Wednesday, November 13, 2013



Complete DHS Daily Report for November 13, 2013

Daily Report

Top Stories

 • A 90-car train carrying 2.7 million gallons of crude oil derailed, exploded, and caused a fire near Aliceville, Alabama. – Los Angeles Times

17. November 9, Los Angeles Times– (Alabama) Train in Alabama oil spill was carrying 2.7 million gallons of crude. A 90-car train carrying 2.7 million gallons of crude oil derailed, exploded, and caused a fire November 7 near Aliceville, Alabama, spilling the oil into a surrounding wetland while firefighters continued battling the blaze that burned through November 9. The accident is under investigation while crews continue to remove the train cars from the marsh. Source: http://www.latimes.com/nation/nationnow/la-na-nn-train-crash-alabama-oil-20131109,0,780637.story

 • Researchers identified a new zero-day vulnerability in Microsoft Internet Explorer 7, 8, and 9 and observed a sophisticated exploit utilizing the vulnerability being used in a watering hole attack. – Dark Reading See item 39 below in the Information Technology Sector

 • A security researcher found unsecured remote management software running on 30,000 computers, leaving industrial processes and confidential information open to the Internet. – Wired.com See item 40 below in the Information Technology Sector

 • A fire at a shopping center in Canton, Texas, destroyed about 20 buildings and prompted the evacuation of nearby homes. – KTVT 11 Fort Worth

45. November 9, KTVT 11 Fort Worth – (Texas) Fire guts Canton shopping center. A fire at The Mountain at Old Mill Marketplace shopping center in Canton, Texas, November 9 destroyed about 20 buildings and prompted the evacuation of nearby homes while firefighters worked to put out flames. Source: http://dfw.cbslocal.com/2013/11/09/fire-guts-canton-shopping-center/

Details

Financial Services Sector

7. November 12, IDG News Service – (International) Banking malware infections rise to highest level since 2002. Trend Micro released a report for the third quarter of 2013 which found that over 200,000 new banking malware infections were observed between July and September, the highest rate in 11 years. The report stated that ZeuS (also known as Zbot) malware was the most common type of malware, and that the U.S. was the most affected country, among other findings. Source: http://www.networkworld.com/news/2013/111213-banking-malware-infections-rise-to-275838.html

8. November 9, Reuters – (National) U.S. seeks $864 million from Bank of America after fraud verdict. Federal prosecutors will seek $864 million in penalties from Bank of America after it was ruled that the bank is liable for fraud in the sale of defective mortgages by its Countrywide unit. The government will also seek penalties against a former Countrywide executive who was also found liable in the fraud. Source: http://www.reuters.com/article/2013/11/09/bankofamerica-hustle-idINDEE9A804P20131109

9. November 8, KATC 3 Lafayette – (Louisiana; Georgia) Jury finds Ga. men guilty of bank fraud scheme. Three Atlanta men were found guilty November 8 for a check fraud scheme in Lafayette, Louisiana, that used stolen commercial checks to create fraudulent checks and then use others to cash them. Police found 43 stolen checks totaling $155,223 as well as paper and equipment used to create the fake checks. Source: http://www.katc.com/news/jury-finds-ga-men-guilty-of-bank-fraud-scheme/

10. November 7, U.S. Department of Labor – (Georgia) Garda Cash Logistics cited by U.S. Department of Labor’s OSHA for failure-to-abate and serious violations; more than $55,000 in fines proposed. The Occupational Safety and Health Administration cited armored car service Garda Cash Logistics with three failure-to-abate and one serious violation at their Norcross facility. Proposed fines totaled $55,400 Source: https://www.osha.gov/pls/oshaweb/owadisp.show_document?p_table=NEWS_RELEASES&p_id=25059

For another story, see item 40 below in the Information Technology Sector

Information Technology Sector

37. November 12, The Register – (International) Stale Blackhole leads to dried-up spam,claim badhat-probers. Trend Micro researchers found that with the Blackhole exploitkit no longer being updated, cybercriminals have turned to other methods for infecting users, with the Upatre exploit kit being a popular replacement and often used to spreadthe Cryptolocker ransomware. Source: http://www.theregister.co.uk/2013/11/12/cryptolocker_rise_blackhole_demise

38. November 12, Softpedia – (International) Reflected and stored XSS flaws found in DLink 2760N routers. A security researcher found and disclosed several stored and reflected cross-site scripting (XSS) vulnerabilities in the Web user interface for D-Lin2760N routers. Source: http://news.softpedia.com/news/Reflected-and-Stored-XSS-Flaws-Found-in-DLink-2760N-Routers-399244.shtml

39. November 12, Dark Reading – (International) New IE vulnerability found in the wild; sophisticated Web exploit follows. FireEye researchers identified a new zero-day vulnerability in Microsoft Internet Explorer 7, 8, and 9 that uses a memory access vulnerability to execute code on computers that access a malicious Web site. A sophisticated exploit using the vulnerability was observed in the wild in a watering holattack on an undisclosed Web site known to bring in visitors interested in national and international security issues. Source: http://www.darkreading.com/vulnerability/new-ie-vulnerability-found-in-the-wild-s/240163814

40. November 8, Wired.com – (International) Power plants and other vital systems are totally exposed on the Internet. A security researcher used a tool to run a scan of the iPv4 address space except for government agencies and universities and found unsecured remote management software running on 30,000 computers, leaving industrial processes and confidential information open to the Internet due to a lack of any security measures. Open virtual network computing systems were found in uses such as factory automation, hydroelectric power plants, agricultural automation, pharmacies, cash registers, and several others. Source: http://www.wired.com/threatlevel/2013/11/internet-exposed /

Communications Sector

41. November 11, Seattle Times – (Washington) Crews find cut in communication line to San Juan Islands. CenturyLink discovered a break in a two-mile-long underwater cable was what caused 9-1-1, landline, and cellphone service interruptions to San Juan, Orcas, and Lopez islands November 5 and resulted in the San Juan County Council declaring a state of emergency. Landline and 9-1-1 service was restored, while full cellphone service continued to be intermittent Source: http://blogs.seattletimes.com/today/2013/11/crews-find-cut-in-communication-line-to-san-juan-islands/