessly in failing
housing developments, leading to the bank’s failure. Source: http://www.stltoday.com/business/local/fdic-sues-former-directors-of-failed-champion-bank/article_92e5a10b-4713-539e-8689-1e4012b8ad28.html
10. April
29, U.S. Securities and Exchange Commission – (Connecticut) Level
Global agrees to pay more than $21.5 million to settle SEC insider trading
charges. Greenwich-based Level Global Investors LP agreed to pay the U.S.
Securities and Exchange Commission more than $21.5 million to settle charges of
insider trading. Source: http://www.sec.gov/news/press/2013/2013-76.htm
Information Technology Sector
34. April
30, Softpedia – (International) PDF vulnerability exploited in MiniDuke
campaign, used in Zegost, PlugX attacks. Researchers at Trend Micro found
that at least three advanced persistent threat (APT) campaigns are using the
CVE-2013-0640 vulnerability in Adobe Reader to spread malware, though their
payloads differ. Source: http://news.softpedia.com/news/PDF-Vulnerability-Exploited-in-MiniDuke-Campaign-Used-in-Zegost-PlugX-Attacks-349753.shtml
35. April
30, Softpedia – (International) Vulnerabilities in D-Link IP cameras can be
used to capture video streams. Several vulnerabilities in D-Link IP cameras
can be exploited to access video streams, execute arbitrary commands, bypass
authentication, and other purposes, according to research from Core Security.
Source: http://news.softpedia.com/news/Vulnerabilities-in-D-Link-IP-Cameras-Can-Be-Used-to-Capture-Video-Streams-349669.shtml
36. April
29, Threatpost – (International) Google mandates app updates come from Google
Play. Google instituted a policy whereby apps available through its Google
Play app store must issue updates via Google Play’s update mechanism in order
to prevent malicious apps from sending updates to users after an approved app
is downloaded. Source: http://threatpost.com/google-mandates-app-updates-come-from-google-play/
37. April
29, Computerworld – (International) Google pays record $31K bounty for Chrome
bugs. Google paid a researcher from the University of Luxembourg $31,336
for uncovering three “high” rated vulnerabilities in Chrome via the company’s
bug bounty program. Source: http://www.networkworld.com/news/2013/042913-google-pays-record-31k-bounty-269213.html
For an additional story
see item 7 above in the Banking and
Finance Sector
Communications Sector
38.
April 29, WBIR 10 Knoxville –
(National) Phone outage impacts East TN businesses. Arkansas-based
national Internet and telephone provider Windstream suffered an outage for more
than 5 hours April 29, impacting multiple businesses throughout the country
including long-distance and toll free call processing services. Source: http://www.wbir.com/news/article/272253/2/Windstream-outage-affecting-business-phone-lines-across-country
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.
No comments:
Post a Comment