Thursday, June 13, 2013
Complete DHS Daily Report for June 13, 2013
Daily Report
Top Stories
• Authorities shut down a 3-mile stretch of
Interstate 80 in Winnemucca, Nevada, for 19 hours after a severe sandstorm
caused a 27-car pileup. – Associated Press
12.
June 11, Associated Press – (Nevada) Nevada
sandstorm causes deadly 27-car pileup. Authorities shut down a 3 mile
stretch of Interstate 80 in Winnemucca for 19 hours after a severe sandstorm
June 10 caused a 27-car pileup and multiple accidents. One person was killed
and 26 others were injured. Source: http://www.bakersfieldnow.com/news/national/Nevada-sandstorm-causes-deadly-27-car-pileup-211116051.html
• Walgreens reached a settlement with the U.S.
Drug Enforcement Agency to pay $80 million in fines over allegations they
allowed millions of controlled substances to reach the black market. – USA
Today
18.
June 11, USA Today – (National) Walgreens
to pay $80 million for oxycodone violations. Walgreens reached a settlement
with the U.S. Drug Enforcement Agency (DEA) to pay $80 million in fines to end
a probe into allegations they allowed millions of controlled substances to
reach the black market. The DEA also suspended the controlled substances
licenses for Walgreens’ Jupiter, Florida distribution center until September
2014 and six of its Florida pharmacies until May 2014 in what is the largest
civil penalty paid under the Controlled Substances Act in DEA history. Source: http://www.usatoday.com/story/news/nation/2013/06/11/walgreens-drug-oxycodone-license-80-million/2412451/
• Colorado’s Black Forest Fire prompted the
evacuation of 2,300 homes, the evacuation of a prison, and threatened other
structures. – Associated Press
19. June 12,
Associated Press – (Colorado) Colo. Wildfire forces evacuation of 900 prisoners
as precaution; 4 major fires burn statewide. Colorado’s Black Forest Fire
prompted the evacuation of 2,300 homes and forced the evacuation of over 900
prisoners from the Colorado Territorial Correctional Facility June 12.
Firefighters were working to contain a total of 4 wildfires burning in the
State that have burned through several structures and continue to threaten
thousands of homes. Source: http://www.washingtonpost.com/national/wildfire-near-colorado-springs-burns-homes-fire-near-royal-gorge-bridge-burns-3-structures/2013/06/11/e1d216fa-d2f6-11e2-b3a2-3bf5eb37b9d0_story.html
• Microsoft’s most recent Patch Thursday
included updates that close 23 vulnerabilities, including a critical Internet
Explorer vulnerability and an actively-exploited Office vulnerability. – IDG
News Service
See
item 31 below in the Information Technology Sector
Details
Banking and Finance Sector
5. June 11, Chicago Tribune – (National) CBOE
hit for failure to police ‘naked short selling’. The Chicago Board Options
Exchange agreed to pay $6 million in fines after the U.S. Securities and
Exchange Commission charged the exchange with failing to properly supervise its
markets. Source: http://www.suntimes.com/news/20678933-418/chicago-board-options-exchange-fined-6-million-in-short-sale-scheme.html
6. June 11, Associated Press – (Nevada) Ex-mortgage
firm chief guilty in Vegas fraud case. The former president and CEO of U.S.
Mortgage pleaded guilty to a fraud scheme where his company illegally withheld
funds due to Wells Fargo Bank from home loans, costing the bank $8 million.
Source: http://www.mynews3.com/content/news/story/Ex-mortgage-firm-chief-guilty-in-Vegas-fraud-case/iOrGLM-9y0e9AniqiBnKLg.cspx
Information Technology Sector
27. June 12,
Softpedia – (International) Linux kernel local privilege escalation
exploit modified to work on Android. A previously-reported Linux kernel
privilege escalation vulnerability has been modified to work on the Android
mobile operating system, according to Symantec researchers. Source: http://news.softpedia.com/news/Linux-Kernel-Local-Privilege-Escalation-Exploit-Modified-to-Work-on-Android-360453.shtml
28. June 12,
The H – (International) June updates for Flash and Air close a
critical hole. Adobe released a patch that closes a critical vulnerability
in all versions of Flash Player and Adobe AIR that can be used to gain control
of systems. Source: http://www.h-online.com/security/news/item/June-updates-for-Flash-and-Air-close-a-critical-hole-1886972.html
29. June 12,
Softpedia – (International) DOS vulnerability affects WordPress 3.5.1. A
security researcher identified a denial of service (DOS) vulnerability in
WordPress 3.5.1 that may affect other versions as well. Source: http://news.softpedia.com/news/DOS-Vulnerability-Affects-WordPress-3-5-1-360358.shtml
30. June 12,
Softpedia – (International) Gamarue malware downloads malicious
components from SourceForge. Trend Micro researchers identified a variant
of the Gamarue malware that downloads additional components from a SourceForge
project after it infects a target. Source: http://news.softpedia.com/news/Gamarue-Malware-Downloads-Malicious-Components-from-SourceForge-360329.shtml
31. June 11,
IDG News Service – (International) Microsoft patches critical IE vulnerabilities
and actively exploited Office flaw. Microsoft’s most recent Patch Thursday
release included updates that close 23 vulnerabilities in Internet Explorer
(IE), Windows, and Office, including one rated “critical” in all versions of IE
6-10 and an actively-exploited Office vulnerability. Source: https://www.networkworld.com/news/2013/061113-microsoft-patches-critical-ie-vulnerabilities-270744.html
For another story, see
item 24 below:
24. June
11, Associated Press – (National) Man linked to Anonymous pleads
guilty to hacking. A hacker linked to the group Anonymous, pleaded guilty
to intentionally hacking law enforcement Web sites in Utah, California, New
York, and Missouri between September 2011 and February 2012, causing him to
face prison time and nearly $230,000 in restitution. Source: http://www.pulse.me/ap/69055d05b05f4ae0a665cf768e3e19f4
Communications Sector
Nothing to
report
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.