Apparently some individuals are trying to retrieve copies of DHS reports that are more than 10 days old. DHS only retains the last 10 days…no more. Please read the header above to learn how to obtain older reports.

Friday, October 15, 2010

Complete DHS Daily Report for October 15, 2010

Daily Report

Top Stories

•Associated Press reports that a nasty-smelling chemical cloud was released from a manufacturing company in Olyphant, Pennsylvania October 13, sending about 30 people tohospitals and prompting schools to lock down. (See item 6)

6. October 13, Associated Press – (Pennsylvania) Chemical cloud In NE Pa. sends dozens to hospital. A nasty-smelling chemical cloud was released from a manufacturing company in Olyphant, Pennsylvania October 13, sending about 30 people to hospitals and prompting schools to lock down. The Olyphant police chief said victims reported feeling faint or nauseous and their throats irritated or eyes burning. The assistant fire chief said the cloud came from Insituform Technologies, which makes products to seal water and sewer lines. The Olyphant Borough Council president said according to the company, the chemicals are not toxic. A patrol officer said he noticed the cloud and drove toward it. He said it was 200 to 300 feet in the air, shaped like a cumulus cloud, and “moved down the valley like a great big fog.” Nearby schools in the Mid Valley School District were locked down but not evacuated, and dismissed as normal. By 5 p.m. the scene was mostly cleaned up by hazardous materials crews. Source:

•Microsoft blamed human error after two computers on its network were hacked and then misused by spammers to promote more than 1,000 questionable online pharmaceutical Web sites, according to IDG News Service. See item 48 below in the Information Technology Sector


Banking and Finance Sector

13. October 13, Computerworld – (National) Financial services firm turning to a private cloud. Munder Capital Management, a Birmingham, Michigan-based firm that manages $13 billion in assets, is turning to a private cloud after determining public cloud technologies are not yet ready to meet its needs. A network operations and virtualization engineer at Munde said the firm felt public clouds are not yet a good option because of regulatory issues around the control of data, a lack of adequate service level agreements with cloud providers, and an absence of standard agreements that “allow freedom of movement between providers.” The engineer also cited a lack ofIT control when a company relies on public cloud services. “We really don’t want to be in a position to have to shrug and say ‘I don’t know’ when a system is running slowly,” he said at the Storage Networking World conference. Munder decided to create “a private cloud that has many of the same characteristics of a public cloud but with much higher control, security and availability,” the engineer said. Research firm IDC projects the cloud computing market will grow from $23 billion today to about $55 billion in 2014, but much of the growth so far has been in new hosted services, an IDC analyst said. Source:

14. October 13, Associated Press – (Kansas) Kansas banker pleads guilty to stealing $1 million. A northeast Kansas banker has admitted that he conspired to steal $1 million from the bank he managed. A U.S. attorney said the 50-year-old suspect pleaded guilty October 12 to stealing the money from Countryside Bank, formerly Meriden State Bank in Meriden, Kansas. The suspect admits the crimes began in 1999, when he created several private business enterprises. He was fired in 2003 when the Kansas Banking Commission determined the bank was in debt. Prosecutors said when the suspect became aware that the FBI was investigating, he liquidated or concealed his assets and bought a yacht with a plan to flee to Panama. Source:

15. October 13, South Florida Sun Sentinel – (Florida) Robbers strike four South Floridabanks in 2 days. During a 25-hour span during the week of October 11-15, robbers hit four South Florida banks. The mini-crime spree capped what appeared to be a busy season of bank heists over the past 3 months. Preying on local institutions have been crooks with such colorful monikers as Boca Raton’s Brazen Bandit; the Sundown Bandits, who since Christmas Eve have hit six banks from Boca Raton to Miami; or theOld Man Bandit, who is serving 13 years for 21 bank jobs over 22 months from Boynton Beach to Miami-Dade. Then there was the motorcycle-in-the-lobby caper last month in West Palm Beach, an apparent inside job. And also the two, rare female bank robbers, whose heists both failed. Source:

Information Technology

45. October 14, The Register – (International) Former White House advisor wants cybercrime haven crackdown. A former White House security advisor has urged a crackdown on rogue states that serve as a “safe haven” for cybercrime, along with a fundamental rethink of Internet architectures. He told delegates to the RSA Conference in London, England that Western law enforcement officials often fail to get the help they need when after they track back the source of cyber attacks to countries such as Moldova, Russia, and Belarus in eastern Europe. “These countries are international cyber-sanctuaries for crime,” he said. He said “renegade” countries need to be pressured into acting on cyber-criminals through a process akin to the way in which countries who tolerated the laundering of drug profits through their banking system were brought into line. The former security adviser argued that a fundamental rethink on Internet architectures was needed in order to limit cybercrime and related problems, such as economic espionage. “Spending more money on firewalls, anti-virus and intrusion prevention is just throwing more good money after bad,” he said. “The money spent to develop the next version of the X-box would be better spent on the next protocol for the Internet.” Source:

46. October 14, SC Magazine UK – (International) Vulnerability disclosure gap causes cyber crime opportunity, as CTO calls for vendors to cooperate on patch releases. Vulnerability disclosure is causing a cyber crime opportunity gap between the revelation and the time taken to issue a patch. An SVP international at Lumension said that the release of 130 vulnerability patches across several platforms “is like giving gold dust to the hacking community.” He said: “The moment a vulnerability is disclosed cyber criminals get to work developing exploit code to take advantage of the identified holes. With the significant number of holes identified on the same day, businesses will be racing against time to fix them all.” Speaking to SC Magazine the week of October 11, the CTO of Qualys called on IT administrators and managers to lobby vendors, such as Adobe and Oracle, to move their patching schedules on to the Windows update. He said that when there is a new vulnerability to be patched, people are not aware of it and companies should map out their need, rule out what they do not need, and if there is a big vendor patch out, to be prepared. Source:

47. October 13, BBC News – (International) Facebook offers temporary log-ins for public computers. Facebook is launching one-time passwords in an effort to make it safer to log on to the social network from public computers. It also claims the system will help prevent cyber-criminals accessing users’ accounts. Users need to text the words ‘otp’ to 32665 and they will be sent a temporary password that will expire after 20 minutes. But security experts questioned whether the system was safe. “If someone else is able to gain access to your phone then that’s an open door for mischief-makers to access your Facebook account,” said a senior technology consultant at security firm Sophos. It may also not be a foolproof method of avoiding Facebook hackers. “A temporary password may stop keylogging spyware giving cybercriminals a permanent backdoor into your account, but it doesn’t stop malware from spying upon your activities online and seeing what’s happening on your screen,” he said. Users of the system must have a mobile phone number registered to their account, which could also open the system up to exploitation, he thinks. Source:

48. October 13, IDG News Service – (International) Human error gave spammers keys to Microsoft systems. Microsoft blamed human error after two computers on its network were hacked and then misused by spammers to promote questionable online pharmaceutical Web sites. Microsoft launched an investigation October 12, after the problem was first reported in The Register. After they were compromised, the two servers were to handle the DNS of more than 1,000 fraudulent pharmaceutical Web sites, according to the managing member of network security software vendor Infinite Monkeys. He discovered the hacked Microsoft systems late the week of October 4. The devices that got hacked were “network devices that run a Linux kernel,” Microsoft said October 13 in a statement. “Those devices have been removed.” No customer data or production systems were affected by the attack. At least one of the Microsoft computers was also used to launch a denial of service attack against, the Web site’s security blogger said October 13. He believes Russian-based pharmaceutical spammers were behind the attack on his site. Source:

49. October 13, CIO – (International) Blog: RIM patches another flaw in BlackBerry Enterprise Server. Research In Motion October 12 released an “interim security update” for BlackBerry Enterprise Server (BES) 5.0 Service Pack 2 for Microsoft Exchange and IBM Lotus Domino due to a vulnerability that could have potentially allowed a hacker or other malicious person access to organizations’ BES infrastructure. That flaw could have also been used to execute denial of service attacks, according to the BlackBerry-maker. It affects not just the full version of BES, but the free BES Express, as well. The BES security flaw is ranked “high severity.” RIM advises BES administrators to update their BES 5.0.2 software for Exchange and Lotus Domino immediately, but to do so with caution, since performing the update process incorrectly can lead to additional issues. Source:

50. October 13, IDG News Service – (International) Microsoft will look to courts for botnet takedowns. Microsoft has seen a dramatic drop in the number of computers infected with Waledac. In the second quarter of this year, the company cleaned only 29,816 computers infected with Waledac, down from 83,580 computers in the first quarter of the year. Microsoft published the statistic in its latest biannual Security Intelligence Report released October 13. The drop in the number of infected machines shows the success of the legal action Microsoft took earlier in the year, said the general manager for Microsoft’s Trustworthy Computing group. In other civil summons documents, Microsoft named 27 “John Does” who had registered the bad domains. But most of the 276 domains used to control Waledac were registered through registrars in China. Source:

51. October 12, DarkReading – (International) Tougher data protection laws could force businesses to rethink compliance. Data protection laws are expanding worldwide and cracking down on the way businesses protect electronic information, said a new report published the week of October 11. “A New Era of Compliance: Raising the Bar for Organizations Worldwide,” written by RSA and the Security for Business Innovation Council (SBIC), analyzes how new legislation and more legal muscle behind regulations are forcing businesses to change how they approach compliance. The report highlights how tougher enforcement, more data breach notification laws emerging around the globe, more prescriptive regulations, and increasing requirements for making enterprises responsible for the security of their data even when a business partner handles it are requiring businesses to look at compliance as a strategy, not just a necessary evil. In the report, the SBIC offered several recommendations for enterprise security teams in what it calls a new era of compliance. Source:

Communications Sector

52. October 13, Federal Computer Week – (International) Five countries sign on to DNSSEC. Five country code top-level domains for countries in Latin America and the Caribbean have been digitally signed to enable use of the Domain Name System Security Extensions (DNSSEC). The signing on October 5, done by Afilias Ltd. of Dublin, Ireland a provider of Internet registry and back-end services, will enable validation of DNS query responses. It is part of an effort by the company to deploy DNSSEC to 13 top-level domains by the end of the year. “Rolling out DNSSEC is critical to the future of the Internet,” said Afilias’ director of strategic partnerships and technical standards. This month’s signings bring the total to 53, among about 300 top-level domains, that have been signed or are experimenting with DNSSEC. The country code domains that have recently been signed are .ag, used by Antigua and Barbuda; .bz, Belize; .hn, Honduras; .lc, St. Lucia; and .vc, St. Vincent and the Grenadines. Source:

53. October 13, Visalia Times-Delta – (California) Verizon phone service out in parts of Tulare County. Verizon Wireless reported phone line problems that could be causing phone service outages — including the ability to call 911 — in several Tulare County, California communities. Affected communities include Alpaugh, Strathmore, Lindsay, Exeter, Lemon Cove and nearby areas, according to an e-mail sent out at 3:31 p.m., October 13 by the Tulare County Fire Department. “Any residents that have phone service through Verizon [in these areas] do not have access to the 911 system at this time,” and it was not clear how long it would take to fix the problems, the fire department reported. Source:

For another story, see item 48 above in the Information Technology Sector