Thursday, August 8, 2013
Complete DHS Daily Report for August 8, 2013
• The U.S. Securities and Exchange Commission and U.S. Department of Justice filed two lawsuits against Bank of America for allegedly making misleading statements and failing to disclose important information ahead of a sale of $850 million of residential mortgage-backed securities in 2008. – Reuters See item 8 below in the Banking and Finance Sector
• The mayor of Sweetwater and the mayor of Miami Lakes, Florida, were arrested August 6 by the FBI on charges that they were involved in alleged kickback and bribery schemes in connection with federal grants. – Associated Press
27. August 7, Associated Press – (Florida) FBI arrests 2 Fla. mayors on extortion charges. The mayor of Sweetwater and the mayor of Miami Lakes were arrested August 6 by the FBI on bribery-related charges. Agents alleged that both mayors were involved in kickback and bribery schemes in connection with federal grants. Source: http://news.msn.com/crime-justice/fbi-arrests-2-fla-mayors-on-extortion-charges
• The use of exploding shooting targets were banned in 5 States by the U.S. Forest Service August 5 after authorities blamed the devices for sparking 16 wildfires since 2012. – Reuters (See item 30)
30. August 6, Reuters – (National) 16 wildfires blamed on exploding shooting targets. The use of exploding shooting targets, often made up of canisters containing two chemicals that blend and explode when struck by a bullet, were banned in 5 States by the U.S. Forest Service August 5 after authorities blamed the devices for sparking 16 wildfires since 2012. Source: http://news.msn.com/us/16-wildfires-blamed-on-exploding-shooting-targets
• City officials announced that the Los Angeles Fire Department’s 9-1-1 system failed 5 times in July, blaming the failure on a computer software error in their database. – Los Angeles Times
35. August 6, Los Angeles Times – (California) New breakdowns reported in LAFD’s 911 computer systems. City officials announced that the Los Angeles Fire Department’s 9-1-1 system failed 5 times in July, blaming the failure on a computer software error in their database. The software glitch was corrected but the possibility of future crashes remains. Source: http://www.latimes.com/news/local/lafddata/la-me-lafd-computer-crashes-20130806,0,4572677.story
Banking and Finance Sector
8. August 6, Reuters – (National) U.S. accuses Bank of America of mortgage-backed securities fraud. The U.S. Securities and Exchange Commission and U.S. Department of Justice filed two lawsuits against Bank of America for allegedly making misleading statements and failing to disclose important information about the mortgages behind a sale of $850 million of residential mortgage-backed securities to investors in 2008. Source: http://www.reuters.com/article/2013/08/06/us-bofa-justice-idUSBRE9750ZU20130806
9. August 6, Reuters – (International) UBS to pay $49.8 mln to settle SEC fraud charges over CDO. Swiss bank UBS agreed to pay $49.8 million to settle charges by the U.S. Securities and Exchange Commission that it misled investors about the risks involved in a 2007 bond transaction which caused $130 million in investor losses. Source: http://in.reuters.com/article/2013/08/06/ubs-sec-settlement-idINL1N0G714220130806
For another story, see item 37 below in the Information Technology Sector
Information Technology Sector
36. August 7, Threatpost – (International) Fort Disco brute-force attack campaign targets CMS websites. A researcher at Arbor Networks reported that a botnet called Fort Disco is active in attacks targeting Web sites built on content management systems (CMS) to gain control of systems. Fort Disco is currently made up of around 25,000 compromised Windows machines. Source: https://threatpost.com/fort-disco-brute-force-attack-campaign-targets-cms-websites/101723
37. August 7, Help Net Security – (International) Expect more Android security issues in 2013. Trend Micro released their second quarter 2013 Security Roundup Report which found that the number of malicious and high-risk Android apps has grown rapidly from the previous quarter, to 718,000 from 509,000. Malware targeting online banking also grew, increasing 29 percent from the first quarter. Source: https://www.net-security.org/malware_news.php?id=2555
38. August 7, Softpedia – (International) Malware disguised as “F-Secure Security Pack” browser extension. F-Secure warned users that cybercriminals are using the company’s name to distribute a malicious browser extension called “F-Secure Security Pack” that makes social media posts on users’ networks without permission. Source: http://news.softpedia.com/news/Malware-Disguised-as-F-Secure-Security-Pack-Browser-Extension-373860.shtml
39. August 7, Softpedia – (International) Four critical security holes fixed in Firefox 23. Mozilla released the newest version of its browser, Firefox 23, closing 13 security vulnerabilities, 4 of which were rated critical. Source: http://news.softpedia.com/news/Four-Critical-Security-Holes-Fixed-in-Firefox-23-373746.shtml
40. August 6, Computerworld – (International) Digital stakeout of Chinese hacker gang reveals 100+ victims. Two researchers from Dell SecureWorks presented findings of their surveillance of the “Beijing Group” Chinese hacking team during its campaign using the Comfoo remote access trojan (RAT) to target IT, energy, government, and communications organizations. The surveillance gave insight into the group’s methods and patterns, including their attempts to target makers of videoconferencing hardware for use in eavesdropping. Source: https://www.networkworld.com/news/2013/080613-digital-stakeout-of-chinese-hacker-272592.html
41. August 6, The Register – (International) Xerox copier flaw changes numbers in photocopied docs. A student researcher discovered a flaw in some Xerox printers can alter numbers when printing from .pdf documents at certain quality settings. Source: http://www.theregister.co.uk/2013/08/06/xerox_copier_flaw_means_dodgy_numbers_and_dangerous_designs/
42. August 7, Iroquois County Times-Republic – (Illinois; Indiana) Fiber optic cable cut causes outages. A fiber optic cable cut in the Gilman area affected Internet services for between 20,000 and 30,000 Mediacom modem customers from Watseka, Illinois, to parts of Indiana. Source: http://www.newsbug.info/iroquois_countys_times-republic/article_4bbc54e4-ff26-11e2-b844-0019bb2963f4.html
43. August 6, KHQA 7 Quincy – (Illinois) U.S. Cellular customers complain of service problems. U.S. Cellular customers in the Quincy area were without cellular phone service August 6 in the second widespread outage in 2 weeks, but did not receive word on the cause behind the outage. Source: http://www.connecttristates.com/neighborhood/story.aspx?id=925272#.UgKAmJK1FKA
44. August 6, WPTV 5 West Palm Beach – (Florida) Comcast experiencing widespread outage. Comcast alerted its customers in the West Palm Beach area August 6 that it was aware of and addressing a widespread outage and would inform customers when service returns. Source: http://www.wptv.com/dpp/news/comcast-experiencing-widespread-outage
For another story, see item 40 above in the Information Technologhy Sector
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to email@example.com or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to firstname.lastname@example.org.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at email@example.com or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at firstname.lastname@example.org or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.