Thursday, February 21, 2013
Complete DHS Daily Report for February 21, 2013
• New Jersey utility company seeks approval for $4 billion plan to protect electric and gas systems throughout the state against future storms like Sandy. – Associated Press
1. February 20, Associated Press – (New Jersey) NJ’s biggest utility plans $4B upgrade after Sandy. PSE&G needs New Jersey’s Board of Public Utilities approval for their plan to protect electric and gas systems in the State against future storms similar to Sandy. The upgrades would protect customers from a loss of service during inclement weather. Source: http://www.wpri.com/dpp/news/us_news/NJs-biggest-utility-plans-4B-upgrade-after-Sandy_10493198
• A February 19 California snow storm left hundreds stranded on mountain highways and forced numerous road closures, including the shutdown of a 60-mile stretch of a highway near Los Angeles. – Associated Press
12. February 20, Associated Press – (California) Winter storm soaks CA cities, snow strands drivers. A snow storm in California left hundreds stranded on mountain highways February 19, including some 50-70 vehicles on or near Highway 49 close to the Sierra Nevada foothills, and forced numerous road closures, including the shutdown of a 60-mile stretch of Highway 58 between Bakersfield and Los Angeles. Source: http://www.vcstar.com/news/2013/feb/20/winter-storm-soaks-ca-cities-snow-strands/
• A Kansas City restaurant was destroyed February 19 by a gas explosion and fire leaving one dead and several others with minor-major injuries. – Reuters
14. February 20, Reuters – (Missouri) Woman’s body found in rubble of Kansas City restaurant. JJ’s restaurant in Kansas City was destroyed February 19 by a natural gas blast that killed one, injured 3 critically, and left several others with minor injuries. Officials are still searching through the rubble for victims as initial indicators of the blast are attributed to a contractor accidentally striking a gas line. Source: http://www.reuters.com/article/2013/02/20/us-usa-blast-kansascity-idUSBRE91J03020130220
• A 10-alarm fire at Choctaw County High School February 19, which took nearly 6 hours to subdue, destroyed most of the building. – Mobile Press-Register
21. February 20, Mobile Press-Register – (Alabama) Firefighters battling fire at Choctaw County High School (updated). Ten different fire departments reported to Choctaw County High School February 19 to assist in putting out a blaze that took nearly 6 hours to subdue and destroyed most of the building. The school was vacant at the time and students and staff were asked not to report to classes February 20. Source: http://blog.al.com/live/2013/02/firefighters_battling_fire_at.html
Banking and Finance Sector
7. February 20, Tampa Tribune – (Florida) Foreclosure inspector gets eight years for defrauding bank. The owner of a company faked inspections on foreclosed homes to Bank of America and was sentenced to more than eight years in federal prison. His faked inspections defrauded the bank out of nearly $12.8 million of the $23.5 million paid for inspection services on foreclosed properties. Source: http://www2.tbo.com/news/business/2013/feb/20/4/spring-hill-man-gets-8-years-for-defrauding-bank-o-ar-639196/
8. February 20, San Mateo Daily Journal – (California) Insurance fraud nets year in jail, $2M in restitution. A pest and janitorial services company owner faced up to 17 years in prison for under-reporting more than $10 million in payroll to avoid paying more than $2 million in worker’s compensation insurance. The owner was sentenced to a year in jail and restitution payments to the State Compensation Insurance Fund and Berkshire Hathaway. Source: http://www.smdailyjournal.com/article_preview.php?id=1763582&title=Insurance%20fraud%20nets%20year%20in%20jail,%20$2M%20in%20restitution
9. February 19, Pittsburgh Business Times – (Pennsylvania) WESCO slapped with $36M damages verdict. Wesco International received a legal judgment of $36 million as the result of a jury verdict from a lawsuit in Indiana. The lawsuit claimed a subsidiary of Wesco sold defective products to ArcelorMittal Indiana Harbor Inc. Source: http://www.bizjournals.com/pittsburgh/news/2013/02/19/wesco-slapped-with-36m-damages-verdict.html
Information Technology Sector
28. February 20, Help Net Security – (International) Oracle, Apple release critical updates for Java. Oracle released an important Java SE patch update February 20 that addresses weaknesses in remote exploitation without authentication for a number of Java versions. Source: http://www.net-security.org/secworld.php?id=14451&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29
29. February 20, Softpedia – (International) Fake Delta Airlines emails: Your credit card has been successfully processed. Hoax emails are being distributed claiming Delta Airlines has processed ticket purchases in an attempt to pull in users to install malicious software on their systems. Targets include several financial institutions. Source: http://news.softpedia.com/news/Fake-Delta-Airlines-Emails-Your-Credit-Card-Has-Been-Successfully-Processed-330733.shtml
30. February 20, The Register – (International) BlackBerry squashes W-TIFF-F bug that’s ripe for malware squirters. A malicious code triggered by TIFF image files on BlackBerry Enterprise Server (BES) software was patched and a warning was issued to all users to apply the update in order to prevent hacking and to block possible attempts to use the vulnerability to log into corporate systems. Source: http://www.theregister.co.uk/2013/02/20/blackbery_squashes_image_peril/
31. February 20, Help Net Security – (International) Apple confirms being hit in recent watering hole attack. Officials with Apple confirmed a recent watering hole attack that left their Mac systems open to infection through a Java plug-in for browsers. The assured the attack affected only a small number of systems and there was no evidence that data was taken, they have since patched several vulnerabilities and issued a Java update. Source: http://www.net-security.org/secworld.php?id=14449&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29
32. February 20, Softpedia – (International) EDUCAUSE hacked, users advised to change passwords. EDUCAUSE advised their users to change their passwords once they detected a possible breach of personal information. Administrators were also recommended to change their passwords as the hack may have compromised the hashed passwords of .edu domain holders. Source: http://news.softpedia.com/news/EDUCAUSE-Hacked-Users-Advised-to-Change-Passwords-331068.shtml
33. February 19, H Security – (International) Firefox 19 brings PDF viewer and 4 critical security fixes. Mozilla’s Firefox issued version 19 of their web browser, critical to bringing out new features and fixing 4 security issues that would protect users’ exposure to tainted PDF documents. Source: http://www.h-online.com/security/news/item/Firefox-19-brings-PDF-viewer-and-4-critical-security-fixes-1806437.html
Nothing to report
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to email@example.com or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to firstname.lastname@example.org.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at email@example.com or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at firstname.lastname@example.org or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.