Wednesday, March 13, 2013
Complete DHS Daily Report for March 13, 2013
• Fairfield, Iowa’s new computerized wastewater system shut down March 10 and bypassed nearly 460,000 gallons of wastewater into Crow Creek. – Associated Press
16. March 11, Associated Press– (Iowa) Several Iowa wastewater stations fail, discharge. Fairfield’s new computerized wastewater system shut down March 10 and bypassed thousands of gallons of wastewater into Crow Creek. All but 300 gallons of 460,000 gallons of wastewater came from the system shutdown while the remainder came from a tree falling into a power line and cutting electricity to two other wastewater plants. Source: http://www.sfgate.com/news/science/article/Several-Iowa-wastewater-stations-fail-discharge-4346213.php
• Authorities found a number of North Carolina farmers, insurance agents, brokers, and claims adjusters were part of a large insurance fraud ring, stealing more than $100 million from the government through programs that ensured crops. – Associated Press
18. March 12, Associated Press – (North Carolina) Feds bust up $100M NC crop insurance fraud ring. A number of North Carolina farmers, insurance agents, brokers, and claims adjusters were part of a large fraud ring, stealing more than $100 million from the government through programs that ensured crops. Forty-one individuals reached plea deals or plead guilty to claiming false losses on crops that were never damaged and using aliases to sell them off. Source: http://abcnews.go.com/US/wireStory/feds-bust-100m-nc-crop-insurance-fraud-ring-18708740
• HP and DHS’s Computer Emergency Response Team (CERT) warned that some LaserJet printers manufactured by Hewlett-Packard (HP) have a security vulnerability that could allow remote data access to attackers. – Threatpost See item 29 below in the Information Technology Sector
• Washington D.C. police continued searching for two vehicles connected to a drive-by shooting outside an apartment building which left 13 injured. – WUSA 9 Washington D.C.
35. March 11, WUSA 9 Washington D.C. – (Washington D.C.) 13 shot on North Capitol Street NW in DC; 2 vehicles sought. Washington D.C. police continued searching for two vehicles connected to a drive-by shooting outside an apartment building which left 13 injured, including one in critical condition. Source: http://www.wusa9.com/news/article/248211/158/Six-Shot-Outside-Northwest-DC-Apartment-Building-
Banking and Finance Sector
7. March 11, KARE 11 Minneapolis-St. Paul – (Minnesota) St. Paul man pleads guilty in bank fraud scheme. A man pleaded guilty to bank fraud in a scheme where he used stolen checks to deposit money from victim accounts and then withdraw cash, causing losses to various banks between $30,000 and $400,000. Source: http://www.kare11.com/news/article/1015649/391/St-Paul-man-pleads-guilty-in-bank-fraud-scheme
Information Technology Sector
26. March 12, V3.co.uk – (International) Andromeda botnet resurfaces spreading malware in spam emails. The Andromeda botnet has returned from inactivity to spread spam containing malware and malicious links, researchers reported. Source: http://www.v3.co.uk/v3-uk/news/2254069/andromeda-botnet-resurfaces-spreading-malware-in-spam-emails
27. March 12, Help Net Security – (International) Zoosk asks users to reset passwords following mass leak. The online dating Web site Zoosk asked some users to change their passwords after a large password dump was posted online containing Zoosk passwords, among others. Source: http://www.net-security.org/secworld.php?id=14581
28. March 12, Softpedia – (International) Pop-up browser flaw allows hackers to bypass lock screen on Samsung phones - video. A researcher uncovered a method to unlock Samsung Note II and Galaxy S III phones, the third similar bypass method revealed in recent weeks. Source: http://news.softpedia.com/news/Pop-Up-Browser-Flaw-Allows-Hackers-to-Bypass-Lock-Screen-on-Samsung-Phones-Video-336604.shtml
29. March 11, Threatpost – (International) HP, CERT warn of critical hole in LaserJet printers. HP and DHS’s Computer Emergency Response Team (CERT) warned that some LaserJet printers manufactured by Hewlett-Packard (HP) have a security vulnerability that could allow remote data access to attackers. Source: http://threatpost.com/en_us/blogs/hp-cert-warn-critical-hole-laserjet-printers-031113
30. March 11, Information Age – (International) Dallas is the phishing capital of the world, PhD finds. A University of Twente student and computer scientist found that Internet service providers (ISPs) based in the U.S. channel the bulk of phishing attacks worldwide, and that ISPs based in Dallas carry more than any other city. Source: http://www.information-age.com/technology/security/123456879/dallas-is-the-phishing-capital-of-the-world--phd-finds
31. March 11, V3.co.uk – (International) Miniduke malware linked to Java and Internet Explorer 8 exploits. Researchers found that the Miniduke cyberespionage campaign used exploits for Java and Internet Explorer (IS) 8 to infect target computers. Source: http://www.v3.co.uk/v3-uk/news/2253938/miniduke-malware-linked-to-java-and-internet-explorer-8-exploits
Nothing to report
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to email@example.com or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to firstname.lastname@example.org.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at email@example.com or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at firstname.lastname@example.org or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.