Department of Homeland Security Daily Open Source Infrastructure Report

Monday, October 20, 2008

Complete DHS Daily Report for October 20, 2008

Daily Report


 According to the Associated Press, federal safety officials have found several passenger aircraft engines with damaged and missing parts and urged the Federal Aviation Administration on Thursday to order inspections of all similar engines. The engines are a commonly used model made by Pratt & Whitney and are on a large number of Boeing 757 planes. (See item 15)

15. October 16, Associated Press – (National) Jet engines found with damaged, missing parts. Federal safety officials have found several passenger aircraft engines with damaged and missing parts and urged the Federal Aviation Administration (FAA) on Thursday to order inspections of all similar engines. The engines are a commonly used model made by Pratt & Whitney and are on a large number of Boeing 757 planes. The problems were cited by the National Transportation Safety Board in a letter urging the FAA to order inspections of the engines. “Information gathered to date has raised serious concerns that warrant immediate action by the FAA,” the safety board wrote to the FAA’s acting administrator. The safety board began examining the Pratt & Whitney engines after a Delta Air Lines flight experienced a loss of power early in a takeoff attempt from Las Vegas, Nevada, in early August. The pilot slowed the aircraft and returned to the parking area. There were no reported injuries. Source:

 The Associated Press reports that a packaged “incendiary device” exploded in a suburban St. Louis, Missouri, parking garage on Thursday, injuring the man who picked it up, rocking an office high-rise, and forcing hundreds of people to evacuate. (See item 41)

41. October 16, Associated Press – (Missouri) ‘Incendiary device’ disrupts day near St. Louis. A packaged “incendiary device” exploded in a suburban St. Louis parking garage on Thursday, injuring the man who picked it up, rocking an office high-rise and forcing hundreds of people to evacuate. The parking garage is shared by an office building and a residential building. No damage was apparent from outside the complex. Buildings were evacuated, leaving several hundred people to mingle for hours on a lawn. A nearby Ritz-Carlton hotel was among the emptied buildings in Clayton. The busy, well-to-do suburb is the seat of St. Louis County and home to many of the region’s biggest law firms, financial offices and other white-collar businesses, as well as posh hotels and restaurants. Searches of nearby buildings did not turn up any additional devices through late afternoon. Source:


Banking and Finance Sector

11. October 17, – (International) FBI smashes online credit card ring. The U.S. Federal Bureau of Investigations (FBI) has concluded a two-year investigation into an online market for stolen credit card data behind millions of dollars worth of fraud. The Dark Market forum was buying and selling stolen financial information, including credit card data, log-in credentials (user names and passwords), as well as equipment used in carrying out certain financial crimes. The FBI operation, carried out in conjunction with the U.K.’s Serious Organized Crime Agency and other law enforcement agencies around the globe, has resulted in 56 arrests. However, the FBI believes that there may have been as many as 2,500 regular forum members. “In today’s world of rapidly expanding technology where cyber-crimes are perpetrated instantly from anywhere in the world, law enforcement needs to be flexible and creative in its efforts to target these criminals,” said FBI cyber division assistant director. “By joining forces with our international law enforcement counterparts we have been, and will continue to be, successful in arresting those individuals and dismantling these forums.” The FBI estimates that it has protected bank accounts and credit lines worth $70 million by shutting down the forum, and that the investigation has spawned new leads and investigations that will also be followed up. Source:

12. October 17, Reuters – (National) Lehman executives including Fuld subpoenaed. Prosecutors have subpoenaed a dozen executives of Lehman Brothers Holdings Inc. including its chief executive in connection with three grand jury probes investigating the fall of the investment bank, the New York Post reported. Source:

Information Technology

36. October 17, – (International) Expert warns of new Mac malware. A new rogue security application for the Mac could be on the way, according to one industry executive. Sunbelt Software chief executive revealed that researchers at his company had uncovered a web site advertising a product known as ‘MacGuard’. The product claims to offer spyware and antivirus protection, as well as the ability to remove adware and block phishing attacks on OS X systems. No downloadable software has been found on the site, but the Sunbelt executive is urging users to remain vigilant. The group believed to be behind the site also distributes ‘Antivirus XP 2008’ and ‘XP Antivirus’, a pair of rogue Windows security applications. If the MacGuard application does turn out to be a rogue security attack, it will mark another incident in a small but growing crop of Mac malware releases. Source:

37. October 17, – (International) Fresh Facebook malware attack spotted. Security experts are warning users and administrators of a new crop of Facebook malware. F-Secure said in a recent blog posting that the company has tracked down a number of pages on the social networking site which attempt to infect users by promising free videos. The new attacks propagate by way of a malicious worm which hijacks Facebook information. The user is sent a message from an infected friend which promises a link to a YouTube video. On clicking the link, the victim is directed to a third-party site which scans the user’s operating system. Once landing on the attack page, users are prompted to download what purports to be an updated version of Flash which is needed to view the file. The would-be installer, however, simply delivers the malware payload in what is known as a ‘fake codec’ attack. The malware package installs and launches a new copy of the worm which then scans the user’s system for Facebook cookies and uses the information to send new attack messages to the victim’s friend list. Security on Facebook has become a growing concern of late. In addition to its use as a means for spreading malware, researchers have suggested that the site could also be used as a platform for denial-of-service attacks on third-party sites. Source:

38. October 16, – (International) Warezov Botnet is back in the spam game. SecureWorks is reporting that the Warezov botnet is back spewing spam — this time using compromised Hotmail accounts. Whoever is behind the spam campaign has defeated Microsoft Hotmail’s CAPTCHA system and is part of a trend security researchers call “reputation hijacking.” The activity highlights a disturbing trend among spammers known as “reputation hijacking.” In its recent “E-mail Trends Security Report,” security vendor Commtouch noted spammers are increasingly capitalizing on the good reputations of established sites and senders to bypass reputation-based e-mail defenses. It’s unclear just how CAPTCHA was defeated in this case, but it is commonly known the system has been beaten by spammers via optical character recognition or human “account farming” operations, director of malware research at SecureWorks, wrote in a posting on the company’s Web site. In light of how spammers are defeating CAPTCHA, the best defense for Webmail providers is a multipronged approach such as limiting how many messages per hour a particular account can send or how fast one IP address can register accounts. Source:

Communications Sector

39. October 16, Internet News – (National) Jeers, cheers over FCC white space report. The Federal Communications Commission’s (FCC) Office of Engineering Technology released a 149-page technical report Wednesday detailing its tests for the use of unlicensed white space within the broadcast spectrum and said it found no major interference problems. The expected approval of the spectrum’s use by the FCC at its next meeting in November could help usher in a new generation of gadgets and connected devices using faster networks. The vacant spectrum will be created as broadband analog spectrum is converted to digital next year. Technology companies such as Google and Microsoft have lobbied for using the “white spaces” for wireless devices. While the Wireless Innovation Alliance said it is delighted that the report indicates no interference issues related to white space use, the National Association of Broadcasters questioned whether support for white space devices is contradicted by key findings in the FCC’s report. Source:

40. October 16, Central Penn Business Journal – (Pennsylvania) Verizon expands FiOS network in Central Pa. Verizon Communications Inc. today announced the expansion of its fiber-optic network (FiOS) in Central Pennsylvania. The company will add 11 municipalities in Cumberland, Dauphin, and York counties where the service and bundling packages will be available to businesses and consumers. Verizon Pennsylvania is a division of New York City-based Verizon. The company spent the past several years laying fiber-optic cable around the region. The president and chief executive officer of the Harrisburg-based Technology Council of Central Pennsylvania said Verizon’s presence will increase competition and should help expand infrastructure and technology in the region while lowering prices. Businesses and consumers will benefit from the competition through better service. Source: