Friday, March 22, 2013
Complete DHS Daily Report for March 22, 2013
Daily Report
Top Stories
• Blacksville No. 2 mine at the West
Virginia-Pennsylvania border was still burning March 20 as authorities worked
to develop a plan to smother the fire, monitor for signs of combustion, and
seal the affected area. – Charleston State Journal
1.
March 20, Charleston State Journal – (West Virginia) Fire
still burning a week later at Consol Backsville No. 2 mine. A March 12 fire
that was discovered from a ventilation shaft at Consol Energy’s Blacksville No.
2 mine at the West Virginia-Pennsylvania border was still burning March 20 as
authorities worked to develop a plan to pump water and nitrogen into the mine
to smother the fire, monitor for signs of combustion, and seal the affected
area. Source: http://www.statejournal.com/story/21731802/fire-still-burning-a-week-later-at-consol-blacksville-no-2-mine
• Carnival Cruise Lines has cancelled 10
upcoming Carnival Triumph cruises following an engine fire incident that
occurred a month ago. – Associated Press
7.
March 19, Associated Press – (Florida)
Carnival ships out of service longer than expected. Carnival Cruise
Lines has cancelled 10 upcoming Carnival Triumph cruises following an engine
fire incident that occurred a month ago. Carnival Triumph is undergoing
scheduled repairs and upgrades and is set to return to service in June. Source:
http://www.wral.com/carnival-ships-out-of-service-longer-than-expected/12244014/
• Researchers uncovered a long-running
cyber-espionage campaign that targeted government, heavy industry,
intelligence, and activist organizations around the world. – Threatpost See item 23 below in the Information Technology Sector
• A second fire burned in a 5-story commercial
building in New York City in as many days and left even more damage March 17. –
Downtown Express
26.
March 20, Downtown Express – (New
York) 2 fires at one Fulton St. building. A second fire burned in a
5-story commercial building in New York City in as many days and left even more
damage, including a partially-collapsed roof, following the March 17 four-alarm
blaze where 168 firefighters responded. The March 18 three-alarm fire damaged
33 units with a total of 138 firefighters fighting the blaze that also lasted
several hours. Source: http://www.downtownexpress.com/2013/03/20/2-fires-at-one-fulton-st-building/
Details
Banking and Finance Sector
5. March 20, KMTR 16 Eugene – (Oregon) FBI
identifies ‘Tall Man’ bank bandit. The FBI identified the man known as the
“Tall Man Bandit”, suspected of robbing several banks in the Eugene area.
Source: http://www.kmtr.com/news/local/story/FBI-identifies-Tall-Man-bank-bandit/TAX3a9sNo06Sm_chM1bQJA.cspx
Information Technology Sector
19. March
21, Softpedia – (International) Experts study malware used in South Korean
attacks. Researchers began studying the malware used to attack TV stations
and banks in South Korea March 20, and found features including malware
designed to disable popular Korean antivirus programs and the ability to target
both Windows and Linux systems. Source: http://news.softpedia.com/news/Experts-Study-Malware-Used-in-South-Korean-Attacks-339036.shtml
20. March
21, The H – (International) Weakened password hashing found in Cisco
devices. Cicso’s new “Type 4” password algorithm was found to be
implemented incorrectly, resulting in weaker passwords than the previous
algorithm. Source: http://www.h-online.com/security/news/item/Weakened-password-hashing-found-in-Cisco-devices-1827197.html
21. March
21, Help Net Security – (International) Researcher points out
critical Samsung Android phone vulnerabilities. A researcher made public
several vulnerabilities that affect Samsung mobile phone software, allowing the
installation of unauthorized apps, SMS sending, and other tasks. Source: http://www.net-security.org/secworld.php?id=14634
22. March
21, Softpedia – (International) New Yantoo Mac trojan uses browser plugin to
inject ads into websites. Malware dubbed Trojan.Yahtoo.1 was found which
prompts victims to install a browser plugin which then injects third-party code
into Web sites viewed by the victim. Source: http://news.softpedia.com/news/New-Yantoo-Mac-Trojan-Uses-Browser-Plugin-to-Inject-Ads-into-Websites-339207.shtml
23. March
20, Threatpost – (International) Researchers uncover ‘TeamSpy’ attack campaign
against government, research targets. Researchers uncovered a long-running
cyberespionage campaign by a group dubbed “TeamSpy” for its use of the
legitimate TeamViewer application. The group targeted government, heavy
industry, intelligence, and activist organizations around the world. Source: http://threatpost.com/en_us/blogs/researchers-uncover-teamspy-attack-campaign-targeting-government-research-targets-032013
Communications Sector
Nothing to
report
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.