Wednesday, May 29, 2013   

Complete DHS Daily Report for May 29, 2013

Daily Report

Top Stories

 • U.S. law enforcement authorities seized virtual currency provider LibertyReserve and filed charges against its founder and five others for allegedly facilitating money laundering and other criminal activity totaling $6 billion. – Krebs on Security See item 4 below in the Banking and Finance Sector

 • A Union Pacific train hit the side of a Burlington Northern Santa Fe train at a rail intersection in Scott County May 25 which caused rail cars to derail then hit columns supporting the Highway M overpass, causing the collapse and injury of seven people and $3 million in estimated damages. – Associated Press

10. May 27, Associated Press – (Missouri) Freight trains collide in Scott County damaging highway overpass. A Union Pacific train hit the side of a Burlington Northern Santa Fe train at a rail intersection in Scott County May 25 which caused rail cars to derail then hit columns supporting the Highway M overpass, causing the collapse and injury of seven people and $3 million in estimated damages. Source: http://www.ksdk.com/news/article/382168/3/Freight-trains-collide-in-Scott-County-damaging-highway-overpass-

 • A fire broke out aboard a Royal Caribbean cruise ship prompting officials to order passengers to evacuate their rooms and take shelter in the ship’s casino May 27. The ship remained docked in the Bahamas while passengers determined whether they would continue on the cruise. – Associated Press

13. May 27, Associated Press – (International) Fire breaks out aboard Royal Caribbean cruise ship. A fire broke out aboard a Royal Caribbean cruise ship prompting officials to order passengers to evacuate their rooms and take shelter in the ship’s casino May 27. The ship remained docked in the Bahamas while passengers determined whether they would continue on the cruise. Source: http://www.cbsnews.com/8301-201_162-57586282/fire-breaks-out-aboard-royal-caribbean-cruise-ship/

 • Firefighters reached 5 percent containment May 28 of a wildfire that scorched 1,000 acres in the Los Padres National Forest and caused the evacuation of 4,000 to 6,000 campers. Between 50 and 75 residents were evacuated as the fire threatened about 50 homes. – Associated Press

28. May 28, Associated Press – (California) California wildfire forces thousands to evacuate. Firefighters reached 5 percent containment May 28 of a wildfire that scorched 1,000 acres in the Los Padres National Forest and caused the evacuation of 4,000 to 6,000 campers. Between 50 and 75 residents were evacuated as the fire threatened about 50 homes. Source: http://news.msn.com/us/california-wildfire-forces-thousands-to-evacuate

Details

Banking and Finance Sector

4. May 28, Krebs on Security – (International) U.S. government seizes LibertyReserve.com. U.S. law enforcement authorities seized virtual currency provider LibertyReserve and filed charges against its founder and five others for allegedly facilitating money laundering and other criminal activity totaling $6 billion. Source: http://krebsonsecurity.com/2013/05/u-s-government-seizes-libertyreserve-com/

5. May 24, WATE 6 Knoxville – (Tennessee) Indictment details investment scheme that cost investors $18M. Four individuals were indicted for allegedly running an investment fraud scheme under three company names in Knoxville that lost investors more than $18 million. Source: http://www.wate.com/story/22416022/4-indicted-in-investment-scheme-that-cost-investors-18m

6. May 24, Reuters – (Virginia) Ex-Virginia bank executives guilty in financial crisis case. The former chief executive of Bank of the Commonwealth and three others were convicted of conspiracy to commit bank fraud and other charges relating to their actions at the failed Norfolk bank. Source: http://articles.chicagotribune.com/2013-05-24/business/sns-rt-us-bankofthecommonwealth-guiltybre94n0y5-20130524_1_southern-bank-bank-fraud-bank-customer

7. May 24, Pacific Business News – (Hawaii) Maui owners of The Mortgage Store charged with operating Ponzi scheme. The two owners of The Mortgage Store based in Maui were charged with allegedly running a Ponzi scheme that stole $8.6 million from investors over 5 years. Source: http://www.bizjournals.com/pacific/blog/morning_call/2013/05/maui-owners-of-the-mortgage-store.html

8. May 24, IDG News Service – (International) Researchers warn of increased Zeus malware activity this year. Researchers from Trend Micro warned that activity associated with the Zeus/ZBot financial malware has increased in recent months, with new Zeus variants and capabilities. Source: http://www.networkworld.com/news/2013/052413-researchers-warn-of-increased-zeus-270142.html

Information Technology Sector

39. May 28, The H – (International) PayPal vulnerable to cross-site scripting again. A student in Germany disclosed a cross-site scripting (XSS) vulnerability in PayPal’s German language version of the site. Source: http://www.h-online.com/security/news/item/PayPal-vulnerable-to-cross-site-scripting-again-1871763.html

40. May 28, Softpedia – (International) Experts find multiple security flaws in Trend Micro’s DirectPass 1.5.0. A researcher from Vulnerability Lab found two vulnerabilities in Trend Micro’s DirectPass password management software that could allow arbitrary code injection, hijack sessions, or perform other actions. Source: http://news.softpedia.com/news/Experts-Find-Multiple-Security-Flaws-in-Trend-Micro-s-DirectPass-1-5-0-356425.shtml

41. May 28, SC Magazine – (International) ITV and Sky both hit by the Syrian Electronic Army. Members of the Syrian Electronic Army hacktivist group compromised the Twitter account of U.K. broadcaster ITV News and hacked at least six Android apps for U.K. broadcaster Sky in the Google Play Store. Google later removed the compromised apps. Source: http://www.scmagazineuk.com/itv-and-sky-both-hit-by-the-syrian-electronic-army/article/295053/

42. May 27, The H – (International) 0-days in Novell Client for Windows. Two zero day vulnerabilities were discovered by eEye researchers in Novell Client for Windows that can allow local code execution within the kernel. Source: http://www.h-online.com/security/news/item/0-days-in-Novell-Client-for-Windows-1870712.html

43. May 24, IDG News Service – (International) Researchers find unusual malware targeting Tibetan users in cyberespionage operation. ESET researchers found a piece of cyberespionage malware dubbed Win32/Syndicasec that bypasses Windows User Account Control (UAC) to run arbitrary commands without prompting users to confirm. Source: http://www.networkworld.com/news/2013/052413-researchers-find-unusual-malware-targeting-270133.html

44. May 24, SC Magazine – (International) Attackers use Skype, other IM apps to spread Liftoh trojan. The Liftoh trojan is being spread via shortened links in Skype instant messages, with malicious links being clicked more than 170,000 times, according to Symantec researchers. Source: http://www.scmagazine.com/attackers-use-skype-other-im-apps-to-spread-liftoh-trojan/article/294860/

For additional stories, see items 8 above in the Banking and Finance Sector and immediately below item 9:

9. May 28, Akron Beacon Journal – (Ohio) Turkish group hacks into Akron-Canton Airport website. A cyber group from Turkey hacked into Ohio’s Akron-Canton Airport Web site May 25 and leaked the personal information of about 15,000 customers online that had entered a contest for travel giveaways. Social Security numbers and financial information were not exposed. Source: http://www.ohio.com/news/break-news/turkish-group-hacks-into-akron-canton-airport-website-1.400738

Communications Sector

45. May 23, Duluth News Tribune– (Minnesota) 911 service disrupted in northern St. Louis County. A fiber optic line cut in St. Louis County left six areas without long distance and 9-1-1 emergency services with an unknown time for service restoration. Fire departments added staff for in-person emergencies and recommended those in emergencies use their cell phone or contact other posted local numbers. Source: http://www.duluthnewstribune.com/event/article/id/268016/group/homepage/



Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport

Contact Information

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2314

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.

Removal from Distribution List:     Send mail to support@govdelivery.com.


Contact DHS

To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at  nicc@dhs.gov or (202) 282-9201.

To report cyber infrastructure incidents or to request information, please contact US-CERT at  soc@us-cert.gov or visit their Web page at  www.us-cert.go v.

Department of Homeland Security Disclaimer

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.