Thursday, January 10, 2013
Complete DHS Daily Report for January 10, 2013
• According to a U.S. Department of Transportation report to Congress, 2.4 million gallons of crude oil, propane, and other unsafe liquids contaminated U.S. waters due to pipeline bursts caused by flooding rivers removing required riverbed above pipelines. – Associated
1. January 3, Associated Press – (National) Floods blamed for 16 pipeline spills. According to a U.S. Department of Transportation report to Congress, 2.4 million gallons of crude oil, propane, and other unsafe liquids contaminated U.S. waters due to pipeline bursts caused by flooding rivers removing required riverbed above pipelines.
• Two individuals suspected of using fraudulent credit cards to make large purchases were arrested in Kearney, Nebraska, and are thought to be part of a credit card fraud ring operating across several States. – Kearney Hub See item 7 below in the Banking and Finance Sector
• The National Transportation Safety Board stated they would launch an investigation after a ferry crashed at New York City’s Pier 11, injuring 57 people. – CNN
11. January 9, CNN – (New York) 57 hurt in New York ferry crash. The National Transportation Safety Board stated they would launch an investigation after a ferry crashed at New York City’s Pier 11, injuring 57 people. Source: http://news.blogs.cnn.com/2013/01/09/more-than-a-dozen-hurt-in-newy-yorkferry-accident/comment-page-1/
• The developers of Ruby on Rails released the second update in less than a week to address several critical vulnerabilities. – Threatpost See item 28 below in the Information Technology Sector
Banking and Finance Sector
4. January 9, Pacific Daily News – (Guam) Travelers allegedly caught with 86 fake credit cards. Two travelers who arrived in Guam from Seoul, South Korea, were arrested after 86 fraudulent credit cards were found in their possession. They allegedly told authorities that they were given the cards in Malaysia and told to buy valuable items to pay off a debt. Source: http://www.guampdn.com/article/20130109/NEWS01/130109002/Travelersallegedly-caught-86-fake-credit-cards?odyssey=nav|head
5. January 8, KFMB 8 San Diego – (California) San Diego’s newest bandit favors Wells Fargo. A bank robber has been targeting Wells Fargo banks in the San Diego area, leaving with an undisclosed amount of money from three banks in less than a month’s time. A FBI special agent stated that the robber is working with an accomplice. Source: http://www.cbs8.com/story/20537825/san-diegos-newest-bandit-favors-wellsfargo
6. January 8, Federal Bureau of Investigation – (New Jersey) Attorney arrested in connection with $30M mortgage fraud scheme involving low-income homes in New Jersey. A Lyndhurst attorney was arrested for his role in a large mortgage fraud scheme targeting low-income housing properties using straw buyers, defrauding banks of more than $30 million. Source: http://www.loansafe.org/attorney-arrested-in-connection-with-30m-mortgagefraud-scheme-involving-low-income-homes-in-new-jersey
7. January 8, Kearney Hub – (National) Kearny stores on credit card fraud alert. Two individuals suspected of using fraudulent credit cards to make large purchases were arrested in Kearney, Nebraska, and are thought to be part of a credit card fraud ring operating across several States. A third man suspected of creating the fraudulent cards was being sought by police. Source: http://www.kearneyhub.com/news/local/kearney-stores-on-credit-card-fraudalert/article_0518ded8-59c5-11e2-9762-0019bb2963f4.html
8. January 8, Bloomberg News – (International) Two ex-HBOS managers charged in $56 million business loan fraud. Two former senior managers at HBOS Plc (now owned by Lloyd’s Banking Group) and six others were charged with conspiracy, fraud, and money laundering by U.K. authorities for issuing $56.2 million in loans in exchange for gifts given by financial advisers. Source: http://www.bloomberg.com/news/2013-01-08/two-ex-hbos-managers-hargedin-56-million-business-loan-fraud.html
9. January 8, WAFF 48 Huntsville – (Alabama) ‘Ball Cap Bandit’ strikes Hamilton
bank. The “Ball Cap Bandit”, wanted for seven bank robberies in Alabama and
Tennessee, robbed another bank in Hamilton, Alabama, January 8.
Information Technology Sector
26. January 9, The H – (International) Firefox 18 and Thunderbird 17.02 close critical holes. Mozilla released new versions of Firefox ESR, Thunderbird, and Thunderbird ESR that closed 20 security vulnerabilities, 12 of which were rated critical and the others rated high-impact. Source: http://www.h-online.com/security/news/item/Firefox-18-and-Thunderbird-17-02-close-critical-holes-1780088.html
27. January 8, Threatpost – (International) Adobe patches Acrobat, Reader, and Flash flaws. Adobe released patches to address security vulnerabilities in Adobe Acrobat, Reader, and Flash Player, while a solution to three ColdFusion vulnerabilities will not be released until January 15. Source: http://threatpost.com/en_us/blogs/adobe-patches-acrobat-reader-and-flashflaws-010813
28. January 8, Threatpost – (International) Critical flaws patched in Ruby on Rails. The developers of Ruby on Rails released the second update in less than a week to address several critical vulnerabilities. Source: http://threatpost.com/en_us/blogs/critical-flaws-patched-ruby-rails-010813
29. January 8, The H – (International) Critical security update for MoinMoin wiki released. The developers of MoinMoin released a new version of the open source wiki software that addresses vulnerabilities in previous versions that could be exploited to allow arbitrary code execution. Source: http://www.h-online.com/security/news/item/Critical-security-update-for-MoinMoin-wiki-released-1779545.html
30. January 8, Sophos – (International) Microsoft and Adobe issue first Patch Tuesday of 2013. Microsoft’s first series of Patch Tuesday updates for the new year address two critical vulnerabilities in Windows that could allow remote code execution, as well as five important vulnerabilities in other Microsoft products. Source: http://nakedsecurity.sophos.com/2013/01/08/microsoft-and-adobe-issue-firstpatch-tuesday-of-2013/?utm_source=facebook&utm_medium=status+message&utm_campaign=naked+security
31. January 8, KMXT 100.1 FM Kodiak Island – (Alaska) Heavy ice covering KMXT tower may have caused outage. Service was restored to KMXT 100.1 Kodiak Island January 8 after harsh weather took down the transmitter January 6. Source: http://www.kmxt.org/index.php?option=com_content&task=view&id=4388&Itemid=2
32. January 8, Politico – (National) Emergency responders ask FCC to expand broadcasts. Emergency personnel are asking the Federal Communications Commission to approve their push to relay more information to the public on lowpower AM radio stations regarding critical news when cable, Internet, and phones are out of service. Source: http://www.politico.com/story/2013/01/emergency-responders-ask-fcc-toexpand-broadcasts-85913.html?hp=r3
33. January 8, EHR Intelligence – (National) FCC announces $400 million annual investment in rural telemedicine. The Federal Communications Commission (FCC) is advancing telemedicine applications by shifting the Healthcare Connect Fund pilot program into a permanent one by contributing about $400 million in funding. Source: http://ehrintelligence.com/2013/01/08/fcc-announces-400-million-annualinvestment-in-rural-telemedicine/
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to email@example.com or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to firstname.lastname@example.org.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at email@example.com or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at firstname.lastname@example.org or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.