Monday, March 31, 2014




Complete DHS Report for March 31, 2014

Daily Report

Details

 • A Louisiana official reported March 27 that more than 5 million gallons of gasoline shipped from ExxonMobil’s Baton Rouge, Louisiana terminal was tainted by something causing valve and intake systems issues for vehicles. – Baton Rouge Advocate

1. March 28, Baton Rouge Advocate – (Louisiana) La. official: Exxon’s bad fuel totals 5 million gallons. Louisiana’s commissioner of agriculture and forestry reported March 27 that more than 5 million gallons of gasoline shipped from ExxonMobil’s Baton Rouge terminal was tainted by something causing valve and intake systems issues for vehicles. The terminal remained closed while authorities continue testing in order to determine the cause of the bad fuel. Source: http://theadvocate.com/news/business/8745898-123/40-or-50-cases-of

 • About 8 million pounds of plastic tubing was damaged by a March 27 fire in a plastic-containing lot at WL Plastics in Mills, Wyoming, causing an estimated $8 million to $10 million in damage. – Casper Star-Tribune

3. March 27, Casper Star-Tribune – (Wyoming) Investigators call in arson specialists for Mills plastic fire; cause remains unknown. About 8 million pounds of plastic tubing was damaged by a March 27 fire in a plastic-containing lot at WL Plastics in Mills, Wyoming, causing an estimated $8 million to $10 million in damage. No injuries were reported and no structures were damaged. Source: http://billingsgazette.com/news/state-and-regional/wyoming/investigators-call-in-arson-specialists-for-mills-plastic-fire-cause/article_95d03be1-d09f-588d-8a97-a5d8f388c1e2.html

 • The Industrial Control Systems Computer Emergency Response Team (ICS-CERT) issued a notice March 27 advising users of 11 Schneider Electric industrial control system products that a patch is available for a stack-based overflow vulnerability in Schneider’s modbus driver. – Threatpost See item 24 below in the Information Technology Sector

 • Researchers discovered a new malware worm that infects systems via an infected Microsoft Word or Excel file and then gathers information on the compromised system. – Help Net Security See item 25 below in the Information Technology Sector

Financial Services Sector

4. March 28, North Andover Eagle-Tribune – (Massachusetts) ‘Massive credit card counterfeiting’ scheme uncovered. A man was arrested in Haverhill March 21 on suspicion of being part of a payment card counterfeiting scheme after he was spotted making several purchases with suspicious cards, which led to a search of his home where police found blank cards and card-making materials. Police also found ID card printers and medical grade security paper that they allege the suspect was using to create counterfeit prescriptions. Source: http://www.eagletribune.com/haverhill/x1387891499/Massive-credit-card-counterfeiting-scheme-uncovered

5. March 27, KXTV 10 Sacramento – (California) ‘Bad Beard Bandit’ arrested for area bank robberies. A Half Moon Bay man was arrested March 27 and is suspected of being the “Bad Beard Bandit” responsible for robbing eight banks in northern and central California between November 2013 and February 2014. Source: http://www.news10.net/story/news/local/manteca/2014/03/27/bad-beard-bandit-bank-robber-arrest/6977439/

Information Technology Sector

24. March 28, Threatpost – (International) Critical vulnerabilities patches in Schneider Electric serial modbus driver. The Industrial Control Systems Computer Emergency Response Team (ICS-CERT) issued a notice March 27 advising users of 11 Schneider Electric industrial control system products that a patch is available for a stack-based overflow vulnerability in Schneider’s modbus driver. The vulnerable driver is used in a variety of industries, including energy, nuclear power, government facilities, transportation systems, and dams. Source: http://threatpost.com/critical-vulnerabilities-patched-in-schneider-electric-serial-modbus-driver/105100

25. March 28, Help Net Security – (International) Uncommon new worm targets Word and Excel files. Researchers at Trend Micro discovered a new malware worm known as Crigent that infects systems via an infected Microsoft Word or Excel file, communicates with a command and control (C&C) server via TOR and Polipo to obscure traffic, and then gathers information on the compromised system. The worm then changes other Word and Excel files on the infected system to older file formats and uses them to attempt to spread itself to other systems. Source: http://www.net-security.org/malware_news.php?id=2748

26. March 28, Softpedia – (International) Cybercriminals hijack WordPress websites with free premium plugins. Sucuri researchers found that several premium WordPress plugins available for free on some Web sites contain code that allows the plugins’ creator to create a new administrator account and gain control of WordPress sites that use the free premium plugins. Source: http://news.softpedia.com/news/Cybercriminals-Hijack-WordPress-Websites-With-Free-Premium-Plugins-434616.shtml

27. March 27, SC Magazine – (International) WinRAR spoofing vulnerability being exploited in malware campaign. A vulnerability in the WinRAR .zip file compressor identified by a security researcher was seen in a malware campaign targeting government, international, and business organizations. IntelCrawler researchers spotted the campaign, which uses the vulnerability to disguise the contents of .zip files, and found that a Zeus-like trojan is being used to establish remote administration channels and collect information. Source: http://www.scmagazine.com/winrar-spoofing-vulnerability-being-exploited-in-malware-campaign/article/340135/

28. March 27, U.S. Consumer Product Safety Commission – (International) Lenovo recalls battery packs for ThinkPad notebook computers due to fire hazard. Lenovo announced a recall March 27 of about 37,400 battery packs for ThinkPad notebooks in the U.S. and Canada due to an issue that can cause them to overheat, posing a fire hazard. Source: http://www.cpsc.gov/en/Recalls/2014/Lenovo-Recalls-Battery-Packs-for-ThinkPad-Notebook-Computers/

Communications Sector

Nothing to report