Monday, November 18, 2013

Complete DHS Daily Report for November 18, 2013

Daily Report

Top Stories

 • A punctured Chevron gas pipeline triggered an explosion that led to the evacuation of a nearby Texas town. – Reuters

5. November 14, Reuters – (Texas) Texas town evacuated after gas pipeline explosion. A Chevron liquefied petroleum gas pipeline was punctured by a drilling crew in Milford November 14 and triggered an explosion that led to an evacuation of a nearby town of 700 residents within a 1.5 mile zone. Officials allowed the flare to burn itself out to allow for repairs and expected the evacuation to last through November 15. Source:

 • Pacific Gas and Electric Co. is investigating the cause of a blackout that left nearly 98,000 homes and businesses in Stockton, California, and surrounding areas without power for about 2 hours. – Stockton Record

6. November 13, Stockton Record – (California) Blackout leaves thousands without power. Nearly 98,000 homes and businesses lost power for about 2 hours November 12 from Stockton to Mother Lode. Pacific Gas and Electric Co. crews are investigating the cause of the blackout. Source:

 • A man was found guilty in a charity fraud case where he stole $100 million from the United States Navy Veterans Association. – Associated Press See item 11 below in the Financial Services Sector

 • Estonia agreed to extradite three suspected DNSChanger cybercriminals to the U.S. who were allegedly involved in infecting 4 million computers and fraudulently obtaining over $14 million. – Softpedia See item 30 below in the Information Technology Sector


Financial Services Sector

11. November 14, Associated Press – (National) Jury convicts ex-fugitive in $100M vets charity fraud case. A man arrested in Portland, Oregon, was found guilty November 14 before a court in Cleveland, Ohio, for stealing $100 million from the United States Navy Veterans Association, a charity he ran in Tampa, Florida. Source:

12. November 14, Columbia The State – (South Carolina) RCSD: Nine arrested, 42 sought in massive bank fraud scheme. The Richland County Sheriff’s Department announced November 14 that four alleged ringleaders of a bank fraud scheme were arrested for allegedly recruiting up to 90 others to open bank accounts at Wells Fargo, TD Bank, and Woodforest Bank that were turned over to the ringleaders and used to fraudulently obtain more than $100,000 in bad checks and ATM withdrawals. Source:

13. November 14, Charleston Post and Courier – (South Carolina) Car damages BB&T bank building in Summerville. A BB&T bank branch in Summerville was severely damaged when a car crashed into the building November 14. Source:

14. November 13, Phoenix Business Journal – (Arizona) Credit card processing business owners indicted on fraud, money laundering charges. Four executives and one employees of three Phoenix area credit card payment processing companies were indicted for allegedly misleading customers into signing leases for their services, forging up to 200 business owners’ and managers’ signatures, changing contract terms after clients signed agreements, and then transferring $2.9 million of fraudulently obtained money into personal bank accounts. Source:

Information Technology Sector

26. November 15, Softpedia – (International) Linux machines exposed due to VMware Workstation host privilege escalation flaw. VMware released updates for its VMware Workstation and VMware Player software, fixing a vulnerability in how shared libraries are handled that could allow an attacker to escalate their privileges to root. Source:

27. November 15, Softpedia – (International) Arbor Networks analyzes Athena DDoS malware. Arbor Networks published an analysis of the Athena malware, capable of launching distributed denial of service (DDoS) attacks, stealing information, and downloading other malware. Source:

28. November 15, Softpedia – (International) Google fixes critical Chrome flaw found by expert at Mobile Pwn2Own 2013. Google released an update to its Chrome browser that closes two critical vulnerabilities identified at the Mobile Pwn2Own 2013 competition. An exploit developed by a competitor in the contest leveraged an integer overflow and a bug to achieve full sandbox escape. Source:

29. November 15, Threatpost – (International) Apple iOS 7.04 fixes App Store purchase flaw. Apple released an update for iOS 7, which closes a vulnerability that could allow a user to make app or in-app purchases without entering their password. Source:

30. November 15, Softpedia – (International) Estonia agrees to extradite alleged DNSChanger cybercriminals to the U.S. Estonia agreed to extradite three suspects to the U.S. where they are charged with allegedly being involved in the DNSChanger malware campaign that infected 4 million computers and fraudulently obtain over $14 million. Source:

31. November 14, IDG News Service – (International) Cybercriminals target Silverlight users with new exploit kit. Researchers found that the creators of the Angler Exploit Kit added an exploit for a known Microsoft Silverlight plugin vulnerability to the exploit kit’s capabilities. Source:

32. November 14, WNIJ 89.5 FM DeKalb – (Illinois) Board finds safety “fell through the cracks” in ’09 explosion. A report by the U.S. Chemical Safety and Hazardous Investigation Board report on a 2009 explosion at a NDK Crystal plant in Belvidere, which manufactured artificial quartz for wireless devices and phones, found that the company ignored a safety auditor’s warning and did not meet federal and State regulations at the facility prior to the explosion. The facility has not resumed operations since 2009. Source:

Communications Sector

Nothing to report