Tuesday, February 26, 2013
Complete DHS Daily Report for February 26, 2013
• The Washington State governor was alerted by the outgoing U.S. Energy Secretary of an additional five single underground tanks leaking radioactive waste instead of just one as previously believed. – CNN
4. February 22, CNN – (Washington) Radioactive waste leaking from 6 tanks at Washington nuclear site. The Washington governor raised concerns over all 149 of the single-shell underground tanks at the Hanford Nuclear Reservation after it was discovered six of them were leaking radioactive waste instead of just one as recently reported. Source: http://www.cnn.com/2013/02/22/us/washington-nuclear
• Pentagon officials suspended test flights for the entire F-35 Joint Strike Fighter fleet after identifying engine problems. – Military Times
7. February 22, Military Times – (National) Entire F-35 fleet grounded over engine issues. Engine problems with the Lockheed Martin F-35 Joint Strike Fighter have caused the Pentagon to suspend all test flights for the entire fleet. A crack was found on a low pressure turbine blade in the F-35 engine as part of an inspection of a test aircraft February 19. Source: http://www.militarytimes.com/news/2013/02/dn022213-f35-grounded-again-mil/
• A 48-hour city-wide boil water notice was a first for Tampa Bay’s water department and its 560,000 residents after a rodent chewed through a power line and cause an outage at the water treatment facility. – Tampa Bay Times
19. February 22, Tampa Bay Times – (Florida) Treatment plant power outage means all of Tampa must boil water. All 560,000 Tampa Bay residents were put on a boil water alert after a power outage at a water treatment facility. Source: http://www.tampabay.com/news/localgovernment/boil-water-notice-issued-for-all-tampa-water-customers/1276215
• Dozens of spectators were injured after debris and a tire went into the stands following a crash at a racetrack. – Associated Press
37. February 23, Associated Press – (Florida) Fans injured in Daytona crash on final lap of Nationwide race. Concerns over fan safety grow after an accident on the final lap of a race sent a tire and large pieces of debris into the stands, injuring at least 33 spectators. Source: http://www.foxnews.com/sports/2013/02/24/stewart-wins-nationwide-series-race-at-daytona-after-crash-that-appears-to-have/
Banking and Finance Sector
8. February 22, Associated Press – (Virginia; Tennessee) Dozens charged in Va in counterfeit check scheme. Conspiracy charges were brought up against 68 people for their role in the cashing of 500 counterfeit checks totaling more than $90,000 in Wal-Mart and other stores across southwest Virginia and northeast Tennessee. Source: http://bdtonline.com/vanews/x36426951/Dozens-charged-in-Va-in-counterfeit-check-scheme
9. February 22, Associated Press – (Virginia) Ex-Va station owner sentence in investment scheme. The former owner of a religious broadcasting company was sentenced to federal prison for defrauding more than 80 investors of $787,000. Source: http://www.nbc12.com/story/21308144/ex-va-station-owner-sentenced-in-investment-scheme
10. February 22, Greenville Sun – (South Carolina) Debit card scam circulates locally, police give tips. Police warned local citizens about a new voice-based phishing scam where citizens are receive an automated voice message asking for their PIN and card numbers to reactivate frozen, locked or canceled debit cards. Source: http://www.greenevillesun.com/Local_News/article/Debit-Card-Scam-Circulates-Locally-Police-Give-Tips-id-323326
Information Technology Sector
28. February 25, Softpedia – (International) cPanel technical support department server hacked. Officials at cPanel notified users that their technical support department was breached and if they opened a ticket for service within the last 6 months, they should change their root level password, if their ssh keys are not already in usage. cPanel is investigating the incident. Source: http://news.softpedia.com/news/cPanel-Technical-Support-Department-Server-Hacked-332293.shtml
29. February 25, Softpedia – (International) Zero-day vulnerability affecting Java 7 Update 15 and earlier version identified. After the discovery of two additional vulnerabilities in Java SE 7 Update 15 and all earlier versions, experts believe Java is still unstable without the proper patches in place. Oracle confirmed they received information of the new bugs from the researchers. Source: http://news.softpedia.com/news/Zero-Day-Vulnerability-Affecting-Java-7-Update-15-and-Earlier-Versions-Identified-332157.shtml
30. February 25, Help Net Security – (International) Microsoft also victim of recent watering hole attack. Microsoft confirmed February 22 that their systems were breached in a watering hole attack that affected a small number of computers by installing exploits for Java vulnerabilities on visitor’s computers. They are continuing to investigate the attack and assured the public that no customer data was affected. Source: http://www.net-security.org/secworld.php?id=14482&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29
31. February 23, Softpedia – (International) HTC promises to fix the security vulnerabilities that plague millions of devices. A settlement between HTC America and the U.S. Federal Trade Commission (FTC) was made in which HTC agreed to disseminate patches to fix their security holes and establish a more safeguarded security program. After several complaints prompted by the FTC, the company will also be evaluated once every two years by an independent corporation for the next 20 years. Source: http://news.softpedia.com/news/HTC-Promises-to-Fix-the-Security-Vulnerabilities-That-Plague-Millions-of-Devices-332008.shtml
32. February 23, Houston Chronicle – (National) Malware on oil rig computers raise security fears. Security officials have discovered malware downloaded by some oil rig and platform employees, through pornography and music piracy sites, that left their systems vulnerable to attack. Authorities from the energy industry have expressed their concern and plan on managing the threat and protecting their networks. Source: http://www.houstonchronicle.com/business/energy/article/Malware-on-oil-rig-computers-raises-security-fears-4301773.php?t=1b259d62f3b05374ef&t=1b259d62f3&t=1b259d62f3
33. February 22, Threatpost – (International) Microsoft Azure cloud storage suffers major outage over expired SSL certificate. Microsoft’s Windows Azure service posted a message on their Web site notifying users that they were experiencing a worldwide outage affecting SSL traffic because of an expired certificate. Source: http://threatpost.com/en_us/blogs/microsoft-azure-cloud-storage-suffers-major-outage-over-expired-ssl-certificate-022213
Nothing to report
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to firstname.lastname@example.org or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to email@example.com.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at firstname.lastname@example.org or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at email@example.com or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.