DHS Daily Open Source Infrastructure Report

Friday, May 10, 2013   

Complete DHS Daily Report for May 10, 2013

Daily Report

Top Stories

 • The Pennsylvania Department of Transportation closed part of Interstate 81 and U.S. Route 22/322 in Dauphin County for over 12 hours May 9 after a tanker overturned and exploded. – WGAL 8 Lancaster

8. May 9, WGAL 8 Lancaster – (Pennsylvania) Some roads near tanker fire now open, PennDOT says. The Pennsylvania Department of Transportation closed part of Interstate 81 and U.S. Route 22/322 in Dauphin County for over 12 hours May 9 after a tanker overturned and exploded. State employees in Harrisburg were allowed to leave work 2 hours early to help alleviate expected congestion. Source: http://www.wgal.com/news/susquehanna-valley/dauphin/fiery-crash-shuts-down-part-of-i81-in-dauphin-county/-/9704162/20075516/-/nh3puxz/-/index.html

 • Two trains operated by Union Pacific collided in central Iowa, derailing 20 cars and shutting down a section of the company's mainline track. – Associated Press

9. May 9, Associated Press – (Iowa) Union Pacific trains collide near Grand Junction derailing 20 cars, spilling coal. Two trains operated by Union Pacific collided in central Iowa, derailing 20 cars and shutting down a section of the company's mainline track. The derailment halted traffic on main tracks between Chicago and the company's Iowa and Nebraska destinations. Source: http://www.therepublic.com/view/story/5e488b570de04b089957fe13b8552392/IA--Train-Derailment

 • Traffic on U.S. Highway 12 may remain detoured west of Murdock, Minnesota, for 4 days as a result of a May 7 semi-truck and train collision. – West Central Tribune

14. May 8, West Central Tribune – (Minnesota) Highway 12 detour west of Murdock likely to remain in place for four days as clean-up at accident site continues. Traffic on U.S. Highway 12 may remain detoured west of Murdock for 4 days as a result of a May 7 semi-truck and train collision. Source: http://www.wctrib.com/content/highway-12-detour-west-murdock-likely-remain-place-four-days-clean-accident-site-continues

 • Plymouth and Sioux counties in northwest Iowa were designated as primary natural disaster areas by the U.S. Department of Agriculture due to damages and losses caused by drought conditions. – Des Moines Register

18. May 8, Des Moines Register – (Iowa) USDA declares disaster area in northwest Iowa. Plymouth and Sioux counties in northwest Iowa were designated as primary natural disaster areas by the U.S. Department of Agriculture due to damages and losses caused by drought conditions. Source: http://blogs.desmoinesregister.com/dmr/index.php/2013/05/08/usda-declares-disaster-area-in-northwest-iowa/article

Details

Banking and Finance Sector

4. May 9, Softpedia – (International) Another Romanian national accused of hacking Subway computers pleads guilty. A third Romanian national pleaded guilty to a point-of-sale (POS) compromise and data theft scheme that affected over 100,000 U.S. cardholders and generated illicit profits in the millions of dollars. Source: http://news.softpedia.com/news/Another-Romanian-National-Accused-of-Hacking-Subway-Computers-Pleads-Guilty-351937.shtml

5. May 8, WFAA 8 Dallas-Fort Worth – (Texas) ‘Mesh Mask Bandit’ suspected in Plano bank robbery, 18th since Dec. 31. The suspect known as the “Mesh Mask Bandit” robbed a Chase Bank branch in Plano, the 18th Dallas-area robbery linked to the suspect since December 2012. Source: http://www.wfaa.com/news/local/Mesh-Mask-Bandit-suspected-in-Plano-bank-robbery-18th-since-Dec-31-206656871.html

6. May 8, WSOC 9 Charlotte – (North Carolina; New York) TSA helps Secret Service recover fraudulent credit, gift cards. Two individuals were arrested at Charlotte Douglas International Airport after Transportation Security Administration officials found hundreds of fraudulent credit and gift cards in their possession when the pair attempted to return to New York. Source: http://www.wsoctv.com/news/news/local/tsa-helps-secret-service-recover-fraudulent-credit/nXk3R/

7. May 8, Wilmington News Journal – (Delaware) Wilmington Trust executive pleads guilty to bank fraud charge. The former head of Wilmington Trust Co.’s real estate division pleaded guilty to conspiring with others to defraud the bank of more than $7 million. Source: http://www.delawareonline.com/article/20130508/NEWS/130508021/Wilmington-Trust-executive-pleads-guilty-bank-fraud-charges

Information Technology Sector

29. May 9, Softpedia – (International) Adobe warns of critical vulnerability in ColdFusion. Adobe warned users that a critical vulnerability in ColdFusion has been observed in the wild which can allow unauthorized users to remotely retrieve files stored on servers. Source: http://news.softpedia.com/news/Adobe-Warns-of-Critical-Vulnerability-in-ColdFusion-351991.shtml

30. May 9, IDG News Service – (International) Name.com forces customers to reset passwords following security breach. Domain registrar Name.com required its customers to reset their passwords after a security breach that may have exposed usernames, email addresses, encrypted passwords, and credit card information. Source: http://www.computerworld.com/s/article/9239050/Name.com_forces_customers_to_reset_passwords_following_security_breach

31. May 8, Krebs on Security – (International) A stopgap fix for the IE8 zero-day flaw. Microsoft released an interim fix that closes a zero-day vulnerability in Internet Explorer (IE) 8 that is currently being exploited in attacks. Source: http://krebsonsecurity.com/2013/05/a-stopgap-fix-for-the-ie8-zero-day-flaw/

32. May 8, Threatpost – (International) Spotify fixes security hole that allowed free song downloads. Vulnerability in Spotify’s Web player enabled a Chrome extension to let users download streamed songs for free until the company addressed the issue. Source: http://threatpost.com/spotify-fixes-security-hole-that-allowed-free-song-downloads/

Communications Sector

33. May 7, Associated Press – (National) AT&T settlement: company will pay $18.25 million. The Federal Communications Commission announced May 7 that AT&T will pay $18.25 million to settle charges on its procedures related to operating services designed for use by the deaf and hard-of-hearing. Source: http://www.huffingtonpost.com/2013/05/07/att-settlement_n_3233166.html?utm_hp_ref=technology

34. May 8, Government Security News – (National) Internet Complaint Center warns of phishing attacks posing as telecom carriers. Numerous reports of phishing attacks targeting telecom customers were sent to the Internet Crime Complaint Center, a partnership between the FBI and the National White Collar Crime Center, prompting a May 8 public warning by the center to be cautious of common targeting methods and recommendations of actions to take if customers come into contact with the phishing attempts. Source: http://www.gsnmagazine.com/node/29363?c=cyber_security

Department of Homeland Security (DHS)

DHS Daily Open Source Infrastructure Report Contact Information

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport

Contact Information

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2314

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.

Removal from Distribution List:     Send mail to support@govdelivery.com.

Contact DHS

To report physical infrastructure incidents or to request information, please contact the National Infrastructure

Coordinating Center at  nicc@dhs.gov or (202) 282-9201.

To report cyber infrastructure incidents or to request information, please contact US-CERT at  soc@us-cert.gov or visit their Web page at  www.us-cert.go v.

Department of Homeland Security Disclaimer

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.