Thursday, May 9, 2013
Complete DHS Daily Report for May 9, 2013
• The California Public Utilities Commission recommended that Pacific Gas & Electric Co. pay a record $2.25 billion fine for its negligence leading to a fatal 2010 gas pipeline explosion in San Bruno. – Associated Press
3. May 6, Associated Press – (California) PUC recommends record fine of $2.25B against PG&E in San Bruno pipeline explosion. The California Public Utilities Commission recommended that Pacific Gas & Electric Co. (PG&E) pay a record $2.25 billion fine for its negligence leading to a fatal 2010 gas pipeline explosion in San Bruno. The penalty, the largest ever assessed by a State regulator, comes after the National Transportation Safety Board unanimously agreed that accident was caused by a series of failures from PG&E, in conjunction with weak oversight by regulators. Source: http://www.scpr.org/news/2013/05/06/37152/san-bruno-pipeline-explosion-2-25b-fine-against-pa/
• An official at a Venezuelan state-owned development bank and two employees of a Miami brokerage were charged in federal court for an alleged bribery and kickbacks scheme. – Bloomberg News See item 6 below in the Banking and Finance Sector
• A consortium of academic researchers, beekeepers, and U.S. Department of Agriculture scientists announced that multiple factors caused nearly one in three commercial honeybee colonies in the United States to die or disappear last winter, threatening the nation’s food supply. – Wired
16. May 8, Wired.com – (National) One-third of U.S. honeybee colonies died last winter, threatening food supply. A consortium of academic researchers, beekeepers, and U.S. Department of Agriculture scientists announced that multiple factors caused nearly one in three commercial honeybee colonies in the United States to die or disappear last winter. The research revealed an unsustainable decline that threatens the nation’s food supply. Source: http://www.wired.com/wiredscience/2013/05/winter-honeybee-losses/
• Centurylink reported an electronic routing system caused a 9 hour outage of their Internet and phone services which affected one million customers across 21 States. – WXOW 19 La Crosse See item 36 below in the Communications Sector
Banking and Finance Sector
6. May 8, Bloomberg News – (International) Venezuelan bank official charged in U.S. in bribe scheme. An official at Venezuelan state-owned development bank Banco de Desarrollo Economico y Social de Venezuela (BANDES) and two employees of Miami brokerage Direct Access Partners (DAP) were charged in federal court for an alleged scheme where the DAP employees bribed the BANDES official to steer business to DAP. The three allegedly split more than $60 million in mark-ups and mark-downs among themselves. Source: http://www.bloomberg.com/news/2013-05-07/venezuelan-offical-u-s-broker-dealers-charged-in-bribe-scheme.html
7. May 7, Santa Monica Mirror – (California) Cops bus high end liquor thieves who used fraudulent credit cards. Santa Monica police arrested two individuals wanted in Beverly Hills and Los Angeles for allegedly running a fraudulent credit card scheme that caused over $200,000 in losses. Source: http://www.smmirror.com/articles/News/Cops-Bust-High-End-Liquor-Thieves-Who-Used-Fraudulent-Credit-Cards/37484
For another story see item 31 below in the Information Technology Sector
Information Technology Sector
31. May 8, Softpedia – (International) OpUSA: Fake leaks, small website defacements, and “pedestrian” DDOS attacks. The “OpUSA” campaign of attacks against U.S. Web sites organized by various groups claiming the Anonymous label appears to have caused only minor damage or disruption, according to researchers. Source: http://news.softpedia.com/news/OpUSA-Fake-Leaks-Small-Website-Defacements-and-Pedestrian-DDOS-Attacks-351613.shtml
32. May 8, IDG News Service – (International) Stealthy Web server malware spreads further. The Linux/Cdorked malware found infecting Apache Web servers continues to spread via an unknown means, with new versions found that are engineered for widely-used Lighttpd and NGINX servers. Source: http://www.computerworld.com/s/article/9239003/Stealthy_Web_server_malware_spreads_further
33. May 8, Threatpost – (International) Old IE attack finds its way into Cool Exploit Kit. Microsoft reported that the Cool Exploit Kit has been updated to include an Internet Explorer (IE) vulnerability that was patched in June 2012, as well as Adobe Reader and Flash vulnerabilities. Source: http://threatpost.com/old-ie-attack-finds-its-way-into-cool-exploit-kit/
34. May 7, The H – (International) NGINX patches major security flaw. The developers of NGINX released updated stable and development versions, closing a major security vulnerability that can allow arbitrary code execution. Source: http://www.h-online.com/security/news/item/NGINX-patches-major-security-flaw-1858438.html
35. May 7, The H – (International) Hackers gain access to all .edu domains. The Hack the Planet (HTP) hacker group disclosed vulnerabilities in the MoinMoin wiki system and Adobe Cold Fusion that the group used in past attacks against Linode and the Massachusetts Institute of Technology. Source: http://www.h-online.com/security/news/item/Hackers-gain-access-to-all-edu-domains-1858471.html
36. May 7, WXOW 19 La Crosse – (Wisconsin) Centurylink outages resolved. Centurylink reported an electronic routing system caused a 9 hour outage of their Internet and phone services which affected one million customers across 21 States. Source: http://www.wxow.com/story/22183439/2013/05/07/centurylink-has-outages-across-the-country
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to firstname.lastname@example.org or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to email@example.com.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at firstname.lastname@example.org or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at email@example.com or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.