Wednesday, April 17, 2013
Complete DHS Daily Report for April 17, 2013
• The Schnucks supermarket chain announced details of a data breach where attackers gained access to around 2.4 million customers’ credit and debit card information via its systems and networks. – Help Net Security See item 11 below in the Banking and Finance Sector
• A bank robber known as the “Bully Bandit” was suspected in an April 13 robbery of a Chase Bank branch in Chicago, his twelfth robbery. – WBBM 2 Chicago See item 13 below in the Banking and Finance Sector
• A concrete-walled pit at a dairy operation was fractured and sent about a million gallons of manure and water into 2 trout streams before leaking into the Root River. – Minneapolis Star Tribune
29. April 15, Minneapolis Star Tribune – (Minnesota) Million-gallon cow manure spill fouls Root River tributaries. A concrete-walled pit at a dairy operation was fractured and sent about a million gallons of manure and water into 2 trout streams before leaking into the Root River. The problems were compounded by cold, snowy weather and widespread manure runoff problems in the farming counties. Source: http://www.startribune.com/local/203125981.html?source=error
• Two explosions during the Boston Marathon killed 3 people and wounded over 140 impacting area businesses and tourism. Multiple hotels were evacuated and closed, sections of the Massachusetts Turnpike and the downtown area was cordoned off with businesses closed as investigators from the FBI, and State and local authorities worked to identify additional information surrounding the incident. – USA Today
40. April 16, USA Today – (Massachusetts) Boston visitors face disruptions after bomb blasts. Two explosions during the Boston Marathon killed 3 people and wounded over 140 impacting area businesses and tourism. Multiple hotels were evacuated and closed, sections of the Massachusetts Turnpike and the downtown area was cordoned off with businesses closed as investigators from the FBI, and State and local authorities worked to identify additional information surrounding the incident. Source: http://www.usatoday.com/story/dispatches/2013/04/16/boston-marathon-bomb-copley-square-visitors/2087023/
Banking and Finance Sector
11. April 16, Help Net Security – (National) 2.4M cards compromised in US supermarket chain breach. The Schnucks supermarket chain announced details of a data breach where attackers gained access to around 2.4 million customers’ credit and debit card information via its systems and networks. Seventy nine of the chain’s 100 stores may have been compromised over 4 months. Source: http://www.net-security.org/secworld.php?id=14758
12. April 15, KLAS 8 Las Vegas – (Nevada) Louisiana lawyer convicted of Las Vegas mortgage fraud. A New Orleans lawyer was convicted for participating in a mortgage fraud scheme involving more than 220 properties in Las Vegas and cost financial institutions $50 million. Source: http://www.8newsnow.com/story/21982472/louisiana-lawyer-convicted-of-las-vegas-mortgage-fraud
13. April 15, WBBM 2 Chicago – (Illinois) ‘Bully Bandit’ suspected of 12th bank robbery. A bank robber known as the “Bully Bandit” was suspected in an April 13 robbery of a Chase Bank branch in Chicago, his twelfth robbery. Source: http://chicago.cbslocal.com/2013/04/15/bully-bandit-suspected-of-12th-bank-robbery/
14. April 15, Associated Press – (Arizona) Border officers seize fraudulent credit cards at Nogales crossing. A Mexican national was found in possession of two packages containing a total of 79 fraudulent credit cards during a U.S. Customs and Border Protection check of a tourist bus in Nogales April 15. Source: http://azstarnet.com/news/local/border/border-officers-seize-fraudulent-credit-cards-at-nogales-crossing/article_d878f974-a61a-11e2-9950-001a4bcf887a.html
15. April 15, Reuters – (National) Trader admits fraud in $1 billion Apple stock scheme. A former trader for Rochdale Securities pleaded guilty to wire fraud and conspiracy for buying 1.625 million in Apple stock shares in 2012 under false pretenses, which led the company to take a $5.3 million loss that caused the company to go out of business. Source: http://www.reuters.com/article/2013/04/15/us-crime-rochdale-apple-plea-idUSBRE93E11I20130415
16. April 15, Bloomberg News – (National) John Thomas’s CEO accused by Finra of fraud. The Financial Industry Regulatory Authority filed a complaint against the CEO of John Thomas Financial Inc. for allegedly defrauding customers and threatening his employees. Source: http://www.businessweek.com/news/2013-04-15/john-thomas-s-ceo-accused-by-finra-of-fraud-broker-threats
17. April 12, The Globe and Mail – (International) Brokerage regulator ‘deeply regrets’ loss of device with client data. The Investment Industry Regulatory Organization of Canada (IIROC) reported that an employee lost a portable device containing the personal information of around 52,000 brokerage firm clients from 32 firms. IIROC notified the affected firms and arranged for credit protection services. Source: http://www.theglobeandmail.com/report-on-business/securities-regulator-says-deeply-regrets-loss-of-device-with-client-data/article11135687/
For another story, see item 37 below in the Information Technology Sector
Information Technology Sector
34. April 16, The H – (International) Attackers gain access to Linode customer data. Hosting company Linode provided details of an attack on its servers, stating that attackers gained access to one of its Web servers as well as part of its backend code and customer database. Source: http://www.h-online.com/security/news/item/Attackers-gain-access-to-Linode-customer-data-1842777.html
35. April 16, IDG News Service – (International) Symantec report finds small businesses battered by cybercrime. Symantec’s Internet Security Threat Report 2013 found that small businesses are increasingly the targets of cyberattacks due to typically less-secure systems and to serve as a foothold for access to larger companies’ systems. Source: http://www.networkworld.com/news/2013/041613-symantec-report-finds-small-businesses-268746.html
36. April 15, Softpedia – (International) Trojan downloader Nenim deletes components to prevent analysis. Microsoft Malware Protection Center researchers found and analyzed a trojan known as TrojanDownloader:Win32/Nenim.gen!A that downloads two components used to infect other devices and steal passwords, then deletes the components in a way that makes them unrecoverable, preventing analysis. Source: http://news.softpedia.com/news/Trojan-Downloader-Nenim-Deletes-Components-to-Prevent-Analysis-345383.shtml
37. April 15, Softpedia – (International) Several hacktivist groups to join forces for OpUSA on May 7. Several hacktivist groups that took part in attacks on Israeli Web sites under the name OpIsrael announced their intentions to target the U.S. with cyberattacks May 7. Source: http://news.softpedia.com/news/Several-Hacktivist-Groups-to-Join-Forces-for-OpUSA-on-May-7-345566.shtml
38. April 15, Threatpost – (International) Google fixes three high-risk flaws in Chrome OS. Google announced fixes for four vulnerabilities in its Chrome OS that could have been used for code execution. Source: http://threatpost.com/en_us/blogs/google-fixes-three-high-risk-flaws-chrome-os-041513
39. April 12, KSPR 33 Springfield – (Missouri) AT&T debuts new alarm system to protect against copper theft. AT&T began using a new alarm system which conducts random checks of lines throughout the network to identify signal cuts and alert police to possible copper theft. The telecommunications company will install the alarm system in rural areas where copper thieves strike most. Source: http://articles.kspr.com/2013-04-12/new-alarm-system_38498998
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to email@example.com or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to firstname.lastname@example.org.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at email@example.com or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at firstname.lastname@example.org or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.