• A jetliner operated by Asiana Airlines crash landed at San Francisco International Airport, killing two people and sending more than 180 to local hospitals with injuries. – Associated Press; KQED 30 San Francisco
17. July 6, KQED 30 San Francisco; Associated Press – (California) Airliner crashes at San Francisco International Airport. A jetliner operated by Asiana Airlines crash landed at San Francisco International Airport, killing two people and sending more than 180 to local hospitals with injuries July 6. Authorities are investigating the cause of the crash. Source: http://blogs.kqed.org/newsfix/2013/07/06/airliner-crash-lands-at-san-francisco-international-airport/
• Crews reached 80 percent containment of New Mexico’s Silver Fire that burned 138,546 acres July 5. – Silver City Sun News
29. July 7, Silver City Sun-News – (New Mexico) Silver Fire growth stops with help of rain. Crews reached 80 percent containment of New Mexico’s Silver Fire that burned 138,546 acres July 5. Light rain and high humidity caused the fire to reach a standstill after igniting from a lightning strike June 7. Source: http://www.scsun-news.com/silver_city-news/ci_23616448
• A new spearphishing campaign utilizing a Java remote access trojan targeting government agencies in the U.S., Canada, Australia, and some European countries was identified by researchers. – Help Net Security See item 35 below in the Information Technology Sector
• Researchers found that as many as 150,000 Web sites powered by older versions of vBulletin were exploited by cybercriminals to serve malware. – Softpedia See item 36 below in the Information Technology Sector
Banking and Finance Sector
7. July 8, Softpedia – (International) Quayside Publishing hacked, customer credit card information possibly stolen. Quayside Publishing notified customers that a breach occurred in their Web sites sometime between April 19 and June 17, possibly exposing customer credit card information and other personal information. Source: http://news.softpedia.com/news/Quayside-Publishing-Hacked-Customer-Credit-Card-Information-Possibly-Stolen-366311.shtml
8. July 8, Springfield Republican – (Massachusetts) Enfield police arrest three New York men for fake credit cards. Police in Enfield arrested three men for allegedly using fraudulent credit cards to attempt in-store purchases, and found 147 fraudulent credit cards in their possession. Source: http://www.masslive.com/news/index.ssf/2013/07/enfield_police_arrest_three_ne.html
9. July 5, Softpedia – (International) New service allows fraudsters to instantly generate scans of fake documents. A researcher discovered a service on a Russian underweb market that allows cybercriminals to generate fake passports, ID cards, utility bills, and credit cards for use in fraudulent activities. Source: http://news.softpedia.com/news/New-Service-Allows-Fraudsters-to-Instantly-Generate-Scans-of-Fake-Documents-365941.shtml
Information Technology Sector
35. July 8, Help Net Security – (International) Multi-platform Java RAT targeting government agencies. A new spearphishing campaign utilizing a Java remote access trojan (jRAT) targeting government agencies in the U.S., Canada, Australia, and some European countries was identified by Symantec researchers. The jRAT can operate on any computer running Java regardless of operating system and grants full access and control to the attacker. Source: https://www.net-security.org/malware_news.php?id=2537
36. July 8, Softpedia – (International) Around 150,000 vBulletin forums compromised, abused to serve malware. Researchers at Securi found that as many as 150,000 Web sites powered by older versions of vBulletin were exploited by cybercriminals to serve malware. Source: http://news.softpedia.com/news/Around-150-000-vBulletin-Forums-Compromised-Abused-to-Serve-Malware-366442.shtml
37. July 8, Softpedia – (International) Trojan disguised as “Pinterest Tool” steals users’ login credentials. A researcher found a fake Pinterest tool used to harvest users’ login credentials that may be part of a diet spam campaign. Source: http://news.softpedia.com/news/Malicious-Pinterest-Tool-Steals-Users-Login-Credentials-366347.shtml
38. July 8, Help Net Security – (International) Mass login attempts compromise 24,000 Nintendo site accounts. July 2 Nintendo detected around 24,000 user account compromises in its Club Nintendo Web site that exposed the personal but not financial information of users. Source: https://www.net-security.org/secworld.php?id=15191
For another story, see item 7 above in the Banking and Finance Sector
39. July 5, Ames Tribune – (Iowa) Crash causes Internet outage to thousands in Story County. 14,000 Mediacom Internet customers throughout central Iowa lost service July 5 for several hours after a car crashed into a utility pole. Source: http://amestrib.com/sections/news/ames-and-story-county/crash-causes-internet-outage-thousands-story-county.html
40. July 5, KWQC 6 Davenport – (Iowa) 97X off air due to technical issues. Quad City radio station WXLP, also known as 97X, suffered a catastrophic transmitter failure the week of June 30 and was expected to be repaired July 8-9. Source: http://www.kwqc.com/story/22767730/97x-off-the-air-due-to-technical-issues
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to firstname.lastname@example.org or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to email@example.com.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at firstname.lastname@example.org or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at email@example.com or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.