Tuesday, April 9, 2013
Complete DHS Daily Report for April 9, 2013
Daily Report
Top Stories
• A Virginia lawyer pleaded guilty for her
role in a fraud scheme involving fraudulently obtained loans guaranteed by the
U.S. Small Business Administration, causing over $100 million in losses. – Bloomberg
News See
item 6 below in the Banking and Finance Sector
• Symantec found that the cybercriminals
behind the Shylock banking trojan have added new functions and infrastructure
to the malware, expanding its targets and capabilities. – Threatpost See
item 9 below in the Banking and Finance Sector
• Tysons Foods will pay close to $4 million in
fines in a settlement with the federal government over the accidental release of
chemicals at Tyson plants in four States that caused injuries, property damage,
and one death. – KFSM 5 Fort Smith
16.
April 5, KFSM 5 Fort Smith –
(National) Tyson fined $4 million after accidental chemical releases. Tysons
Foods will pay close to $4 million in fines in a settlement with the federal
government over the accidental release of chemicals at Tyson plants in four
States that caused injuries, property damage, and one death. Source: http://5newsonline.com/2013/04/05/tyson-fined-4-million-after-accidental-chemical-releases/
• Researchers discovered an open FTP server
that holds the source code for several American Megatrends (AMI) BIOS as well
as the private signing key for Unifiied Extensible Firmware Interface (UEFI)
updates, information potentially very valuable in carrying out cyberespionage.
– Softpedia See item 31 below
in the Information Technology Sector
Details
Banking and Finance Sector
6. April 5,
Bloomberg News – (Virginia) Virginia lawyer pleads guilty in $100 million SBA
loan fraud. A Great Falls lawyer pleaded guilty for her role in a fraud
scheme involving fraudulently obtained loans guaranteed by the U.S. Small
Business Administration, causing over $100 million in losses. Source: http://www.bloomberg.com/news/2013-04-05/virginia-lawyer-pleads-guilty-in-100-million-sba-loan-fraud-1-.html
7. April 5,
Federal Bureau of Investigation – (Virginia) Former jewelry
store owner and loan officer charged in $20 million mortgage fraud scheme. Two
individuals from Ashburn were charged by a federal grand jury with conspiracy
and bank fraud for allegedly running a $20 million mortgage fraud scheme.
Source: http://www.fbi.gov/washingtondc/press-releases/2013/former-jewelry-store-owner-and-loan-officer-charged-in-20-million-mortgage-fraud-scheme
8. April 5,
WKRC 12 Cincinnati – (Ohio) Three men busted for “well-oiled” credit card scheme. Three
men were charged in Hamilton County for their alleged role in a $150,000 credit
card fraud scheme. Around 90 fraudulent cards were found during their arrest.
Source: http://www.local12.com/mostpopular/story/Three-Men-Busted-For-Well-Oiled-Credit-Card-Scheme/Ms3ZQnOAIUONIlqSdf8Pfg.cspx
9. April 5,
Threatpost – (International) Shylock trojan going global with new
features, resilient infrastructure. Symantec found that the cybercriminals
behind the Shylock banking trojan have added new functions and infrastructure
to the malware, expanding the banking institutions that it targets and allowing
it to steal other passwords and user information. Source: http://threatpost.com/en_us/blogs/shylock-trojan-going-global-new-features-resilient-infrastructure-040513
Information Technology Sector
28. April 8,
V3.co.uk – (International) Doctor Web hijacks control of BackDoor botnet
from criminals. Antivirus provider Doctor Web took control of the
BackDoor.Bulknet.739 botnet and posted an analysis of its composition and
effectiveness. Source: http://www.v3.co.uk/v3-uk/news/2259913/doctor-web-hijacks-control-of-backdoor-botnet-from-criminals
29. April 7,
CVG UK – (International) Server attack forces Harmonix sites offline. Video
game developer Harmonix took their Web sites offline April 7 after they
detected a possible intrusion. Source: http://www.computerandvideogames.com/399601/server-attack-forces-harmonix-sites-offline/
30. April 6,
Softpedia – (International) Microsoft fixes DOM XSS vulnerability on
Skype.com. Microsoft closed a DOM-based cross-site scripting (XSS)
vulnerability on the Skype Web site during March after a researcher informed
the company of it December 2012. Source: http://news.softpedia.com/news/Microsoft-Fixes-DOM-XSS-Vulnerability-on-Skype-com-343527.shtml
31. April 5,
Softpedia – (International) FTP server in Taiwan leaks AMI BIOS source code,
UEFI signing key. Researchers discovered an open FTP server that holds the
source code for several American Megatrends (AMI) BIOS as well as the private
signing key for Unifiied Extensible Firmware Interface (UEFI) updates,
information potentially very valuable in carrying out cyberespionage. Source: http://news.softpedia.com/news/FTP-Server-in-Taiwan-Leaks-AMI-BIOS-Source-Code-UEFI-Signing-Key-343426.shtml
32. April 5,
Ars Technica – (International) Bitcoin wallet service Coinbase faces
phishing attacks after data leak. Coinbase, a wallet service for the
virtual currency Bitcoin, accidentally exposed user and transaction information
on its Web site, leading to phishing attacks against the revealed email
addresses. Source: http://arstechnica.com/tech-policy/2013/04/bitcoin-wallet-service-coinbase-faces-phishing-attacks-after-data-leak/
33. April 5,
SC Magazine – (International) Android trojan spreads through Cutwail spam
botnet. A large Cutwail botnet has been found spreading an Android trojan
dubbed Stels which is capable of gleaning user information and performing
functions on infected devices. Source: http://www.scmagazine.com/android-trojan-spreads-through-cutwail-spam-botnet/article/287554/
34. April 5,
V3.co.uk – (International) Coca Cola, Credit Suisse and Mercedez-Benz
execs caught up in phishing scam. Webroot researchers found Microsoft
Access files from major international companies for sale on underground market
Web sites, offering executives’ contact information for use in creating more
effective phishing attacks. Source: http://www.v3.co.uk/v3-uk/news/2259558/coca-cola-credit-suisse-and-mercedezbenz-execs-caught-up-in-phishing-scam
For another story, see item 9 above in the Banking and Finance Sector
Communications Sector
35. April 7,
Cranberry Patch; Pittsburgh Post-Gazette– (Pennsylvania) Phone and
internet service outage affecting Cranberry businesses. A contractor
installing a water line for the town of Cranberry April 5 damaged an
underground telephone cable, disrupting Internet and phone services for area
businesses. Services were expected to be restored by April 7. Source: http://cranberry.patch.com/articles/phone-and-internet-service-outage-affecting-cranberry-businesses
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.