Friday, March 22, 2013
Complete DHS Daily Report for March 22, 2013
• Blacksville No. 2 mine at the West Virginia-Pennsylvania border was still burning March 20 as authorities worked to develop a plan to smother the fire, monitor for signs of combustion, and seal the affected area. – Charleston State Journal
1. March 20, Charleston State Journal – (West Virginia) Fire still burning a week later at Consol Backsville No. 2 mine. A March 12 fire that was discovered from a ventilation shaft at Consol Energy’s Blacksville No. 2 mine at the West Virginia-Pennsylvania border was still burning March 20 as authorities worked to develop a plan to pump water and nitrogen into the mine to smother the fire, monitor for signs of combustion, and seal the affected area. Source: http://www.statejournal.com/story/21731802/fire-still-burning-a-week-later-at-consol-blacksville-no-2-mine
• Carnival Cruise Lines has cancelled 10 upcoming Carnival Triumph cruises following an engine fire incident that occurred a month ago. – Associated Press
7. March 19, Associated Press – (Florida) Carnival ships out of service longer than expected. Carnival Cruise Lines has cancelled 10 upcoming Carnival Triumph cruises following an engine fire incident that occurred a month ago. Carnival Triumph is undergoing scheduled repairs and upgrades and is set to return to service in June. Source: http://www.wral.com/carnival-ships-out-of-service-longer-than-expected/12244014/
• Researchers uncovered a long-running cyber-espionage campaign that targeted government, heavy industry, intelligence, and activist organizations around the world. – Threatpost See item 23 below in the Information Technology Sector
• A second fire burned in a 5-story commercial building in New York City in as many days and left even more damage March 17. – Downtown Express
26. March 20, Downtown Express – (New York) 2 fires at one Fulton St. building. A second fire burned in a 5-story commercial building in New York City in as many days and left even more damage, including a partially-collapsed roof, following the March 17 four-alarm blaze where 168 firefighters responded. The March 18 three-alarm fire damaged 33 units with a total of 138 firefighters fighting the blaze that also lasted several hours. Source: http://www.downtownexpress.com/2013/03/20/2-fires-at-one-fulton-st-building/
Banking and Finance Sector
5. March 20, KMTR 16 Eugene – (Oregon) FBI identifies ‘Tall Man’ bank bandit. The FBI identified the man known as the “Tall Man Bandit”, suspected of robbing several banks in the Eugene area. Source: http://www.kmtr.com/news/local/story/FBI-identifies-Tall-Man-bank-bandit/TAX3a9sNo06Sm_chM1bQJA.cspx
Information Technology Sector
19. March 21, Softpedia – (International) Experts study malware used in South Korean attacks. Researchers began studying the malware used to attack TV stations and banks in South Korea March 20, and found features including malware designed to disable popular Korean antivirus programs and the ability to target both Windows and Linux systems. Source: http://news.softpedia.com/news/Experts-Study-Malware-Used-in-South-Korean-Attacks-339036.shtml
20. March 21, The H – (International) Weakened password hashing found in Cisco devices. Cicso’s new “Type 4” password algorithm was found to be implemented incorrectly, resulting in weaker passwords than the previous algorithm. Source: http://www.h-online.com/security/news/item/Weakened-password-hashing-found-in-Cisco-devices-1827197.html
21. March 21, Help Net Security – (International) Researcher points out critical Samsung Android phone vulnerabilities. A researcher made public several vulnerabilities that affect Samsung mobile phone software, allowing the installation of unauthorized apps, SMS sending, and other tasks. Source: http://www.net-security.org/secworld.php?id=14634
22. March 21, Softpedia – (International) New Yantoo Mac trojan uses browser plugin to inject ads into websites. Malware dubbed Trojan.Yahtoo.1 was found which prompts victims to install a browser plugin which then injects third-party code into Web sites viewed by the victim. Source: http://news.softpedia.com/news/New-Yantoo-Mac-Trojan-Uses-Browser-Plugin-to-Inject-Ads-into-Websites-339207.shtml
23. March 20, Threatpost – (International) Researchers uncover ‘TeamSpy’ attack campaign against government, research targets. Researchers uncovered a long-running cyberespionage campaign by a group dubbed “TeamSpy” for its use of the legitimate TeamViewer application. The group targeted government, heavy industry, intelligence, and activist organizations around the world. Source: http://threatpost.com/en_us/blogs/researchers-uncover-teamspy-attack-campaign-targeting-government-research-targets-032013
Nothing to report
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to email@example.com or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to firstname.lastname@example.org.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at email@example.com or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at firstname.lastname@example.org or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.