Tuesday, January 15, 2013
Complete DHS Daily Report for January 15, 2013
• A new and improved sewage infrastructure in New Orleans will be paid by the Federal Emergency Management Agency at the cost of $19 million. – Associated Press
14. January 13, Associated Press – (Louisiana) FEMA to pay $19M for N.O. sewage pump stations. A new and improved sewage infrastructure in New Orleans will be paid by the Federal Emergency Management Agency at the cost of $19 million. Source: http://www.wwl.com/FEMA-to-pay--19M-for-N-O--sewage-pump-stations/15258841
• The New York Governor’s office announced a public health emergency due to the State’s rise in reported flu cases. – Auburn Citizen
17. January 13, Auburn Citizen – (New York) More than 19,000 flu cases reported in New York; declares public health emergency. The New York Governor’s office announced a public health emergency due to the State’s rise in reported flu cases. Source: http://auburnpub.com/blogs/eye_on_ny/cuomo-more-than-flu-cases-reported-in-new-york-declares/article_138de4f2-5d50-11e2-9d81-0019bb2963f4.html
• Kaspersky Lab researchers uncovered a sophisticated, long-running cyber espionage campaign targeting governments, energy companies, embassies, and aerospace companies dubbed ‘Red October.’ The malware used is customized to individual targets, uses a complex command and control system, and utilizes spear phishing attacks to infect victims. – Wired.com See item 27 below in the Information Technology Sector
• Authorities arrested three suspects in connection to a hostage situation involving 14 store employees, one of which was stabbed and another sexually assaulted, in Los Angeles January 10. – KCAL 9 Los Angeles
36. January 13, KCAL 9 Los Angeles – (California) LAPD arrests 3 in connection with Nordstrom rack hostage-taking robbery. Authorities arrested three suspects in connection to a hostage situation involving 14 store employees, one of which was stabbed and another sexually assaulted, in Los Angeles January 10. Source: http://losangeles.cbslocal.com/2013/01/13/report-2-arrested-in-connection-with-nordstrom-rack-hostage-taking-robbery/
Banking and Finance Sector
2. January 12, WCSC 5 Charleston – (South Carolina) Summerville man pleads guilty in $45 million mortgage fraud conspiracy. A man pleaded guilty in federal court in South Carolina to fraud and tax charges in relation to a $45 million mortgage fraud scheme. The man and others recruited straw buyers to purchase properties, inflated their apparent worth to obtain loans, and then received commissions or signing bonuses from the lenders. Source: http://www.live5news.com/story/20567182/summerville-man-pleads-to-45-million-mort
3. January 11, Tahoe Daily Tribune – (California) ‘Fedora Bandit’ pleads guilty. The man known as the ‘Fedora Bandit’ pleaded guilty to robbing three banks in Gridley, Paradise, and Rancho Cordova. Source: http://www.tahoedailytribune.com/article/20130111/NEWS/130119961/1056&parentprofile=1056
4. January 11, Ventura County Star – (California) Men plead guilty to identity theft crimes that included Ventura County victims. Two members of an ATM skimming ring that targeted machines throughout California pleaded guilty to stealing $341,000 from about 1,000 victims. Source: http://www.vcstar.com/news/2013/jan/11/men-plead-guilty-to-identity-theft-crimes-in-atm/
5. January 11, Galesburg Register-Mail – (Illinois) Cattlemen plead guilty to bank fraud. Two cattlemen pleaded guilty in a check kiting scheme that defrauded two banks of more than $400,000. Source: http://www.galesburg.com/newsnow/x1233667054/Cattlemen-plead-guilty-to-bank-fraud
6. January 11, Associated Press – (Georgia) Ex-officers of failed Ga. bank charged with fraud. Seven former officers of First National Bank of Savannah were indicted for allegedly covering up bad loans and making loans to unqualified applicants — actions that the indictment claims led the bank to collapse and cost the Federal Deposit Insurance Corporation $90 million. Source: http://www.businessweek.com/ap/2013-01-11/ex-officers-of-failed-ga-dot-bank-charged-with-fraud
Information Technology Sector
27. January 14, Wired.com – (International) Cybersleuths uncover 5-year spy operation targeting governments, others. Kaspersky Lab researchers uncovered a sophisticated, long-running cyber espionage campaign targeting governments, energy companies, embassies, and aerospace companies dubbed ‘Red October.’ The malware used is customized to individual targets, uses a complex command and control system, and utilizes spear phishing attacks to infect victims. Source: http://www.wired.com/threatlevel/2013/01/red-october-spy-campaign/all/
28. January 14, The H – (International) Apache CouchDB updates handle multiple security issues. Apache recently released new versions of its CouchDB database that address several vulnerabilities present in past versions. Source: http://www.h-online.com/security/news/item/Apache-CouchDB-updates-handle-multiple-security-issues-1783275.html
29. January 14, Help Net Security – (International) Dangerous remote Linksys 0-day root exploit discovered. Researchers at DefenseCode found a remote-access zero-day vulnerability in Linksys routers’ default installation. Cisco stated that they expect a fix to be available in approximately 10 days. Source: http://www.net-security.org/secworld.php?id=14234&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+HelpNetSecurity+(Help+Net+Security)&utm_content=Google+Reader
30. January 13, Krebs on Security – (International) Oracle ships critical security update for Java. Oracle released an update for Java to fix the recent critical vulnerability that allowed malware to exploit computers running the program. The update also increases the default security settings for running Java applications from ‘medium’ to ‘high.’ Source: http://krebsonsecurity.com/2013/01/oracle-ships-critical-security-update-for-java/
31. January 11, Threatpost – (International) Sybase fixes nine ASE flaws. Sybase issued nine patches for its Adaptive Server Enterprise that close database vulnerabilities that could allow attackers to bypass security and execute code. Source: http://threatpost.com/en_us/blogs/sybase-help-appsec-fixes-nine-ase-flaws-011113
32. January 11, KSTK 101.7 FM Wrangell – (Alaska) GCI ship to repair earthquake-damaged fiber optic cables. Broken underwater fiber optic cable lines that were damaged by a January 5 earthquake could take up to 48 hours to be fixed by a GCI boat. Customers in Wrangell were still experiencing trouble with telephone, Internet, and television. Source: http://www.kstk.org/2013/01/11/gci-ship-to-repair-earthquake-damaged-fiber-optic-cables/
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to email@example.com or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to firstname.lastname@example.org.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at email@example.com or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at firstname.lastname@example.org or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.