Tuesday, July 9, 2013




Daily Report

Top Stories

 • A jetliner operated by Asiana Airlines crash landed at San Francisco International Airport, killing two people and sending more than 180 to local hospitals with injuries. – Associated Press; KQED 30 San Francisco

17. July 6, KQED 30 San Francisco; Associated Press – (California) Airliner crashes at San Francisco International Airport. A jetliner operated by Asiana Airlines crash landed at San Francisco International Airport, killing two people and sending more than 180 to local hospitals with injuries July 6. Authorities are investigating the cause of the crash. Source: http://blogs.kqed.org/newsfix/2013/07/06/airliner-crash-lands-at-san-francisco-international-airport/

 • Crews reached 80 percent containment of New Mexico’s Silver Fire that burned 138,546 acres July 5. – Silver City Sun News

29. July 7, Silver City Sun-News – (New Mexico) Silver Fire growth stops with help of rain. Crews reached 80 percent containment of New Mexico’s Silver Fire that burned 138,546 acres July 5. Light rain and high humidity caused the fire to reach a standstill after igniting from a lightning strike June 7. Source: http://www.scsun-news.com/silver_city-news/ci_23616448

 • A new spearphishing campaign utilizing a Java remote access trojan targeting government agencies in the U.S., Canada, Australia, and some European countries was identified by researchers. – Help Net Security See item 35 below in the Information Technology Sector

 • Researchers found that as many as 150,000 Web sites powered by older versions of vBulletin were exploited by cybercriminals to serve malware. – Softpedia See item 36 below in the Information Technology Sector

Details

Banking and Finance Sector

7. July 8, Softpedia – (International) Quayside Publishing hacked, customer credit card information possibly stolen. Quayside Publishing notified customers that a breach occurred in their Web sites sometime between April 19 and June 17, possibly exposing customer credit card information and other personal information. Source: http://news.softpedia.com/news/Quayside-Publishing-Hacked-Customer-Credit-Card-Information-Possibly-Stolen-366311.shtml

8. July 8, Springfield Republican – (Massachusetts) Enfield police arrest three New York men for fake credit cards. Police in Enfield arrested three men for allegedly using fraudulent credit cards to attempt in-store purchases, and found 147 fraudulent credit cards in their possession. Source: http://www.masslive.com/news/index.ssf/2013/07/enfield_police_arrest_three_ne.html

9. July 5, Softpedia – (International) New service allows fraudsters to instantly generate scans of fake documents. A researcher discovered a service on a Russian underweb market that allows cybercriminals to generate fake passports, ID cards, utility bills, and credit cards for use in fraudulent activities. Source: http://news.softpedia.com/news/New-Service-Allows-Fraudsters-to-Instantly-Generate-Scans-of-Fake-Documents-365941.shtml

Information Technology Sector

35. July 8, Help Net Security – (International) Multi-platform Java RAT targeting government agencies. A new spearphishing campaign utilizing a Java remote access trojan (jRAT) targeting government agencies in the U.S., Canada, Australia, and some European countries was identified by Symantec researchers. The jRAT can operate on any computer running Java regardless of operating system and grants full access and control to the attacker. Source: https://www.net-security.org/malware_news.php?id=2537

36. July 8, Softpedia – (International) Around 150,000 vBulletin forums compromised, abused to serve malware. Researchers at Securi found that as many as 150,000 Web sites powered by older versions of vBulletin were exploited by cybercriminals to serve malware. Source: http://news.softpedia.com/news/Around-150-000-vBulletin-Forums-Compromised-Abused-to-Serve-Malware-366442.shtml

37. July 8, Softpedia – (International) Trojan disguised as “Pinterest Tool” steals users’ login credentials. A researcher found a fake Pinterest tool used to harvest users’ login credentials that may be part of a diet spam campaign. Source: http://news.softpedia.com/news/Malicious-Pinterest-Tool-Steals-Users-Login-Credentials-366347.shtml

38. July 8, Help Net Security – (International) Mass login attempts compromise 24,000 Nintendo site accounts. July 2 Nintendo detected around 24,000 user account compromises in its Club Nintendo Web site that exposed the personal but not financial information of users. Source: https://www.net-security.org/secworld.php?id=15191

For another story, see item 7 above in the Banking and Finance Sector

Communications Sector

39. July 5, Ames Tribune – (Iowa) Crash causes Internet outage to thousands in Story County. 14,000 Mediacom Internet customers throughout central Iowa lost service July 5 for several hours after a car crashed into a utility pole. Source: http://amestrib.com/sections/news/ames-and-story-county/crash-causes-internet-outage-thousands-story-county.html

40. July 5, KWQC 6 Davenport – (Iowa) 97X off air due to technical issues. Quad City radio station WXLP, also known as 97X, suffered a catastrophic transmitter failure the week of June 30 and was expected to be repaired July 8-9. Source: http://www.kwqc.com/story/22767730/97x-off-the-air-due-to-technical-issues



Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport

Contact Information

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2314

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.

Removal from Distribution List:     Send mail to support@govdelivery.com.


Contact DHS

To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at  nicc@dhs.gov or (202) 282-9201.

To report cyber infrastructure incidents or to request information, please contact US-CERT at  soc@us-cert.gov or visit their Web page at  www.us-cert.go v.

Department of Homeland Security Disclaimer

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.