Tuesday, September 17, 2013



  
Complete DHS Daily Report for September 17, 2013

Daily Report

Top Stories

 • Crews restored power to 115,000 homes and businesses in Los Angeles County after downed power lines at a substation knocked out electricity. – KNBC 4 Los Angeles

1.            September 15, KNBC 4 Los Angeles – (California) Power restored to 115K homes, businesses. Southern California Edison crews restored power to 115,000 homes and businesses in the South Bay area of Los Angeles County after downed power lines at a substation knocked out electricity September 15. Source: http://www.nbclosangeles.com/news/local/49K-Homes-And-Businesses-Without-Power-in-South-Bay-223822661.html

 • Wastewater plants throughout the Boulder, Colorado region suffered from water main breaks and plant shutdowns from silt build-up caused by heavy rainfall and flooding. – Denver Post

25. September 14, Denver Post – (Colorado) Colorado floods: Water-treatment plants struggle to keep up. Wastewater plants throughout the Boulder region suffered from water main breaks and plant shutdowns from silt build-up, and were forced to announce boil advisories September 13 in the wake of ongoing heavy rainfall in the region. Source: http://www.denverpost.com/news/ci_24093109/floods-stressing-water-treatment-issues-could-still-loom

 • At least 12 people were killed, including a shooter, and several others injured after at least one gunman opened fire at the Naval Sea Systems Command headquarters in Washington, D.C. – USA Today; WUSA 9 Washington D.C.; Associated Press

30. September 16, USA Today; WUSA 9 Washington, D.C.; Associated Press – (Washington, D.C.) At least 12 dead, suspects sought in Navy shooting. At least 12 people were killed, including a shooter, and several others injured after at least one gunman opened fire September 16 at the Naval Sea Systems Command headquarters in Washington, D.C. Authorities are continuing to investigate the incident and are hunting two more suspected shooters. Source: http://www.usatoday.com/story/news/nation/2013/09/16/navy-yard-shooting/2819543/

 • Researchers identified a vulnerability in the WebView control in Android applications that can be used to install malware on users' devices. – Softpedia See item 42 below in the Information Technology Sector

Details

Banking and Finance Sector

4. September 16, Softpedia – (International) NASDAQ website vulnerable to XSS attacks, expert says. A researcher from High-Tech Bridge identified several cross-site scripting (XSS) vulnerabilities on the Web site of the NASDAQ exchange that could be exploited for phishing attacks. NASDAQ corrected the issues but at least one vulnerability reportedly remains. Source: http://news.softpedia.com/news/NASDAQ-Website-Vulnerable-to-XSS-Attacks-Expert-Says-383487.shtml

5. September 16, The Register – (International) Do you trust your waiter? Hacked bank-card reader TEXTS your info to crims. A video advertising a compromised card reader was discovered on underweb forums that allows a customer's card info to be retained and extracted via a cable or by text message if the device is fitted with a SIM card. The sellers of the device also offer a money laundering service to buyers of the device that utilizes a network of corrupt merchants. Source: http://www.theregister.co.uk/2013/09/16/tampered_pos_market_surfaces/

6. September 13, U.S. Attorney's Office, District of Kansas – (Kansas) Topeka man pleads guilty to bank fraud in Junction City apartment deal. A Topeka man pleaded guilty to bank fraud charges for using falsified information to obtain a $15.2 million loan and a $12 million line of credit to build an apartment complex. Source: http://www.justice.gov/usao/ks/PressReleases/2013/Sept2013/Sept%2013a.html

Information Technology Sector

42. September 16, Softpedia – (International) Android WebView vulnerability allows cybercriminals to install malicious software. Researchers at AVG Technologies identified a vulnerability in the WebView control in Android applications that can be used to install malware on users' devices. The vulnerability affects devices with versions of Android older than 4.2. Source: http://news.softpedia.com/news/Android-WebView-Vulnerability-Allows- Cybercriminals-to-Install-Malicious-Software-383392.shtml

43. September 16, Softpedia – (International) CSRF vulnerability in eBay allows hackers to hijack user accounts. An IT consultant found several security issues on eBay, including a cross-site request forgery (CSRF) vulnerability that could be exploited to change user account information and gain access to accounts. Source: http://news.softpedia.com/news/CSRF-Vulnerability-in-eBay-Allows-Hackers- to-Hijack-User-Accounts-Video-383316.shtml

Communications Sector

46. September 14, WJW 8 Cleveland – (Ohio) Apartment fire injures two firefighters, displaces families. Two firefighters were injured September 13 battling a fire at a three-story Cleveland apartment building which also housed businesses. The cause of the fire remains under investigation and multiple families were displaced. Source: http://fox8.com/2013/09/13/firefighters-battling-building-fire-in-cleveland/

47. September 13, KVPR 89.3 FM Fresno – (California) Propane tank explosion injures 3 at Fresno Christian High School. A September 13 gas leak at a food vendor’s trailer parked at Fresno Christian High School led to an explosion that left three people injured. Source: http://kvpr.org/post/propane-tank-explosion-injures-3-fresno-christian-high-school