Tuesday, April 30, 2013
Complete DHS Daily Report for April 30, 2013
• Severe storms knocked out power to roughly 45,000 CenterPoint Energy customers April 27 in Houston. – Associated Press (See item 1)
1. April 28, Associated Press – (Texas) Thousands without power in Houston after storms. Severe storms knocked out power to roughly 45,000 CenterPoint Energy customers in Houston April 27. Crews were working to restore service. Source: http://www.dallasnews.com/news/local-news/20130428-thousands-without-power-in-houston-after-storms.ece
• A fuel tanker overturned on Highway 38 near Angelus Oaks, California, spilling 4,000 gallons of fuel and prompting the closure of a 3 mile stretch of the highway for at least a week and perhaps longer. – Los Angeles Times (See item 18)
18. April 26, Los Angeles Times – (California) California 38 may shut down at least a week after tanker spill. A fuel tanker overturned on Highway 38 near Angelus Oaks spilling 4,000 gallons of fuel, prompting the closure of a narrow 3 mile stretch of the highway for at least a week and perhaps several weeks. The fuel seeped into a nearby creek that feeds into the Santa Ana River, potentially contaminating local water supplies. Source: http://www.latimes.com/local/lanow/la-me-ln-california-38-closure-may-last-weeks--20130426,0,5656576.story
• The U.S. Department of Justice announced the arrest and charge of a man believed to have sent the U.S. President and 2 other public officials letters laced with ricin. Authorities arrested him April 27 at his home in Tupelo, Mississippi. – MSN News (See item 34)
34. April 28, MSN News – (Mississippi) Miss. man gets bioweapon charge in ricin case. The U.S. Department of Justice announced the arrest and charge of a man believed to have sent the U.S. President and 2 other public officials letters laced with ricin. Authorities arrested him April 27 at his home in Tupelo. Source: http://news.msn.com/crime-justice/miss-man-gets-bioweapon-charge-in-ricin-case
• A sophisticated Apache backdoor being used to redirect traffic to Web sites hosting the Blackhole exploit kit was found and analyzed by researchers. – Help Net Security See item 38 below in the Information Technology Sector
Banking and Finance Sector
10. April 26, Puget Sound Business Journal – (Washington) FDIC lawsuit seeks $46 million from executives of failed Frontier bank. The Federal Deposit Insurance Corporation filed a lawsuit against 12 former directors and officers of the failed Frontier Bank of Everett seeking $46 million in damages. The accused allegedly were negligent in approving loans and acted contrary to prudent practices. Source: http://www.bizjournals.com/seattle/news/2013/04/26/fdic-seeks-46-million-from-executives.html
11. April 26, City News Service – (California) Ex-notary arrested, accused of mortgage-fraud conspiracy. A former San Diego public notary was arrested for allegedly running a mortgage fraud scheme involving around 30 properties that caused losses of over $5 million. Source: http://www.sandiego6.com/news/local/Ex-Notary-Accused-of-Mortgage-Fraud-Conspiracy-204965781.html
Information Technology Sector
38. April 29, Help Net Security – (International) Sophisticated Apache backdoor in the wild. A sophisticated Apache backdoor dubbed “Linux/Cdorked.A” being used to redirect traffic to Web sites hosting the Blackhole exploit kit was found and analyzed by researchers at ESET and Sucuri. Source: http://www.net-security.org/secworld.php?id=14836
39. April 29, The H – (International) Hackers access personal data of 50 million LivingSocial users. The operators of LivingSocial contacted about 50 million customers and asked them to change their passwords after attackers may have compromised encrypted passwords and personal information. Source: http://www.h-online.com/security/news/item/Hackers-access-personal-data-of-50-million-LivingSocial-users-1851667.html
40. April 29, Softpedia – (International) 11 “Guardian” Twitter accounts hijacked by Syrian Electronic Army. Members of the Syrian Electronic Army hacktivist group hijacked several Twitter accounts belonging to the U.K. newspaper The Guardian using phishing emails to gather the information needed. Source: http://news.softpedia.com/news/11-Guardian-Twitter-Accounts-Hijacked-by-Syrian-Electronic-Army-349343.shtml
41. April 29, Softpedia – (International) Umbraco developers warn users of severe vulnerability in integration Web services. The developers of the Umbraco content management service alerted customers to a vulnerability in the platform’s integration Web services affecting all versions. Source: http://news.softpedia.com/news/Umbraco-Developers-Warn-Users-of-Severe-Vulnerability-in-Integration-Web-Services-349167.shtml
42. April 29, Computerworld – (International) McAfee spots Adobe Reader PDF-tracking flaw. McAfee researchers found a security flaw in Adobe Reader that can show when a user opened a document and where the file is located on users’ systems. Source: http://www.computerworld.com/s/article/9238752/McAfee_spots_Adobe_Reader_PDF_tracking_flaw
43. April 26, Krebs on Security – (International) Dutchman arrested in Spamhaus DDoS. A Dutch national was arrested by authorities in Spain in connection with the massive distributed denial of service (DDoS) attack against Spamhaus in March. Source: http://krebsonsecurity.com/2013/04/dutchman-arrested-in-spamhaus-ddos/
44. April 26, SC Magazine – (International) Travnet trojan compresses files to send more info to data thieves. A new trojan dubbed “Travnet” was spotted by researchers being used in a targeted operation. The malware can gather user information and steal files by compressing them and then sending them back to botnet operators. Source: http://www.scmagazine.com/travnet-trojan-compresses-files-to-send-more-info-to-data-thieves/article/290486
Nothing to report
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to firstname.lastname@example.org or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to email@example.com.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at firstname.lastname@example.org or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at email@example.com or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.