Thursday, January 10, 2013
Complete DHS Daily Report for January 10, 2013
Daily Report
Top Stories
• According to a U.S.
Department of Transportation report to Congress, 2.4 million gallons of crude
oil, propane, and other unsafe liquids contaminated U.S. waters due to pipeline
bursts caused by flooding rivers removing required riverbed above pipelines. – Associated
Press
1. January
3, Associated Press – (National) Floods blamed for 16 pipeline spills. According
to a U.S. Department of Transportation report to Congress, 2.4 million gallons
of crude oil, propane, and other unsafe liquids contaminated U.S. waters due to
pipeline bursts caused by flooding rivers removing required riverbed above
pipelines.
• Two individuals suspected
of using fraudulent credit cards to make large purchases were arrested in
Kearney, Nebraska, and are thought to be part of a credit card fraud ring operating
across several States. – Kearney Hub See item 7 below in
the Banking and Finance Sector
• The National
Transportation Safety Board stated they would launch an investigation after a ferry
crashed at New York City’s Pier 11, injuring 57 people. – CNN
11. January
9, CNN – (New York) 57 hurt in New York ferry crash. The National Transportation
Safety Board stated they would launch an investigation after a ferry crashed at
New York City’s Pier 11, injuring 57 people. Source: http://news.blogs.cnn.com/2013/01/09/more-than-a-dozen-hurt-in-newy-yorkferry-accident/comment-page-1/
• The developers of Ruby on
Rails released the second update in less than a week to address several
critical vulnerabilities. – Threatpost See item 28 below in
the Information Technology Sector
Details
Banking and Finance Sector
4. January
9, Pacific Daily News – (Guam) Travelers allegedly caught with
86 fake credit cards. Two travelers who arrived in Guam from Seoul, South
Korea, were arrested after 86 fraudulent credit cards were found in their
possession. They allegedly told authorities that they were given the cards in
Malaysia and told to buy valuable items to pay off a debt. Source: http://www.guampdn.com/article/20130109/NEWS01/130109002/Travelersallegedly-caught-86-fake-credit-cards?odyssey=nav|head
5. January
8, KFMB 8 San Diego – (California) San Diego’s newest bandit favors Wells Fargo. A
bank robber has been targeting Wells Fargo banks in the San Diego area, leaving
with an undisclosed amount of money from three banks in less than a month’s time.
A FBI special agent stated that the robber is working with an accomplice. Source:
http://www.cbs8.com/story/20537825/san-diegos-newest-bandit-favors-wellsfargo
6. January
8, Federal Bureau of Investigation – (New Jersey) Attorney
arrested in connection with $30M mortgage fraud scheme involving low-income
homes in New Jersey. A Lyndhurst attorney was arrested for his role in a
large mortgage fraud scheme targeting low-income housing properties using straw
buyers, defrauding banks of more than $30 million. Source: http://www.loansafe.org/attorney-arrested-in-connection-with-30m-mortgagefraud-scheme-involving-low-income-homes-in-new-jersey
7. January
8, Kearney Hub – (National) Kearny stores on credit card fraud alert. Two individuals
suspected of using fraudulent credit cards to make large purchases were arrested
in Kearney, Nebraska, and are thought to be part of a credit card fraud ring operating
across several States. A third man suspected of creating the fraudulent cards was
being sought by police. Source: http://www.kearneyhub.com/news/local/kearney-stores-on-credit-card-fraudalert/article_0518ded8-59c5-11e2-9762-0019bb2963f4.html
8. January
8, Bloomberg News – (International) Two ex-HBOS managers charged in $56 million
business loan fraud. Two former senior managers at HBOS Plc (now owned by
Lloyd’s Banking Group) and six others were charged with conspiracy, fraud, and
money laundering by U.K. authorities for issuing $56.2 million in loans in exchange
for gifts given by financial advisers. Source: http://www.bloomberg.com/news/2013-01-08/two-ex-hbos-managers-hargedin-56-million-business-loan-fraud.html
9. January
8, WAFF 48 Huntsville – (Alabama) ‘Ball Cap Bandit’ strikes
Hamilton
bank. The “Ball
Cap Bandit”, wanted for seven bank robberies in Alabama and
Tennessee, robbed another
bank in Hamilton, Alabama, January 8.
Information Technology Sector
26. January
9, The H – (International) Firefox 18 and Thunderbird 17.02 close
critical holes. Mozilla released new versions of Firefox ESR, Thunderbird,
and Thunderbird ESR that closed 20 security vulnerabilities, 12 of which were
rated critical and the others rated high-impact. Source: http://www.h-online.com/security/news/item/Firefox-18-and-Thunderbird-17-02-close-critical-holes-1780088.html
27. January
8, Threatpost – (International) Adobe patches Acrobat, Reader, and Flash flaws.
Adobe released patches to address security vulnerabilities in Adobe
Acrobat, Reader, and Flash Player, while a solution to three ColdFusion
vulnerabilities will not be released until January 15. Source: http://threatpost.com/en_us/blogs/adobe-patches-acrobat-reader-and-flashflaws-010813
28. January
8, Threatpost – (International) Critical flaws patched in Ruby on Rails. The
developers of Ruby on Rails released the second update in less than a week to
address several critical vulnerabilities. Source: http://threatpost.com/en_us/blogs/critical-flaws-patched-ruby-rails-010813
29. January
8, The H – (International) Critical security update for MoinMoin wiki released.
The developers of MoinMoin released a new version of the open source wiki software
that addresses vulnerabilities in previous versions that could be exploited to allow
arbitrary code execution. Source: http://www.h-online.com/security/news/item/Critical-security-update-for-MoinMoin-wiki-released-1779545.html
30. January
8, Sophos – (International) Microsoft and Adobe issue first Patch Tuesday
of 2013. Microsoft’s first series of Patch Tuesday updates for the new year
address two critical vulnerabilities in Windows that could allow remote code
execution, as well as five important vulnerabilities in other Microsoft
products. Source: http://nakedsecurity.sophos.com/2013/01/08/microsoft-and-adobe-issue-firstpatch-tuesday-of-2013/?utm_source=facebook&utm_medium=status+message&utm_campaign=naked+security
Communications Sector
31. January
8, KMXT 100.1 FM Kodiak Island – (Alaska) Heavy ice covering
KMXT tower may have caused outage. Service was restored to KMXT 100.1
Kodiak Island January 8 after harsh weather took down the transmitter January
6. Source: http://www.kmxt.org/index.php?option=com_content&task=view&id=4388&Itemid=2
32. January
8, Politico – (National) Emergency responders ask FCC to expand broadcasts.
Emergency personnel are asking the Federal Communications Commission to
approve their push to relay more information to the public on lowpower AM radio
stations regarding critical news when cable, Internet, and phones are out of
service. Source: http://www.politico.com/story/2013/01/emergency-responders-ask-fcc-toexpand-broadcasts-85913.html?hp=r3
33. January
8, EHR Intelligence – (National) FCC announces $400 million annual investment in
rural telemedicine. The Federal Communications Commission (FCC) is
advancing telemedicine applications by shifting the Healthcare Connect Fund
pilot program into a permanent one by contributing about $400 million in
funding. Source: http://ehrintelligence.com/2013/01/08/fcc-announces-400-million-annualinvestment-in-rural-telemedicine/
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.