Monday, March 12, 2012
Complete DHS Daily Report for March 12, 2012
Daily Report
Top Stories
• Cleanup efforts began March 9 along Interstate 70 near Eagle, Colorado, after a tanker spilled 7,200 gallons of diesel fuel, closing all lanes for several hours. One lane in each direction will remain closed during the day until at least March 13. – Associated Press
2. March 9, Associated Press – (Colorado) Cleanup of oil tanker crash could slow I-70 traffic near Eagle through at least Tuesday. Cleanup efforts began along Interstate 70 near Eagle, Colorado, after a tanker spilled 7,200 gallons of diesel fuel following a crash with SUV March 8. All lanes of I-70 were closed for several hours. While some fuel did get on the highway, most of it was contained in the median. The transportation department said environmental crews worked through the weekend of March 10 to excavate soil contaminated by the spill. As a result, one lane in each direction of I-70 will remain closed during the day until at least March 13. Source: http://www.therepublic.com/view/story/866c7716561242d494ec76aedf343218/CO--Fuel-Spill/
• San Antonio Water System crews responded when more than 84,000 gallons of a sewer and rainwater mixture spilled into a green belt March 8. Vandals had wedged a board into a manhole which caused a blockage and spill. – KSAT 12 San Antonio
21. March 9, KSAT 12 San Antonio – (Texas) Vandals cause 84,000-gallon sewage spill. San Antonio Water System (SAWA) crews responded a major sewage spill March 8. SAWS officials said vandals wedged a board into a manhole which caused a blockage that forced a sewer spill into a green belt. Officials said more than 84,000 gallons of a sewer and rainwater mixture spilled into the area. SAWS crews pumped out most of the waste water, but continued to work on the spill into early March 9. SAWS reports no harmful impact on the area. Source: http://www.ksat.com/news/Vandals-cause-84-000-gallon-sewage-spill/-/478452/9266356/-/93aeke/-/index.html
• Two more suspicious letters with non-hazardous powder were delivered in Washington, D.C., March 8, at a school and a restaurant. Law enforcement agencies were investigating possible links between about 20 suspicious letters delivered in six states and Washington, D.C. – WJLA 7 Arlington
30. March 8, WJLA 7 Arlington – (National) FBI investigates suspicious letters delivered to schools, businesses in D.C., 6 states. Two more suspicious letters with powder were delivered in Washington, D.C., March 8, one at Amidon Bowen Elementary and one at Bibiana restaurant. Oyster-Adams Bilingual School evacuated after suspicious letters were found. FBI agents and local law enforcement agencies were investigating possible links between about 20 suspicious letters delivered in Washington, D.C., Texas, Alabama, Massachusetts, Rhode Island, Connecticut, and New York City. The six letters discovered in Washington, D.C.appear to be linked and all of them were tested and are not hazardous, officials said. Bibiana became the third Italian restaurant in Washington D.C. to receive a suspicious mailing with white powder inside. HAZMAT crews removed the letter for testing. March 8, another school received an alarming delivery. Office personnel found an envelope containing white powder at Amidon Bowen Elementary. The envelope was found before students arrived at school. The Washington, D.C. Department of Health and Oyster Adams Bilingual School were evacuated March 7. Before that, two other Italian restaurants were evacuated the week of March 5. A woman on a stretcher was taken out of the Department of Health after a letter containing white powder was found. Just hours before that, the Oyster Adams Bilingual School was evacuated when another letter was found. It contained flour and children returned to school about an hour later. Several schools in the Dallas area, a middle school in Connecticut, an art museum in New York City, a bank in Birmingham, Alabama, and schools in Massachusetts and Rhode Island all received similar letters. Law enforcement sources said, the letters are not addressed to anyone in particular. “We’ll investigate who is responsible, because we can’t have this type of drain on our federal, state, and local authorities and not to mention the panic it causes the community,” said the Chief of the Enfield, Connecticut Police. Source: http://www.wjla.com/articles/2012/03/fbi-investigates-suspicious-letters-delivered-to-schools-businesses-in-d-c-6-states-73553.html
• A medical board that oversees paramedics and other emergency medical services in southern Nevada is exploring the possible use of alternatives in the face of shortages of key medications. The board also voted to extend the expiration dates on eight critical drugs if there is a shortage. – Las Vegas Review-Journal
36. March 8, Las Vegas Review-Journal – (Nevada; National) Drug shortages for paramedics forces review. Alarmed by drug shortages that could affect the lifesaving efforts of paramedics, a medical board that oversees emergency medical services in southern Nevada is exploring the possible use of alternative medications, which would require the re-education of rescue personnel, the Las Vegas Review-Journal reported March 8. The board also voted March 7 to extend the expiration dates on eight critical drugs, giving them a longer shelf life if new supplies are slow in coming. Stressing that ambulances remain well-equipped with the drugs long in use by first responders, the chairman of the medical advisory board of the Southern Nevada Health District said it is being proactive in dealing with a national problem that is affecting both hospitals and emergency medical services. Though the Food and Drug Administration requires manufacturers to conduct studies to determine the stability and shelf life of their products and to label them accordingly, medical advisory boards can legally extend their expiration dates in the interest of public health. Only recently, at a February conference of emergency physicians in Dallas, has it come to light that the problem could extend to paramedics. Source: http://www.lvrj.com/news/drug-shortages-have-medical-board-looking-for-alternatives-142005293.html
Details
Banking and Finance Sector
11. March 9, Sacramento Bee – (California) Coroner identifies man police shot outside Citrus Heights bank. The Sacramento County Coroner’s Office March 8 released the name of the bank robber shot by Citrus Heights, California police. Police said that the man claimed to have a gun and an explosive device when he held up the bank March 7. Police said at about 4:15 p.m., police received a call of a crime in progress at a Union Bank branch. Officers surrounded the bank before the man came out of the building. Feeling threatened, police fired at the man, who was pronounced dead at the scene. Because of the report of an explosive device, police cleared the area and called in the Sacramento County Sheriff’s Department bomb squad. About 7:30 p.m., it was determined there was not an explosive device at the bank. Source: http://www.sacbee.com/2012/03/09/4323718/coroner-identifies-man-police.html
12. March 8, Associated Press – (International) Jury clears way for US to go after $330M in foreign accounts of convicted fraudster. A Texas jury cleared the way March 8 for U.S. authorities to go after $330 million in stolen investor funds sitting in frozen foreign bank accounts controlled by a convicted Ponzi schemer. The jury, which convicted the former tycoon on 13 of 14 fraud-related counts earlier the week of March 5, found there to be sufficient evidence that the money in 29 accounts in Switzerland, Britain, and Canada was some of the more than $7 billion he stole from investors over a period of 20 years. Source: http://www.washingtonpost.com/national/jury-deciding-if-330-million-in-accounts-of-convicted-fraudster-stanford-can-be-seized/2012/03/08/gIQAlYnYyR_story.html
13. March 8, WTVT 13 Tampa Bay – (Florida) Traffic stop uncovers massive credit card theft. Dozens of fake credit cards adding up to thousands of dollars worth of stolen goods and merchandise were found in a car stopped on Interstate 75 in Fort Myers, Florida, March 7. The Lee County Sheriff’s Office said two men from Tampa were using stolen cards. Investigators said the cards could have been used to clean out the accounts of people who had no idea their personal information had been stolen. Deputies pulled over a vehicle on Interstate 75 for illegal window tint and found 43 cloned credit cards, and trash bags filled with cigarettes bought with stolen account numbers. The two men face possession charges for having enough cards to potentially spend $384,000 of other people’s money. Source: http://www.myfoxtampabay.com/dpp/consumer/traffic-stop-uncovers-massive-credit-card-theft-03082012
14. March 8, Associated Press – (California) Guilty plea in LA indie film investment scam. A Los Angeles man pleaded guilty to federal charges saying he was part of a telemarketing scam that solicited more than $9 million for independent films. Federal prosecutors said the man entered the plea Wednesday on one count of conspiracy to commit mail fraud, wire fraud, and the sale of unregistered securities, which carries a 5-year maximum sentence. He is the last of nine defendants in the case to plead guilty. None have been sentenced yet. According to prosecutors, the defendants lied to investors nationwide and falsely promised 1,000 percent returns. The indictment alleges telemarketers for Q Media Assets LLC fraudulently raised about $9 million for a film and a sequel. Source: http://www.sacbee.com/2012/03/08/4323306/guilty-plea-in-la-indie-film-investment.html
Information Technology
37. March 9, Help Net Security – (International) IE 9 hacked at Pwn2Own, Google patches Chrome bugs. After the success they had with attacking Google’s Chrome browser, the team of vulnerability researchers from French firm VUPEN also managed to hack Microsoft’s Internet Explorer (IE) 9 on a fully patched Windows 7 SP1 machine. They managed to bypass the browser’s DEP and ASLR protection with a 0-day heap overflow vulnerability, and then used a separate memory corruption bug to break out of its Protected Mode, which is effectively a sandbox. According to VUPEN’s founder, these particular flows have existed in previous incarnations of the browser — all the way back to IE 6 — and will very likely work on the upcoming IE 10. According to ZDNet, he also said that the memory corruption bug they used is only one of the many vulnerabilities they found that can be used to break out of IE’s Protected Mode, but also admitted the new IE 10 will be much harder to break into, as Microsoft has added new protection mechanisms. If the VUPEN team wins the contest, Microsoft will get its hands only on the information regarding the heap overflow bug. In the meantime, it was confirmed that a security researcher will receive the monetary prize he earned March 8 at the Google-sponsored Pwnium contest. The bugs he used to bypass Chrome’s sandbox were already patched by Google by pushing out a new version of the browser that includes a fix. Source: http://www.net-security.org/secworld.php?id=12569
38. March 9, H Security – (International) Microsoft’s Patch Tuesday will close a critical Windows vulnerability. During the week of March 12, Patch Tuesday will see Microsoft publish a total of six bulletins, including one that addresses a critical vulnerability in all versions of Windows from Windows XP service pack 3 to Windows 7 service pack 1 and Windows Server 2008 R2. The rating means the hole enables attackers to infect a system via the Internet and inject malicious code. Other bulletins will address a privilege elevation flaw which affects the same span of Windows versions. Microsoft also plans to close an important denial of service vulnerability in Windows Server 2003 SP2, 2008 SP2, and 2008 R2. Another bulletin will address a “moderate” denial of service bug which affects Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows Server 2008 R2. Windows developers will find an elevation of privilege flaw in Visual Studio 2008 and 2010 is also addressed. All versions of another development tool, Microsoft Expression Design, will also receive a fix for an important remote code execution flaw in the application. Source: http://www.h-online.com/security/news/item/Microsoft-s-Patch-Tuesday-will-close-a-critical-Windows-vulnerability-1468103.html
39. March 8, Ars Technica – (International) How Anonymous plans to use DNS as a weapon. After engaging in a recent rash of attacks in retaliation for the takedown of file-sharing site Megaupload, the Anonymous’s denial of service tools have not been as active. Disappointed with the current denial of service tools at their disposal, members of Anonymous are working to develop a next-generation attack tool that will, among other options, use the Domain Name System (DNS) itself as a weapon. The scale and stealthiness of the technique, called DNS amplification, is its main draw for Anonymous. DNS amplification hijacks an integral part of the Internet’s global address book, turning a relatively small stream of requests from attacking machines into a torrent of data sent to the target machines. Source: http://arstechnica.com/business/news/2012/03/how-anonymous-plans-to-use-dns-as-a-weapon.ars
Communications Sector
40. March 9, Softpedia – (International) Experts find vulnerabilities in CudaTel 2.0, Barracuda responds. Vulnerability Lab experts identified a number of Web vulnerabilities in Barracuda’s CudaTel Phone Application 2.0.029.1, which is part of the CudaTel Communication Server, an easy-to-use audio-video communication system that is used by businesses worldwide. The founder and chief executive officer (CEO) of Vulnerability Lab identified the high risk security holes that affect Barracuda’s product and their customers. The multiple persistent Input Validation vulnerabilities could be remotely exploited to inject malicious code and manipulate modules by leveraging persistent context requests, even on accounts with fewer user rights. “When exploited by an authenticated user, the identified vulnerabilities can result in information disclosure via error, session hijacking, access to available phone line services, manipulated persistent context execution out of the auto route listings,” Vulnerability Lab said. The vulnerable section was appointed as being the Automated Attendants module, which includes the Advanced Routing extension - NAME & Listing, Auto Attendants - NAME & Listing, and the ALL Types Listing Category sub-modules. The weaknesses were identified on February 19 when they were reported to the vendor. A few days later the company responded, and March 7 a fix was released. March 8, Vulnerability Lab published its findings. Source: http://news.softpedia.com/news/Experts-Find-Vulnerabilities-in-CudaTel-2-0-Barracuda-Responds-257616.shtml
No comments:
Post a Comment