Wednesday, June 12, 2013   

Complete DHS Daily Report for June 12, 2013

Daily Report

Top Stories

 • Clean-up crews were working to neutralize about 1500 pounds of hydraulic acid that was released into the air and onto the ground following a June 9 leak at the Louisville, Kentucky DuPont plant. – WFPL 89.3 FM Louisville

2. June 10, WFPL 89.3 FM Louisville – (Kentucky) Work continues to neutralize chemical after spill at DuPont plant. Clean-up crews were working to neutralize about 1500 pounds of hydraulic acid that was released into the air and onto the ground following a June 9 leak at the DuPont plant in Louisville, a process that could take up to 2 days. Source: http://www.wfpl.org/post/work-continues-neutralize-chemical-after-spill-dupont-plant

 • Approximately 34 people were sickened by fumes June 10 at the R.W. Garcia Corporation’s Lincolnton, North Carolina plant. – Charlotte Observer

18. June 11, Charlotte Observer – (North Carolina) 34 sickened at Lincolnton plant. Approximately 34 people were sickened by fumes June 10 at a R.W. Garcia Corporation plant in Lincolnton. Ten of those sickened had moderate to high levels of carbon monoxide poisoning. Source: http://www.charlotteobserver.com/2013/06/11/4098827/34-sickened-at-lincolnton-plant.html

 • According to the U.S. Centers for Disease Control and Prevention, around 87 people in eight States are now known to have been sickened with hepatitis A in the outbreak connected to Townsend Farms frozen berries sold at Costco and Harris Teeter stores. – Food Safety News

20. June 10, Food Safety News– (National) Townsend Farms hepatitis A outbreak hits 87. According to the U.S. Centers for Disease Control and Prevention, around 87 people in eight States are now known to have been sickened with hepatitis A in the outbreak connected to Townsend Farms frozen berries sold at Costco and Harris Teeter stores. Source: http://www.foodsafetynews.com/2013/06/townsend-farms-hepatitis-a-outbreak-hits-87/#.UbcG7Pmkr44

 • A letter addressed to the Central Intelligence Agency was returned as undeliverable to a Spokane, Washington post office and was determined to be the fifth in a series of ricin-laced letters sent to government figures and agencies. – Associated Press

30. June 9, Associated Press – (Washington) Suspected ricin letter to CIA discovered in Washington state, FBI says. A letter returned as undeliverable to a Spokane post office was determined to be the fifth in a series of ricin-laced letters sent to government figures and agencies. The letter was addressed to the Central Intelligence Agency and was sent for further testing. Source: http://www.foxnews.com/us/2013/06/09/fbi-5th-spokane-letter-discovered-in-ricin-case/

Details

Banking and Finance Sector

8. June 10, Scripps Media – (California) Bakersfield couple plead guilty in $6M mortgage fraud scheme. Two individuals from Bakersfield pleaded guilty to fraud charges for their role in a $6 million mortgage fraud scheme involving three others. Source: http://www.turnto23.com/news/local-news/bakersfield-couple-plead-guilty-in-6m-mortgage-fraud-scheme-061013

9. June 10, Contra Costa Times – (California) Oakland police arrest suspected serial bank robber dubbed ‘Button Down Bandit’. Local police and the FBI arrested a man in Oakland believed to be the “Button Down Bandit” suspected in eight bank robberies in the East Bay area. Source: http://www.contracostatimes.com/breaking-news/ci_23430629/oakland-police-arrest-accused-serial-bank-robber-dubbed?IADID=Search-www.contracostatimes.com-www.contracostatimes.com

10. June 10, Softpedia – (International) Mobile version of Cridex banking trojan spotted in the wild. A mobile version of the Cridex/Bugat banking trojan targeting Android, Blackberry, and Symbian devices was spotted in the wild by researchers from RSA. Source: http://news.softpedia.com/news/Mobile-Version-of-Cridex-Banking-Trojan-Spotted-in-the-Wild-359951.shtml

For another story, see item 30 above in Top Stories

Information Technology Sector

34. June 11, Help Net Security – (International) Washington Free Beacon website redirects to malware. Invincia researchers found several pages on the Web site of the Washington Free Beacon were compromised and used to redirect users to a domain hosting the Fiesta exploit kit. The kit attempts to drop the ZeroAccess rootkit and the Internet Security Pro fake antivirus malware. Source: https://www.net-security.org/malware_news.php?id=2516

35. June 11, Help Net Security – (International) Researchers find self-propagating Zeus variant. Researchers at Trend Micro discovered a variant of the Zeus/Zbot trojan that spreads via a malicious .pdf file and then copies itself onto any removable drives detected on an infected computer. Source: https://www.net-security.org/malware_news.php?id=2515

36. June 10, Netcraft – (International) Facebook Apps hosted by Heroku used for viral Twitter phishing attack. Netcraft identified a Twitter phishing site being served from several Facebook Applications hosted on the Heroku service. Source: http://news.netcraft.com/archives/2013/06/10/facebook-apps-hosted-by-heroku-used-for-viral-twitter-phishing-attack.html

37. June 10, IDG News Service – (International) New backdoor malware ‘KeyBoy’ used in targeted attacks in Asia, researchers say. Researchers at Rapid7 discovered an attack campaign using a new malware dubbed KeyBoy to install information-stealing backdoors. The campaign targets users in several countries in Asia and is spread by spearphishing. Source: https://www.networkworld.com/news/2013/061013-new-backdoor-malware-39keyboy39-used-270656.html

38. June 10, Threatpost – (International) IRC botnet leveraging unpatched Plesk vulnerability. Researchers found a botnet exploiting a vulnerability in the Plesk hosting control panel in unpatched systems. Some Apache server configurations were also reported to be vulnerable. Source: https://threatpost.com/irc-botnet-leveraging-unpatched-plesk-vulnerability/

39. June 10, Threatpost – (International) CERT warns of vulnerabilities in HP Insight Diagnostics. The Computer Emergency Readiness Team (CERT) Program issued an alert over multiple vulnerabilities in HP’s Insight Diagnostics server management tool that could be used to run code and take over infected computers. Source: https://threatpost.com/cert-warns-of-vulnerabilities-in-hp-insight-diagnostics/

40. June 10, Threatpost – (International) Apple Store vulnerable to XSS. A cross-site scripting (XSS) vulnerability was found in the Apple Store Web site, which exposes visitors to possible attack. A proof-of-concept exploit code was released. Source: https://threatpost.com/apple-store-vulnerable-to-xss/

Communications Sector

41. June 11, Beaufort Gazette– (South Carolina) TV, power outages reported in Beaufort County. Weather-related television and power outages were reported for Hargray Communications, Palmetto Electric, and SCE&G customers in Beaufort County June 10. Source: http://www.islandpacket.com/2013/06/10/2536601/hargray-reports-tv-outage-in-beaufort.html



Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport

Contact Information

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2314

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.

Removal from Distribution List:     Send mail to support@govdelivery.com.


Contact DHS

To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at  nicc@dhs.gov or (202) 282-9201.

To report cyber infrastructure incidents or to request information, please contact US-CERT at  soc@us-cert.gov or visit their Web page at  www.us-cert.go v.

Department of Homeland Security Disclaimer

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.