Friday, July 19, 2013




Daily Report
Top Stories

 • Washington Suburban Sanitary Commission officials implemented mandatory water restrictions for Prince George’s County, Maryland, and feared the area would have no water service for several days, affecting 200,000 business and residents. – Associated Press

21. July 17, Associated Press – (Maryland) Pipe repair shuts off water for 200,000 people near DC. Mandatory water restrictions for Prince George’s County businesses and residents began July 16 to permit urgent repairs to a failing water main. Washington Suburban Sanitary Commission officials feared the area would have no water service for several days but have since reported they would be able to divert water to keep pipes flowing for 200,000 business and residents including an Air Force base and hotels, restaurants, and a convention center and resort at the National Harbor. Source: http://news.msn.com/us/pipe-repair-shuts-off-water-for-200000-people-near-dc

 • Firefighters reached 15 percent containment of California’s Mountain Fire July 18 after burning through 22,800 acres and prompting the evacuation of nearly 6,000 people. – KTLA 5 Los Angeles

26. July 18, KTLA 5 Los Angeles – (California) Mountain Fire grows to 22,800 acres; 15% contained. Firefighters reached 15 percent containment of California’s Mountain Fire July 18 after burning through 22,800 acres and prompting the evacuation of nearly 6,000 people in several communities and counties near Idyllwild. Source: http://ktla.com/2013/07/18/wildfire-forces-evacuation-near-idyllwild/#axzz2ZP8jBK83

 • The University of Virginia is in the process of notifying 18,700 students whose Social Security numbers were printed onto address labels of health insurance brochures and mailed out. – Charlottesville Daily Progress

28. July 18, Charlottesville Daily Progress – (Virginia) 18,000 Social Security numbers printed on outside of U.Va. student mailings. The University of Virginia is in the process of notifying 18,700 students whose Social Security numbers were printed onto address labels of health insurance brochures that were mailed out. The brochures were sent through a third-party mail vendor. Source: http://www.timesdispatch.com/news/latest-news/social-security-numbers-printed-on-outside-of-u-va-student/article_aca180fc-ef38-11e2-b5f7-0019bb30f31a.html

 • Researchers identified a critical vulnerability in Java 7 Update 25 and previous versions that can be exploited with a known attack method. – Softpedia See item 38 below in the Information Technology Sector

Details
Banking and Finance Sector

6. July 17, San Luis Obispo Tribune – (California) ‘Central Coast Bandit’ blamed for four local bank robberies. A bank robber dubbed the “Central Coast Bandit” was suspected in four robberies in San Luis Obispo County, most recently at a Golden 1 Federal Credit Union branch in Paso Robles July 17. Source: http://www.sanluisobispo.com/2013/07/17/2586973/fbi-names-local-bank-robber-the.html

 7. July 18, Loudoun Times-Mirror – (Virginia) Ashburn jeweler pleads guilty to $20 million bank fraud scheme. An Ashburn man pleaded guilty to his role in a mortgage fraud scheme involving 36 properties in northern Virginia that obtained $19.9 million in loan proceeds. Source: http://www.loudountimes.com/news/article/ashburn_jeweler_pleads_guilty_to_20_million_bank_fraud_scheme898

8. July 17, Chicago Sun-Times – (Illinois) Elmhurst man pleads guilty to stealing files from Federal Reserve Bank. A former employee of the Federal Reserve Bank of Chicago pleaded guilty to stealing confidential files on the bank’s access and monitoring of credit exposure on his last day of work with the bank. Source: http://chicago.cbslocal.com/2013/07/17/elmhurst-man-pleads-guilty-to-stealing-files-from-federal-reserve-bank/

9. July 17, Santa Rosa Press Democrat – (California) Napa financial adviser indicted in fraud case. A former Napa financial adviser was indicted for allegedly forging more than $1.8 million in checks from the accounts of a deceased client. Source: http://www.pressdemocrat.com/article/20130717/ARTICLES/130719564

For another story, see item 25 below:

25. July 17, New York Times – (New York) Prosecutors say five ran a credit card fraud ring. Authorities charged a couple after discovering one of the pair worked for South Shore Physicians on Staten Island and used her access to elderly patients’ records to steal their financial information. Her fiancĂ©, along with three other accomplices, used the stolen financial information to obtain credit cards and the couple used the money on a spending spree that totaled nearly $700,000. Source: http://www.nytimes.com/2013/07/18/nyregion/prosecutors-say-five-ran-a-credit-card-fraud-ring.html?_r=0

Information Technology Sector
38. July 18, Softpedia – (International) Experts find sandbox bypass vulnerability in Java 7 Update 25. Researchers at Security Explorations identified a critical vulnerability in Java 7 Update 25 and previous versions that can be exploited with a known attack method. Details and a proof-of-concept were submitted to Oracle. Source: http://news.softpedia.com/news/Experts-Find-Sandbox-Bypass-Vulnerability-in-Java-7-Update-25-369044.shtml

39. July 18, Krebs on Security – (International) Botcoin: Bitcoin mining by botnet. Researchers discovered a Bitcoin mining malware affiliate program that utilizes infected computers to ‘mine’ Bitcoins via botnets. Source: https://krebsonsecurity.com/2013/07/botcoin-bitcoin-mining-by-botnet/

40. July 18, IDG News Service – (International) Most enterprise networks riddled with vulnerable Java installations. A report by Bit9 found that outdated Java installations are currently deployed on most enterprise networks, posing a major security risk. Source: https://www.computerworld.com/s/article/9240880/Most_enterprise_networks_riddled_with_vulnerable_Java_installations

41. July 18, Softpedia – (International) Fake AV “Antivirus System” prevents victims from booting in safe mode. A fake antivirus found by Webroot researchers called Antivirus System injects itself into a device’s system shell, booting up in safe mode to prevent removal. Source: http://news.softpedia.com/news/Fake-AV-Antivirus-System-Prevents-Victims-from-Booting-in-Safe-Mode-369124.shtml

42. July 18, V3.co.uk – (International) Hackers knock Network Solutions websites offline with DDoS attack. Network Solutions was the target of a distributed denial of service (DDoS) attack July 15, affecting its own and an unknown number of customers’ Web sites. Source: http://www.v3.co.uk/v3-uk/news/2283238/hackers-knock-network-solutions-websites-offline-with-ddos-attack

43. July 18, Softpedia – (International) Android apps that exploit “master key” bug found on Google Play. Bitdefender researchers identified two apps in the Google Play store that exploit the Android “master key” exploit in a non-malicious manner. Source: http://news.softpedia.com/news/Android-Apps-that-Exploit-Master-Key-Bug-Found-on-Google-Play-369091.shtml

44. July 18, Help Net Security – (International) Android backup sends unencrypted Wi-Fi passwords to Google. A researcher found that the Android “Back up my data” feature sends private information such as WiFi passwords in plaintext to Google. Source: https://www.net-security.org/secworld.php?id=15245
45. July 18, Softpedia – (International) KakaoTalk users warned of malicious applications. Trend Micro researchers found an e-mail distributed trojanized version of the KakaoTalk instant messaging app designed to collect contact information, text messages, and phone settings. Source: http://news.softpedia.com/news/KakaoTalk-Users-Warned-of-Malicious-Applications-369281.shtml

46. July 17, eWeek – (International) Cyber-criminals selling fraudulent identity ‘kitz’ on web black market. Dell Secureworks researchers found cybercriminals selling various identity fraud packages called “kitz” that contain an individual’s personal information and documents, including full profiles called “fullz” made by using information leaked in data breaches. Source: http://www.eweek.com/security/cyber-criminals-selling-fraudulent-identity-kitz-on-web-black-market/
47. July 17, CNET – (International) Google Glass patch fixes vulnerability through QR code. Google closed a security vulnerability in its Google Glass device that could allow an attacker to compromise the device by using a QR code. Source: http://news.cnet.com/8301-1009_3-57594116-83/google-glass-patch-fixes-vulnerability-through-qr-code

48. July 17, Dark Reading – (International) DDoS average packet-per-second and attack bandwidth rates rise. Prolexic Technologies released their second quarter 2013 Quarterly Global DDoS attack report, which found that distributed denial of service (DDoS) attacks increased in average packet-per-second rate and average bandwidth by 1,655 percent and 925 percent, respectively, compared to 2012 levels. Source: http://www.darkreading.com/attacks-breaches/ddos-average-packet-per-second-and-attac/240158434
For another story, see item 25 above just following the Banking and Finance Sector

Communications Sector
49. July 18, San Joaquin County News – (California) PG&E puts $5,000 bounty on copper wire thieves. Following 12 documented copper wire thefts in the Stockton area since June 28, AT&T reported it would offer a $5,000 reward for information which may lead to the arrest and conviction of those responsible for interrupting service to its customers via the thefts. Source: http://www.recordnet.com/apps/pbcs.dll/article?AID=/20130718/A_NEWS/307180322/-1/A_NEWS02

Department of Homeland Security (DHS)

DHS Daily Open Source Infrastructure Report Contact Information

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport

 Contact Information

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2314

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.

Removal from Distribution List:     Send mail to support@govdelivery.com.

Contact DHS

 To report physical infrastructure incidents or to request information, please contact the National Infrastructure

Coordinating Center at  nicc@dhs.gov or (202) 282-9201.

 To report cyber infrastructure incidents or to request information, please contact US-CERT at  soc@us-cert.gov or visit their Web page at  www.us-cert.go v.

 

Department of Homeland Security Disclaimer

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.