Thursday, February 10, 2011

Complete DHS Daily Report for February 10, 2011

Daily Report

Top Stories

• KRIV 26 Houston reports crews managed to extinguish most of a huge blaze, February 9, a day after several fiery explosion at a petrochemical plant damaged vehicles and equipment. (See item 2)

2. February 9, KRIV 26 Houston – (Texas) No cause released for Mont Belvieu fire. Investigators said they cannot specify the cause of a February 8 petrochemical plant explosion and fire in Mont Belvieu, Texas until the rubble cools down. Crews were able to cut off the fire’s fuel sources overnight at the Enterprise Products Partners plant, a company spokesman told FOX 26 News, but he said they are still battling hot spots. The explosions happened one after another at the plant shortly before 12:30 p.m. The Enterprise facility processes liquid natural gas into chemicals used in plastic and tire manufacturing, as well as a fuel additive. The plant sits atop underground caves that can store up to 100 million barrels of natural gas liquids. The Enterprise spokesman said one person has still not been accounted for since the explosion. “ We have made contact with some of the family members,” he said February 9. The spokesman said damage was limited to vehicles and equipment on plant property. In addition to company investigators, federal investigators from the U.S. Environmental Protection Agency, and the U.S. Occupational Safety and Health Administration are at the site. Source:

• According to the Mineral Wells Index, Parker County, Texas officials are trying to determine whether a spike in chlorine levels in a water tank was caused by the weather or an intentional act. (See item 29)

29. February 9, Mineral Wells Index – (Texas) Parker County officials probe water contamination. Parker County, Texas officials are investigating a water tank contaminated February 6 in Annetta. The question for authorities is whether the contamination was intentional or an accident. After a resident complained her skin was burning in the shower, Hudson Oaks officials discovered a large amount of chlorine was pumped into the water system at Lakes of Aledo subdivision, the Parker County Sheriff’s Office said. Another resident complained of cloudy water. A team of investigators inspected the water tank and the area surrounding it February 8. The sheriff noted possible footprints and two fence boards that could have given access to the tank. He said around 4 p.m. February 6, the water superintendent reported damage to a section of the fence that surrounds the tank. The tank is contracted to provide water to a portion of the Annettas. After the two complaints were logged, employees went back to the tank and found chlorine residual levels were higher than usual, the sheriff said. According to the sheriff’s office, about 12,000 gallons of water were immediately drained. He said the ice storm that hit the county the week of January 31 could have possibly caused the tank to work incorrectly. “It begs the question that if you can put that in the tank, what else can you put in there,” he said. Although the chlorine residual levels were 1.8, the water was safe the entire time, a water operator said. Normally the city’s water runs at 0.8 on chlorine levels, and state officials require chlorine levels to remain at 4 or lower. Source:


Banking and Finance Sector

17. February 8, Fort Worth Star-Telegram – (Texas) 2 bandits sought in up to 10 bank robberies in North Texas. A $25,000 reward was offered February 8 for a team of bank robbers who the FBI described as armed and dangerous and responsible for as many as 10 bank holdups in North Texas. The two men armed with handguns have been known to take over banks and corral employees in restrooms just before leaving the bank, according to the FBI. The reward offered by Bank of America, Wells Fargo, and the Texas Bankers Foundation is for information leading to the arrest and conviction of the two men who have entered banks wearing baggy blue jeans, dark hooded sweatshirts, and masks. FBI officials said the team is responsible for a December 3, 2010, holdup at the Bank of America in Irving; the July 16, 2010, robbery at Bank of America in Dallas; the January 28, 2010, holdup at Bank of America in Dallas; the January 6, 2010, robbery of Resource One Credit Union and six other bank holdups in recent months. The robbers have been seen driving away from a bank holdup in a black sedan with tinted windows, according to an FBI news release. The men are described as either African-American or Hispanic, about 16- to 25-years-old, 5-foot-6 to 5-foot-9, and weighing about 140 to 160 pounds. The robberies are being investigated by the FBI and police departments in Dallas, Cedar Hill, and Irving. Source:

18. February 7, KERO 23 Bakersfield – (California; Nevada) $3.7M embezzled by former bank officer, city councilman. The United States Attorney for the Eastern District of California announced that a 43 year-old male from Ely, Nevada, pleaded guilty February 7 before a United States District Judge in federal court in Las Vegas to embezzling at least $3.7 million from the First National Bank of Ely over about 10 years. Upon discovering the man’s activity, the Bank of Ely promptly reported it to law enforcement and followed up with a thorough internal investigation. The case was extensively investigated by the FBI. They have determined that the man acted alone. Source:

19. February 7, Glen Falls Post-Star – (New York) Former local bank officer convicted of fraud. The former vice president of a bank in Glens Falls, New York, was convicted February 4 of a federal bank fraud charge after a 2-week trial in U.S. District Court in Albany. The 61-year-old male, a former Queensbury, New York resident who lives in Texas, was found guilty of a felony charge related to a fraudulent loan application for $1.6 million. The man was executive vice president of First National Bank of Glens Falls, spending 20 years with the bank from the 1970s until 1992. First National Bank of Glens Falls was purchased by Evergreen Bank and later became part of TD Bank. The case against the former bank vice president centered on a $1.6 million loan a former Queensbury resident took out in 1999 to buy a Texas asbestos abatement company, P.W. Stephens Residential Inc., from a company for which the former bank president worked. Source:

Information Technology

47. February 9, Softpedia – (International) Flash Player security update fixes critical vulnerabilities. Adobe has released a major Flash Player update, which, in addition to several new features, patches critical security vulnerabilities that could allow attackers to compromise computers. The new Flash Player version fixes a total of 13 flaws, all of which could be exploited to crash the application and execute arbitrary code. Ten of the security issues fixed are described as memory corruption vulnerabilities, one as an integer overflow, another as a font-parsing bug and the last as a library-loading weakness. Source:

48. February 9, Softpedia – (International) Critical security update released for Adobe Reader and Acrobat. Adobe has released its scheduled quarterly security updates for Adobe Reader and Acrobat, addressing a large number of critical vulnerabilities. In total, the updates provide fixes for 29 vulnerabilities in Adobe Reader and Acrobat X (10.0), 9.4.1 and 8.2.5 on Windows and Mac. Updates for the UNIX platform are expected around February 28. A number of 23 security issues could be exploited to execute arbitrary code, while an additional 3 might have the same impact, but it has not been demonstrated yet. Two of the remaining vulnerabilities stem from input validation weaknesses that could trigger cross-site scripting conditions, while the last one is a file permissions issue that could be exploited to elevate privileges. Two remote code execution flaws affect only Mac flavor of the products, while the file privilege escalation one is a Windows-only problem. Source:

49. February 9, The Register – (International) Linux vulnerable to Windows-style autorun exploits. A security researcher has demonstrated how it might be possible to perform autorun-style attacks against weakly secured Linux PCs. Windows worms including Conficker and Stuxnet have often spread onto networks after infected USB sticks were plugged into PCs. This has happened automatically in cases where autorun was enabled, as it did in default on older versions of Windows until a change pushed by Microsoft February 8. With autorun-enabled, executable files run with minimal user interaction. The researcher, from IBM’s X-Force security division, showed the issue of autorun causing possible mischief is not (as might have been previously thought) wholly irrelevant to Linux boxes. He developed a demo to show how it might be possible to insert a USB stick with modified code into a Ubuntu PC to get rid of a screensaver without entering a password — and display the user’s desktop. The demo relied on taking advantage of a flaw in GNOME Evince document viewer. Source:

50. February 8, Computerworld – (International) Bug bounty program reveals 22 unpatched flaws, 5 in Office. As it promised in 2010, the world’s biggest bug bounty program released information February 7 about nearly two dozen unpatched vulnerabilities, including five in Microsoft Office, after deadlines expired. The disclosure of 22 bugs — some of them reported to their developers over 2-and-a-half years ago — resulted from a change announced 6 months ago by HP TippingPoint, whose Zero Day Initiative (ZDI) buys more bugs from independent researchers than any other program. Last August, TippingPoint said it would enforce a 6-month disclosure deadline, and would publish information about the bugs it bought if the flaws had not been patched before then. Previously, ZDI’s policy was to indefinitely withhold a vulnerability after reporting it to a vendor, publishing its own advisory only after a patch had been issued. TippingPoint rolled out the first advisories for vulnerabilities whose deadlines had expired February 8. Nine of the 22 flaws were in IBM software, 5 were in Microsoft programs, 4 were in Hewlett-Packard code, and one each affected CA, EMC, Novell, and SCO. Source:

51. February 8, Computerworld – (International) Microsoft delivers ‘big month’ of patches, quashes 22 bugs. Microsoft issued 12 security updates February 8 that patched 22 bugs in Windows, Internet Explorer (IE), Office, and its Internet server software. An analyst suspected one of the updates was released to prevent hackers from exploiting Windows 7 in the Pwn2Own contest slated to start in 4 weeks. “I think this was a strategic move by Microsoft to prevent [researchers] from using the vulnerability as a mechanism to bypass ASLR,” said the director of security operations for nCircle Security, referring to the MS11-009 update that patched a bug in the JScript and VBScript scripting engines within Windows. At Pwn2Own, which runs March 9-11 at the CanSecWest security conference, attackers armed with unpatched vulnerabilities and corresponding exploits will try to hack browsers running on Windows 7. To do so, they must sidestep ASLR — for “address space layout randomization” — one of Windows 7’s two anti-exploit technologies. Three of the 12 updates were labeled “critical,” Microsoft’s most serious threat ranking. The remaining nine were marked “important,” the second-highest rating. Source:

52. February 8, Softpedia – (International) Security update released for Google Chrome 9. Less then 1 week after releasing the first Chrome 9 stable version, Google just pushed out a security update to address several security vulnerabilities in the browser. The new 9.0.597.94 build has been released to the stable channel for all platforms. Starting with Chrome 9, the bundled Flash plug-in runs under the browser’s sandbox, making it much more resilient to remote exploitation attacks. The new version addresses three high- and two medium-risk vulnerabilities, including: A high severity use-after-free memory error in SVG font faces; a stale pointer with anonymous block handling; a separate stale pointer in animation event handling; a failure to terminate process on out-of-memory condition, a bug that carries a medium risk; and an out-of-bounds memory read error in plug-in handling. Source:

Communications Sector

53. February 7, New York Times – (National) Copper prices and incidences of copper theft rise. From Hawaii to Florida, copper thieves have electrocuted themselves and caused electrical and telephone failures and street light blackouts. Many municipalities, which have been hard hit by budget deficits, have been unable to afford repairs. “We believe this is a national security issue,” said the executive director of the Coalition Against Copper Theft, an advocacy group in Washington D.C. that includes telecommunications firms, power companies, and railroads. “The only thing keeping it from being an epidemic is that scrap yards are now scrutinizing the material. But theft is still rampant.” Copper is near an all-time high, which has translated into $4-per-pound prices for scrap copper at salvage yards. The price in 2009 was about $1.25 per pound. “If you watch the price of copper, you notice a correlation between the price and the rate of theft,” said the security director for Frontier Communications, which has seen an increase in thefts of its power and broadband lines in the 27 states it serves. Last month, the FBI said it was planning to update a 2008 report that called theft of copper wire a threat to the nation’s “critical infrastructure.” The American Electrical Power Company in Ohio said it had begun to replace its copper wire with wire that contains less copper and is also more difficult to cut through. The company has also put up signs letting prospective thieves know the new brand of wire is not worth stealing. Source: