Monday, May 6, 2013
Complete DHS Daily Report for May 6, 2013
Daily Report
Top Stories
• The FBI announced
that a former systems manager for an electrical manufacturing company in
Smithtown, New York, was arrested for allegedly causing over $90,000 in damage
to the company by illegally accessing the company’s systems. – IDG News
Service
4. May 3,
IDG News Service – (New York) Systems manager arrested for hacking former
employer’s network. The FBI announced that a former systems manager for an
electrical manufacturing company in Smithtown was arrested for allegedly
causing over $90,000 in damage to the company by illegally accessing the
company’s systems to perform malicious acts after he quit his job at the
company. Source: http://www.networkworld.com/news/2013/050313-systems-manager-arrested-for-hacking-269385.html
• Eleven individuals were arrested for
allegedly running an identity theft ring based in Paterson, New Jersey, that
took out lines of credit in victims’ names and make fraudulent purchases
totaling $150,000 in losses. – NJ.com See item 6
below in the Banking and Finance Sector
• Terminal B of the George Bush
Intercontinental Airport was on a security lockdown and flights were
temporarily suspended May 3 after a man pulled out a gun and shot into the air.
– Reuters
9.
May 3, Reuters – (Texas) Man dead
after Houston airport shooting sparks panic. Terminal B of the George Bush
Intercontinental Airport in Houston was on a security lockdown and flights were
temporarily suspended after a man pulled out a gun and shot into the air.
Officials are investigating whether the shooter was killed by the authorities
or committed suicide. Source: http://www.ndtv.com/article/world/man-dead-after-houston-airport-shooting-sparks-panic-362094
• The Springs Fire in California has damaged
15 homes, burned through 10,000 acres, closed a portion of a highway, and was
only 10 percent contained by May 3 as conditions were expected to worsen – NBC
News
30. May 3,
NBC News – (California) ‘Monster’ California wildfire reaches ocean,
pushes toward Malibu. The Springs Fire in California has damaged 15 homes,
burned through 10,000 acres, closed a portion of a highway, and was only 10
percent contained by May 3. The fire has put over 2,000 homes and 100
commercial properties at risk and more than 900 firefighters are working to
quell the flames as weather conditions are expected to worsen. Source: http://usnews.nbcnews.com/_news/2013/05/02/18018487-monster-california-wildfire-reaches-ocean-pushes-toward-malibu?lite
Details
Banking and Finance Sector
6. May 3, NJ.com – (New Jersey) Police arrest
11 alleged members of Paterson-based identity theft ring. Eleven
individuals were arrested for allegedly running an identity theft ring based in
Paterson that used an insider at a records storage facility to acquire victims’
personal information and then open retail store lines of credit in their names
and make fraudulent purchases totaling $150,000 in losses. Source: http://www.nj.com/bergen/index.ssf/2013/05/police_arrest_11_alleged_members_of_paterson-based_identity_theft_ring.html
7. May 2, Chicago Tribune – (Illinois) FBI:
‘Bully Bandit’ strikes again. The suspect known as the “Bully Bandit”
robbed a Bank of America branch in Riverside May 2, the twelfth robbery he is
suspected in. Source: http://www.chicagotribune.com/news/local/breaking/chi-fbi-bully-bandit-strikes-again-20130502,0,6911105.story
8. May 2, American Banker – (Illinois) FDIC
suit seeks $128M from leaders of failed Midwest Bank. The Federal Deposit
Insurance Corporation filed suit against the former officers and directors of
the failed Midwest Bank for allegedly using reckless practices in their duties
at the bank that led to over $128 million in damages. Source: http://www.americanbanker.com/issues/178_85/fdic-suit-seeks-128-million-from-leaders-of-failed-midwest-bank-1058799-1.html?zkPrintable=1&nopagination=1
Information Technology Sector
38. May 3,
Softpedia – (International) g01pack: First exploit kit to deliver payload
via multistage attack. Researchers at Trusteer found a variant of the
g01pack Java exploit kit that delivers its payload in a multistage attack to
help avoid security programs. Source: http://news.softpedia.com/news/g01pack-First-Exploit-Kit-to-Deliver-Payload-via-Multistage-Attack-350700.shtml
39. May 3,
SC Magazine – (International) Vulnerability data shows majority of websites
are susceptible to a serious flow. Vulnerability data analyzed by WhiteHat
Security found that 86 percent of all Web sites contain one or more serious
vulnerabilities that exposed it to attack. Source: http://www.scmagazineuk.com/vulnerability-data-shows-majority-of-websites-are-susceptible-to-a-serious-flaw/article/291825/
40. May 3,
Softpedia – (International) OAuth vulnerabilities allowed hackers to
access private photo on Instagram. A researcher at Break Security
identified two methods to hijack Instagram accounts by exploiting OAuth flaws.
The flaws were reported to Instagram’s owner, Facebook, and were addressed.
Source: http://news.softpedia.com/news/OAuth-Vulnerabilities-Allowed-Hackers-to-Access-Private-Photos-on-Instagram-Video-350730.shtml
41. May 3,
The H – (International) Android virus scanners are easily fooled. Researchers
at North Carolina State University and Northwestern University developed a tool
that modifies existing Android malware apps in minor ways and found that ten
antivirus programs tested could be tricked into registering the malware as
harmless. Source: http://www.h-online.com/security/news/item/Android-virus-scanners-are-easily-fooled-1856133.html
42. May 3, The H – (International) Certificate bug in open
source IPsec VPN. The developers of the strongSwan open source IPsec VPN
software found its software may accept invalid digital signatures and
certificates if the OpenSSL crypto backend is enabled. Source: http://www.h-online.com/security/news/item/Certificate-bug-in-open-source-IPsec-VPN-1855695.html
43. May 3, Softpedia – (International) CakePHP
1.2.12, 1.3.16, 2.2.8, and 2.3.4 released to prevent SQL injections. The
Cake Software Foundation released updates to several versions of CakePHP to
address a vulnerability that could allow SQL injection attacks. Source: http://news.softpedia.com/news/CakePHP-1-2-12-1-3-16-2-2-8-and-2-3-4-Released-to-Prevent-SQL-Injections-350709.shtml
Communications Sector
44.
May 2, Daily Inter-Mountain – (West
Virginia) Copper thieves cause outage. An attempted copper theft in
Beverly, which included two cuts into a 102-count fiber line, left roughly
5,000 customers of Suddenlink Communications without cable, Internet, or phone
service for more than 12 hours May 2. Source: http://www.theintermountain.com/page/content.detail/id/561376/Copper-thieves-cause-outage.html
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.