Monday, January 28, 2013
Daily Report
Top Stories
• An oil rig fire, potentially due to a gas
leak, in Roosevelt prompted an evacuation of the area, including nearby homes,
January 22. Residents were transferred to a local motel. – Salt Lake Tribune
(See item 1)
1.
January 25, Salt Lake Tribune – (Utah)
Oil rig fire forces evacuation near Roosevelt. An oil rig fire,
potentially due to a gas leak, in Roosevelt prompted an evacuation of the area,
including nearby homes, January 22. Residents were transferred to a local
motel. Source: http://www.fireengineering.com/news/2013/01/25/oil-rig-fire-forces-evacuation-near-roosevelt.html
• Sagging overhead power lines led to a delay
for Amtrak and commuter trains traveling between Washington, D.C., and
Baltimore January 25. – Associated Press (See item 9)
9. January 25, Associated
Press – (Washington,
D.C.; Maryland) Sagging overhead power lines disable Md. commuter train,
lead to major Amtrak delays. Sagging overhead power lines led to a delay
for Amtrak and commuter trains traveling between Washington, D.C., and
Baltimore January 25. Source: http://www.washingtonpost.com/local/amtrak-says-overhead-power-line-problems-delay-dc-baltimore-service/2013/01/25/526b65ec-66fa-11e2-889b-f23c246aa446_story.html
• The Industrial Control Systems Cyber
Emergency Response Team (ICS-CERT) warned that a proof-of-concept exploit code
was released that can brute force passwords to programmable logic controllers
(PLC) before the vulnerability could be addressed by the manufacturer, Siemens.
– Help Net Security See item 31
below in the Information Technology
Sector
• Numerous fires broke out across
Massachusetts January 24 that left one victim dead, injured over three
individuals, displaced dozens of residents, and caused several thousands of
dollars in damages. – Boston Globe
35.
January 25, Boston Globe – (Massachusetts)
String of fires hits 7 communities across Mass. Numerous fires broke out
across Massachusetts January 24 that left one victim dead, injured over three
individuals, displaced dozens of residents, and caused several thousands of
dollars in damages. Source: http://bostonglobe.com/metro/2013/01/25/string-fires-mass-leave-one-dead-many-displaced/QgL2hdFtuVkk6YAsghgN7L/story.html
Details
Banking and Finance Sector
4. January 24, The Register – (International) Brit mastermind
of Anonymous PayPal attack gets 18 months’ porridge. Three members of the
hacktivist group Anonymous were sentenced in the U.K. for their role in the
“Operation Payback” distributed denial of service (DDoS) campaign against Visa,
Mastercard, and PayPal in 2010. Source: http://www.theregister.co.uk/2013/01/24/uk_anonymous_hackers_sentencing_payback/
5. January 24, ABC News – (International) Capital One
website disrupted, cyber protestors claim attack. Capital One acknowledged
that its Web site was inaccessible to customers for a time January 24, and a
hacktivist group that has previously attacked financial institution Web sites
claimed credit for the disruption. Source: http://abcnews.go.com/blogs/headlines/2013/01/capital-one-website-disrupted-cyber-protestors-claim-attack/
6. January 24, Philidelphia
Inquirer –
(Pennsylvania) Montco man charged in “massive” mortgage fraud. A
Montgomery County accountant was indicted along with over 11 others in a
mortgage fraud scheme that involved more than $20 million in loans for
residential properties. Source: http://articles.philly.com/2013-01-24/news/36529274_1_mortgage-fraud-straw-buyers-montco-man
7. January 24, Ashbury Park
Press – (New Jersey) 2
Shore residents charged in $10 million mortgage fraud scheme. Nine New
Jersey residents were charged in an alleged $10 million mortgage fraud scheme
that used fraudulent transactions and documents to obtain loans for at least 15
properties. Source: http://www.app.com/article/20130124/NJBIZ/301240043/2-Shore-residents-charged-in-10-million-mortgage-fraud-scheme
Information Technology
29. January 25, Softpedia – (International) GitHub forced to
disable search after exposing private SSH keys. GitHub disabled its new
search function after it returned results that included private Secure Shell
(SSH) keys used by several Web sites. Source: http://news.softpedia.com/news/GitHub-Forced-to-Disable-Search-After-Exposing-Private-SSH-Keys-324200.shtml
30. January 25, Help Net
Security –
(International) Cutwail botnet on spam rampage, delivers Cridex worm. The
Cutwail/Pandex botnet has been rented by attackers seeking to infect users with
the W32 Cridex worm, according to Symantec researchers. Source: http://www.net-security.org/malware_news.php?id=2386
31. January 25, Help Net
Security –
(International) SCADA password cracking code available. The Industrial
Control Systems Cyber Emergency Response Team (ICS-CERT) warned that a
proof-of-concept exploit code was released that can brute force passwords to
programmable logic controllers (PLC) before the vulnerability could be
addressed by the manufacturer, Siemens. Source: http://www.net-security.org/secworld.php?id=14303
32. January 25, The H – (International) Chrome update
closes holes and fixes mouse wheel issues. Google released Chrome
24.0.1312.56, which addresses five security vulnerabilities, three of which
were rated as high severity. Source: http://www.h-online.com/security/news/item/Chrome-update-closes-holes-and-fixes-mouse-wheel-issues-1791381.html
33. January 24, IDG News
Service –
(International) Web server hackers install rogue Apache modules and SSH
backdoors, researchers say. Researchers from Securi reported that a group
of attackers using rogue Apache modules has been replacing Secure Shell (SSH)
binary files in compromised servers with backdoored versions that collect user
information and passwords from incoming and outgoing SSH connections. Source: http://www.networkworld.com/news/2013/012413-web-server-hackers-install-rogue-266121.html
Communications Sector
34.
January 24, Hawaii News Now – (Hawaii)
Hawaiian Telcom completes repairs after fiber optic cable intentionally cut.
For the second time in about two weeks, a fiber optic cable was severed
January 23 underneath a Hawaiian airport. Hawaiian Telecom restored service
after several hours and authorities have a suspect in custody. Source: http://www.hawaiinewsnow.com/story/20668178/services-affected-after-fiber-optic-cable-intentionally-cut