Tuesday, September 13, 2011

Complete DHS Daily Report for September 13, 2011

Daily Report

Top Stories

• Waters that brought catastrophic flooding to eastern Pennsylvania caused 10 water and sewage treatment plants to fail, exposing residents to millions of gallons of toxic raw sewage. – NBC Philadelphia (See item 36)

36. September 9, NBC Philadelphia – (Pennsylvania) Flood water is full of sewage. Waters that brought catastrophic flooding to the eastern half of Pennsylvania the week of September 5 are also exposing residents to raw sewage and even ammonia, authorities reported. “A total of 10 water and sewage treatment plants failed, which means the water in the streets is toxic," the governor said in a press release September 8. The governor’s press office told NBC Philadelphia September 9 that 26 sewage treatment plants were affected statewide, 14 of which had been shut down. The Berks County sewage treatment plant in Heidelberg Township was swamped under several feet of water from the swollen Tulpehocken Creek, the Reading Eagle reported. The plant was shut down September 7, which means raw sewage was dumped into the creek. A 42-inch sewer main in Reading sprang a leak after Hurricane Irene hit, dumping 16.2 million gallons of raw sewage into the Schuylkill River, though state department of environmental protection officials said the city dumped 72 million gallons into the river. Bloomsburg experienced its worst flooding in a century along the Susquehanna River. In addition to raw sewage threats, a fire chief from Bloomsburg told the Associated Press that there was an ammonia leak at a food manufacturer. Source: http://www.msnbc.msn.com/id/44458585#.Tm4a1-xQhDg

• Authorities are trying to locate 14,000 rounds of ammunition missing from Fort Bragg in Cumberland County, North Carolina. – CNN (See item 42)

42. September 10, CNN – (North Carolina) 14,000 rounds of ammunition missing from Fort Bragg. Authorities are trying to locate 14,000 rounds of ammunition missing from Fort Bragg in Cumberland County, North Carolina, CNN reported September 10. The ammunition went missing from the 1st Brigade Combat Team at Fort Bragg, a staff sergeant said. The missing ammunition can be used in the M-4 and M-16 assault rifles. Someone alerted Fort Bragg leadership about the missing items September 7, he said. After the report, the 1st Brigade team, about 3,500 people, was placed on lockdown during an initial investigation, he said. The ammunition was not found and the lockdown was lifted the same day. "The incident is currently under investigation and all appropriate measures are being taken to locate the small arms ammunition that was discovered missing on September 7," a spokesman for the 82nd Airborne Division said. Source: http://www.cnn.com/2011/US/09/09/north.carolina.ammunition/index.html?hpt=us_c2


Banking and Finance Sector

16. September 12, Softpedia – (International) E-mail addresses and passwords stolen after BitCoin forum hack. A flaw in the Bitcointalk forum was taken advantage of by a hacker and used to gain access to passwords, e-mail addresses, and personal messages belonging to members, Softpedia reported September 12. The BitCoin Web site was also hacked earlier in 2011 and private information was leaked as a result. The Web site was hit more than a week ago, during which time the attacker could freely roam and steal anything. Bitcointalk administrators only realized the site was compromised after the hacker began adding JavaScript codes. The hacker launched a SQL injection to exploit a vulnerability where the forum software did not correctly handle the escape characters found in username details. The password hashing process was made by using the Secure Hashing Algorithm (SHA-1), which experts recently discovered as being more ineffective than initially presumed. The attacker managed to hijack the account of one of the administrators, after he made a donor account that allowed him to change usernames. With the use of administrator privileges, he was able to inject PHP code by making modifications to one of the forum's style templates. Bitcointalk representatives claim the accounts overtaken or created in the process were identified, along with a series of IP addresses. Source: http://news.softpedia.com/news/Email-Addresses-and-Passwords-Stolen-After-BitCoin-Forum-Hack-221187.shtml

17. September 11, Arizona Daily Independent – (Arizona) Phoenix man indicted on $6.3 million ponzi scheme targets seniors. The Arizona Daily Independent reported September 11 that a 52-year-old man from Phoenix was arraigned on an indictment charging him with 67 felony counts related to his sale of $6.3 million in fraudulent Certificates of Deposit (CDs) sold primarily to senior citizens living in Arizona. The indictment alleges the man defrauded investors by selling them fictitious CDs, while also falsely claiming he was a broker with the Federal Deposit Insurance Corporation (FDIC), and that the CDs were FDIC insured. He used investor funds for personal expenses and to make "interest" payments on the fictitious CDs sold to other investors. Each of the 17 investors named in the federal indictment lost between $125,000 and $1.4 million. Source: http://www.tucsondailyindependent.com/2011/09/phoenix-man-indicted-on-63-million.html

18. September 9, NewJerseyNewsroom.com – (New Jersey; California) Error coins stolen by ex-mint employee from New Jersey. A former U.S. Mint police officer pleaded guilty September 8 in federal court in New Jersey to stealing $2.4 million worth of "error" coins and selling them to a coin distributor in California. The former officer was a 15-year employee of the Philadelphia Mint at the time of his arrest. He admitted that during 2007, he took several small bags to the coining area, where Presidential $1 coins were made, and took coins with the missing edge lettering, knowing collectors would deem the coins more valuable because they were “mint errors,” according to a U.S. attorney. Prosecutors said the man then smuggled the error coins out of the Mint where he shipped them to a coin distributor in California from a Rio Grande post office or the FedEx location in Egg Harbor Township. He admitted to receiving about $2.4 million for the coins, which he later deposited into his Police and Fire Federal Credit Union account. The convict also failed to report, or under-reported his tax liability from the sale of the coins for tax years 2007 and 2009, which amounted to nearly $801,651. Source: http://www.newjerseynewsroom.com/economy/error-coins-stolen-by-ex-mint-employee-from-new-jersey

19. September 9, Las Vegas Review-Journal – (Arizona) Former bank execs settle with FDIC for $20 million each. Former executives of First National Bank of Arizona settled a lawsuit September 9 brought by the Federal Deposit Insurance Corp. (FDIC), alleging the two "sacrificed safety" and promoted risky loans that caused the bank's failure. The two former executives agreed to settle for $20 million each while denying all allegations in the FDIC's complaint. The executives were insured through Lloyd's of London, which denied coverage of the settlement and legal fees. As part of the settlement, they and other former First National Bank of Arizona officers and directors agreed to let the FDIC have the right to pursue all future claims against Lloyd's of London. Source: http://www.lvrj.com/business/former-bank-execs-settle-with-fdic-for-20-million-each-129565578.html

Information Technology Sector

44. September 12, Softpedia – (International) Linux Foundation servers offline after security breach. After the intrusion on Kernel.org, two other Linux Foundation Web sites were attacked, leaving personal information belonging to users at the mercy of hackers. Members of the Linux.com and LinuxFoundation.org Web sites received an e-mail from the organization, informing them about a discovered breach in their systems September 8. Foundation representatives made the decision of shutting down their sites, “in the interest of extreme caution and security best practices.” Services and programs such as Linux.com, Open Printing, Linux Mark, and Linux Foundation Events will not be functioning for a certain period of time as they are in the process of being restored. It appears Linux kernel or its code repositories were not affected by the recent hits, but they are still taken down for maintenance after the attacks discovered August 28. The statement released on the temporary page advises members to change any password that might have been obtained by the attackers. Source: http://news.softpedia.com/news/Linux-Foundation-Servers-Offline-After-Security-Bre...

45. September 12, IDG News Service – (International) GlobalSign set to reopen Tuesday despite Web server hack. GlobalSign planned to bring its certificate-issuing systems back online September 12, and resume business September 13, it said the weekend of September 10 and 11. The U.S. certificate authority (CA) stopped issuing new SSL certificates September 6 to audit its security, after being named as a target by the hacker who claimed to have attacked Dutch CA DigiNotar. The server hosting GlobalSign's Web site was breached, the company said September 9. The server was isolated from other infrastructure related to certificates, the company said. On September 11, the company confirmed its plan to bring system components back online September 12 in a sequenced start-up, but said customers were unlikely to be able to process orders until the morning of September 13. It said there was no further evidence of breach other than the isolated Web server. However, it continued to monitor all activity to all services closely as an additional precaution, it said. All forensics are being shared with the authorities and other CAs to assist with their own investigations into other potentially related attacks, GlobalSign said. It did not specify who the attacker was. The company has employed security firm Fox-IT to investigate. Source: http://www.computerworld.com/s/article/9219914/GlobalSign_set_to_reopen_Tuesday_despite_web_server_hack

46. September 10, H Security – (International) Apple releases updates for DigiNotar SSL debacle. Apple released a security update for Mac OS X Snow Leopard (10.6.8) and Lion (10.7.1) that removes trust from the certificate authorities (CAs) operated by DigiNotar after the CA was compromised. Apple has joined Mozilla and Microsoft in removing DigiNotar from their lists of trusted root certificates and EV certificate authorities. The update, labeled "Security Update 2011-05", also modified the default trust system configuration so no DigiNotar certificates, including those issued by other authorities, are trusted. The Apple update still leaves the iPhone, iPad, and other iOS devices unprotected from the man in the middle attacks which have, to date, centered on Iranian Internet users. There is also no update for the older Leopard release of Mac OS X, 10.5, which is the last version that ran on PowerPC-based Macs. Source: http://www.h-online.com/security/news/item/Apple-releases-updates-for-DigiNotar-SSL-debacle-1340601.html

47. September 9, IDG News Service – (International) Google apologizes for Docs outage. A software upgrade that went wrong caused parts of the Google Docs cloud-hosted office productivity suite to go offline for an hour September 7, a situation the company is taking steps to prevent. The outage made word processing document lists, documents, drawings, and Apps Scripts unavailable to most Docs users, including people who use the software for work. Apparently, presentations and spreadsheets were not affected. Changes made to improve real-time collaboration capabilities in the suite triggered an unexpected memory management bug, which in turn tripped the system. Source: http://www.computerworld.com/s/article/9219887/Google_apologizes_for_Docs_outage

Communications Sector

48. September 12, Latham Business Review – (New York) Irene aftermath: damaged antenna knocks WEXT-FM off air. WEXT-FM, 97.7, Amsterdam in New York is off the air indefinitely as a result of damage caused to its antenna from Tropical Storm Irene, and flooding of a nearby National Grid substation, the Latham Business Review reported September 12. WEXT’s senior vice president said immediately following Tropical Storm Irene, the station broadcast intermittently. The station has been on the air for 4 years and has 25,000 daily listeners. The station is operated by WMHT Educational Telecommunications. “We suspected we had antenna damage, but we weren’t able to physically get onto the tower until this past Friday,” he said. He said the damage to the antenna ”is beyond repair." Source: http://www.bizjournals.com/albany/news/2011/09/12/irene-aftermath-damaged-antenna.html

49. September 12, South Carolina Island Packet – (South Carolina) AT&T service disrupted in northern Beaufort County. Problems with several AT&T cell towers disrupted cellphone service September 11 in several northern Beaufort County communities in South Carolina. Repairs were under way September 12, but it was not clear how long they would take, an AT&T spokesman said. Affected communities include the city of Beaufort, Port Royal, and Burton. Several towers along Interstate 95 and U.S. 21 were also not working properly, he said. Service problems were confined to cell signals, he said. Source: http://www.islandpacket.com/2011/09/12/1789188/att-service-disrupted-in-northern.html

For another story see item 46 above in the Information Technology Sector