Wednesday, February 6, 2013
Complete DHS Daily Report for February 6, 2013
• Duke Energy decided to permanently shut down the Crystal River nuclear power plant. The reactor has been out of operation since a botched 2009 maintenance operation. – Tampa Bay Times
2. February 5, Tampa Bay Times – (Florida) Duke Energy announces closing of Crystal River nuclear power plant. Duke Energy decided to permanently shut down the Crystal River nuclear power plant. The reactor has been out of operation since a botched 2009 maintenance operation. Source: http://www.tampabay.com/news/business/energy/duke-energy-announces-closing-of-crystal-river-nuclear-power-plant/1273794
• The U.S. Department of Justice filed fraud charges against Standard & Poor’s for allegedly inflating investment ratings and contributing to the 2008 financial crisis. – New York Times See item 4 below in the Banking and Finance Sector
• After being abducted from a school bus, a 5-year-old boy is recovering in the hospital from being held captive for nearly a week before police broke into a bunker to rescue him.– Fox News
13. February 5, Fox News– (Alabama) Boy at center of Alabama hostage standoff freed, in hospital receiving treatment. After being abducted from a school bus, a 5-year-old boy is recovering in the hospital from being held captive for nearly a week before police broke into a bunker to rescue him. Source: http://www.foxnews.com/us/2013/02/05/boy-in-center-alabama-hostage-standoff-released-source-says/
• Researchers have come up with a method to compromise secure socket layer (SSL), transport layer security (TLS), and other common encryption protocols. – Ars Technica See item 23 below in the Information Technology Sector
Banking and Finance Sector
3. February 5, Forbes – (Oregon) SEC: To fund insider-trading scheme, Oregon men sold car, took out loan from peer-to-peer lending site. The U.S. Securities and Exchange Commission sued two employees of Clear One Health Plans for allegedly engaging in insider trading ahead of the merger of their company and PacificSource Health Plans, netting them over $150,000 in illicit gains. Source: http://www.forbes.com/sites/jordanmaglich/2013/02/05/sec-to-fund-insider-trading-scheme-oregon-men-sold-car-took-out-loan-from-peer-to-peer-lending-site/
4. February 4, New York Times – (National) U.S. accuses S&P of fraud in suit on loan bundles. The U.S. Department of Justice filed fraud charges against Standard & Poor’s for allegedly inflating investment ratings and contributing to the 2008 financial crisis. Source: http://dealbook.nytimes.com/2013/02/04/u-s-and-states-prepare-to-sue-s-p-over-mortgage-ratings/
5. February 4, Federal Bureau of Investigation – (Connecticut) Newington resident charged for operating extensive bank & mortgage fraud scheme. A resident of Newington was charged with bank fraud for allegedly running a fraudulent mortgage scheme that caused lenders to lose more than $5 million. Source: http://www.loansafe.org/newington-resident-charged-for-operating-extensive-bank-mortgage-fraud-scheme
6. February 4, Warren Patch – (New Jersey) $50 million securities fraud charge guilty plea entered by Watchung man. A Watchung man pleaded guilty to securities fraud and money laundering in an investment scheme that lost investors $9 million. Source: http://warren.patch.com/articles/watchung-man-pleads-guilty-to-50-million-securities-fraud-charge
Information Technology Sector
20. February 5, Softpedia – (International) Hacker gains access to Foxconn databases, just wants to prove lack of security. The hacker known as D35m0nd142 exploited and blind SQL injection vulnerability on a site belonging to manufacturer Foxconn, and brought the vulnerability to the company’s attention. Source: http://news.softpedia.com/news/Hacker-Gains-Access-to-Foxconn-Databases-Just-Wants-to-Prove-Lack-of-Security-326942.shtml
21. February 4, Threatpost – (International) Google blocks high profile sites after advertising provider NetSeer is hacked. Advertising network NetSeer’s corporate Web site was injected with malware, causing Google Chrome users to see malware warnings while trying to visit sites with ads served by NetSeer.. Source: http://threatpost.com/en_us/blogs/google-blocks-high-profile-sites-after-advertising-provider-netseer-hacked-020413
22. February 4, The H – (International) Android malware carries Windows snooping app. Kaspersky has found malware being distributed through the Google Play store that loads malware onto PCs once an infected Android device is plugged in to a PC running Windows. Source: http://www.h-online.com/security/news/item/Android-malware-carries-Windows-snooping-app-1797241.html
23. February 4, Ars Technica – (International) “Lucky Thirteen” attacks snarfs cookies protected by SSL encryption. Researchers have come up with a method to compromise secure socket layer (SSL), transport layer security (TLS), and other common encryption protocols. Source: http://arstechnica.com/security/2013/02/lucky-thirteen-attack-snarfs-cookies-protected-by-ssl-encryption/
Nothing to report
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to firstname.lastname@example.org or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to email@example.com.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at firstname.lastname@example.org or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at email@example.com or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.