Wednesday, May 8, 2013   

Complete DHS Daily Report for May 8, 2013

Daily Report

Top Stories

 • Firefighters reached 85 percent containment of the Camarillo wildfire by May 6 after 44-square-miles were burned. Officials believe the fire started from an undetermined ignition of grass and debris along U.S. 101. – Associated Press

22. May 7, Associated Press – (California) Calif. crews mop up wildfire as rain falls. Firefighters reached 85 percent containment of the Camarillo wildfire by May 6 after 44-square-miles were scorched. Officials believe the fire started from an undetermined ignition of grass and debris along U.S. 101. Source: http://www.businessweek.com/ap/2013-05-07/calif-dot-crews-mop-up-wildfire-as-rain-falls

 • Officials closed 11 Mount Clemens public schools May 7 in order to clean and disinfect the buildings after 2 staff members came down with Methicillin-resistant Staphylococcus Aureus (MRSA). Classes were set to resume May 8 as buses were also cleaned and disinfected. – WWJ-TV 62 Detroit

24. May 6, WWJ-TV 62 Detroit – (Michigan) Mt. Clemens schools closed Tuesday due to MRSA outbreak. Officials closed 11 Mount Clemens public schools May 7 in order to clean and disinfect the buildings after 2 staff members came down with Methicillin-resistant Staphylococcus Aureus (MRSA). Classes were set to resume May 8 as buses were also cleaned and disinfected. Source: http://detroit.cbslocal.com/2013/05/06/mt-clemens-schools-closed-tuesday-due-to-mrsa-outbreak/

 • The U.S. Department of Defense’s annual report on China’s military capabilities concluded that the government and military of China have engaged in cyberattacks to steal information for defense and industrial purposes. – IDG News Service See item 28 below in the Information Technology Sector

 • ZScaler experts discovered at least 10 media and other Web sites that were compromised by cybercriminals and used to distribute the ZeroAccess Trojan and fake AV malware to visitors accessing the site using Internet Explorer. – Softpedia

37. May 7, Softpedia – (International) Compromised US media sites used to distribute ZeroAccess, Fake AV malware. ZScaler experts discovered at least 10 media and other Web sites that were compromised by cybercriminals and used to distribute the ZeroAccess Trojan and fake AV malware to visitors accessing the site using Internet Explorer. Source: http://news.softpedia.com/news/Compromised-US-Media-Sites-Used-to-Distribute-ZeroAccess-Fake-AV-Malware-351260.shtml

Details

Banking and Finance Sector

7. May 7, Softpedia – (National) US convenience store chain Mapco Express hacked, payment cards compromised. The Mapco Express convenience store chain experienced a breach of customer credit/debit card information after malware was planted in payment processing systems. Customers who used credit/debit cards at Mapco Express stores during certain periods in March and April may be affected. Source: http://news.softpedia.com/news/US-Convenience-Store-Chain-Mapco-Express-Hacked-Payment-Cards-Compromised-351249.shtml

Information Technology Sector

28. May 7, IDG News Service – (International) Pentagon accuses China government, military of cyberattacks. The U.S. Department of Defense’s annual report on China’s military capabilities concluded that the government and military of China have engaged in cyberattacks to steal information for defense and industrial purposes. Source: http://www.cso.com.au/article/461117/pentagon_accuses_china_government_military_cyberattacks/

29. May 7, The H – (International) Exploit for new IE8 0-day vulnerability in the wild. A Metasploit module that exploits an Internet Explorer (IE) 8 zero-day vulnerability used in recent watering hole attacks is now available, making the exploit generally accessible. Microsoft suggested several security measures to implement until a patch is developed. Source: http://www.h-online.com/security/news/item/Exploit-for-new-IE8-0-day-vulnerability-in-the-wild-1857966.html

30. May 7, Softpedia – (International) Malicious Flash Player updates hosted on Dropbox. Researchers at Zscaler found and analyzed a fake Flash Player update attack that stores the malicious update in a Dropbox account. The files attempt to disable security programs and then drop a Sality variant onto victims’ systems. Source: http://news.softpedia.com/news/Malicious-Flash-Player-Updates-Hosted-on-Dropbox-351239.shtml

31. May 7, IDG News Service – (International) AutoIt scripting increasingly used by malware developers. Researchers at Trend Micro and Bitdefender found that the AutoIt scripting language is increasingly being used by malware developers due to its flexibility and accessibility. Source: http://www.computerworld.com/s/article/9238968/AutoIt_scripting_increasingly_used_by_malware_developers

32. May 7, Softpedia – (International) Syrian Electronic Army hacks “The Onion” Twitter and Facebook accounts. Members of the Syrian Electronic Army hacktivist group hijacked several Facebook and Twitter accounts belonging to satirical news site The Onion. The accounts were later recovered by their owners. Source: http://news.softpedia.com/news/Syrian-Electronic-Army-Hacks-The-Onion-Twitter-and-Facebook-Accounts-351120.shtml

33. May 6, Softpedia – (International) Unpatched building management system exposes Google’s Wharf 7 HQ to hackers. Two security researchers found that the Tridium Niagara AX building management system at Google Australia’s Wharf 7 headquarters was vulnerable to attack due to Google not having applied a patch that closed known vulnerabilities. Source: http://news.softpedia.com/news/Unpatched-Building-Management-System-Exposes-Google-s-Wharf-7-HQ-to-Hackers-351043.shtml

34. May 6, Softpedia – (International) Use of .pw domains for spam campaigns on the rise, experts find. Symantec found that spam messages containing links to Palau’s .pw top-level domains have increased greatly since the end of April. They also that found several of the .pw spam sites were registered to an address in Nevada. Source: http://news.softpedia.com/news/Use-of-pw-Domains-for-Spam-Campaigns-on-the-Rise-Experts-Find-351045.shtml

35. May 6, Softpedia – (International) Google fixes CSRF vulnerability in Translator and clickjacking flaw in Gmail. A security researcher published proof-of-concept videos for a Google Translate cross-site reference forgery (CSRF) vulnerability, and for a clickjacking vulnerability in Gmail’s “Tasks” feature, after Google was informed and addressed the vulnerabilities. Source: http://news.softpedia.com/news/Google-Fixes-CSRF-Vulnerability-in-Translator-and-Clickjacking-Flaw-in-Gmail-Video-351036.shtml

For another story, see item 37 above in Top Stories

Communications Sector

Nothing to report


Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport

Contact Information

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2314

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.

Removal from Distribution List:     Send mail to support@govdelivery.com.


Contact DHS

To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at  nicc@dhs.gov or (202) 282-9201.

To report cyber infrastructure incidents or to request information, please contact US-CERT at  soc@us-cert.gov or visit their Web page at  www.us-cert.go v.

Department of Homeland Security Disclaimer

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.