Wednesday, February 15, 2012

Complete DHS Daily Report for February 15, 2012

Daily Report

Top Stories

• The New York Times reported February 10 that supplies of preservative-free methotrexate — a drug essential for treatment of acute lymphoblastic leukemia, lupus, and rheumatoid arthritis — are in danger of running out within weeks. – Everyday Health (See item 25)

25. February 13, Everyday Health – (National) Pending methotrexate shortage may affect thousands of patients. The New York Times reported February 10 that Ben Venue Laboratories, one of the country’s largest suppliers of preservative-free methotrexate, suspended operations at its Bedford, Ohio plant November 2011 due to what the company said were “significant manufacturing and quality concerns.” Methotrexate is one of the most commonly prescribed rheumatoid arthritis drugs. It is also prescribed for lupus and other autoimmune conditions, and in an injectable, preservative-free version, methotrexate is used to treat acute lymphoblastic leukemia (ALL), a type of cancer most often seen in young children. The U.S. Food and Drug Administration (FDA) also stated that the four other firms that produce methotrexate have either slowed or stopped manufacturing the drug, according to a February 10 ABC News report. As a result, many fear supplies of methotrexate are in danger of running out within a matter of weeks. The potential shortfall is of greatest concern to patients with ALL and their families, since methotrexate injection into spinal fluid can keep the cancer from spreading or recurring. The preservative-free form is considered less toxic and thus preferable for this method of administration. The associate director of the FDA’s drug shortages program told the Times the agency is looking for a foreign supplier to provide emergency imports of methotrexate until domestic manufacturers can meet the demand. Source: arthritis/0213/pending-methotrexate-shortage-can-affect-thousands-of-patients.aspx

• Fire raged through the West End business district of Long Branch, New Jersey, February 13, destroying or damaging 10 businesses and 14 apartments before being brought under control. – Ashbury Park Press (See item 39)

39. February 14, Ashbury Park Press – (New Jersey) 10 businesses, 14 apartments burn in Jersey shore fire. Fire raged through the West End business district of Long Branch, New Jersey, February 13, destroying or damaging 10 businesses and 14 apartments before being brought under control. More than a dozen tenants were left homeless and brought to the Long Branch Senior Center, where they were aided by Red Cross officials. Many had been at work, but others had to be evacuated by firefighters. The cause of the multi-alarm fire was undetermined, and fire officials said they did not know in which building the fire started. The cause of the fire was being investigated by the Long Branch fire marshal. Source:|head


Banking and Finance Sector

13. February 13, St. Louis Post-Dispatch – (Missouri) Man believed to be ‘Same Coat Bandit’ charged in Affton bank robbery. A St. Louis man dubbed the “Same Coat Bandit” by authorities was charged February 13 in the February 3 robbery of an Affton, Missouri bank. He was charged with two counts of second-degree robbery. Authorities also suspect the man in three other recent bank robberies in the St. Louis area. The FBI labeled him the “Same Coat Bandit” because he apparently has worn the same tan jacket in each robbery. He is accused of robbing a Regions Bank the afternoon of February 3 when he walked in wearing a tan jacket and a bandana over his face. Police said he approached two tellers and demanded money but did not show a weapon. Authorities have said the “Same Coat Bandit” also robbed a Reliance Bank in Webster Groves, February 8, an Enterprise Bank and Trust in Clayton January 25, and the American Eagle Credit Union in St. Louis January 9. Source:

14. February 13, U.S. Department of Justice – (New York) New York man arrested on identity theft and tax fraud charges. An East Meadow, New York man was arrested February 13 after being charged with identity theft and tax fraud after filing more than 200 false tax returns with the Internal Revenue Service (IRS), the Justice Department and IRS announced. The suspect was named in a federal criminal complaint that alleged he used stolen identification data to file false tax returns to obtain fraudulent refunds. According to the complaint, he filed approximately 200 federal income tax returns from 2004 through 2010 using the identification information of others. The complaint alleges he sought about $4,393,356 in fraudulent refunds over the 6-year period. Source:

For another story, see item 37 below in the Information Technology Sector.

Information Technology

35. February 14, Help Net Security – (International) Twitter turns on HTTPS by default. Twitter recently turned HTTPS on by default for all users. The option to always use HTTPS was made available to users in March 2011, but they had to turn it on for themselves by changing their account settings. Twitter’s very nature and the fact that many users are used to tweeting from unsecured Internet connections meant anyone equipped with the Firesheep Firefox add-on can easily steal their log-in credentials sent via unencrypted HTTP sessions. Source:

36. February 14, Softpedia – (International) Horde FTP server hacked, files maliciously altered. The developers of the popular open source Web mail solution Horde identified a number of manipulated files on an FTP server. They concluded the server was breached, the files stored on it being altered to allow unauthenticated remote PHP execution. “We have immediately taken down all distribution servers to further analyze the extent of this incident, and we have worked closely with various Linux distributions to coordinate our response,” Horde officials said. After the investigation was concluded, the servers were replaced and secured, and the altered files replaced with clean variants. The analysis found three files were manipulated and modified on different occasions, and served to unsuspecting customers for about 3 months. Horde 3.3.12 was manipulated November 15, 2011, Horde Groupware 1.2.10 November 9, 2011, and Horde Groupware Webmail Edition 1.2.10 November 2, 2011. Since the incident was found February 7, users who downloaded the files during this timeframe are advised to immediately reinstall using fresh copies from Horde’s FTP server, or upgrade to more recent versions that have been released since. Horde 4 releases were not affected and neither were the company’s CVSs and Git repositories. The affected Linux distributions will provide notifications and security updates of their own. Users who are uncertain if they are exposed to cybercriminal operations can manually verify whether or not their products were altered by searching for the $m[1]($m[2]) signature in the Horde directory tree. Source:

37. February 13, Computerworld – (International) Google clamps down on its prepaid Google Wallet card on smartphones. Google said it temporarily disabled the provisioning of its prepaid Google Wallet cards used in some NFC-ready phones. The move follows discovery of a vulnerability in Google Wallet described February 8 by security researchers at A second vulnerability for accessing Google Wallet prepaid card funds was outlined by The Smartphone Champ February 9. February 11, the vice president of Google Wallet and Payments said the step was taken as a “precaution until we issue a permanent fix soon.” The move was intended to address “unauthorized use of an existing prepaid card balance if someone recovered a lost phone without a screen lock.” Source:

Communications Sector

38. February 13, Kansas City Star – (Kansas) Copper thief pleads guilty to damaging utility. A Kansas copper thief is looking at a possible 20 years in prison for pulling down power poles to get at the wiring, the Kansas City star reported February 13. His action also caused a southeastern Kansas radio station to go off the air for several hours. He was finally stopped by an armed property owner who caught him trying to steal a copper coupling from his propane tank, prosecutors said. He pleaded guilty February 13 to one count of damaging an energy facility. A second charge of obstructing the national Emergency Alert System by putting the radio station out of commission was dropped. The man stole copper wire September 7 by pulling down an electrical pole belonging to the Heartland Rural Electric Company. That caused a second pole also to fall. And that affected radio station KKOW in Pittsburg, Kansas, whose transmission tower was at the site. Source:

For more stories, see items 36 and 37 above in the Information Technology Sector.