Friday, August 4, 2012
Daily Report
Top Stories
• Toyota announced the recall August 1 of
approximately 778,000 vehicles in the United States due to a suspension problem
that could cause crashes. – CNN
8.
August 1, CNN – (National;
International) Toyota recalling 760,000 RAV4’s due to crash risk. Toyota
announced the recall August 1 of some 778,000 vehicles in the United States due
to a suspension problem that could cause crashes. The recall comprises roughly
760,000 Toyota RAV4’s from model years 2006 to 2011, as well as about 18,000
Lexus HS 250h’s from 2010. Toyota said if the nuts on the rear suspension arms
of these vehicles are not tightened properly during a wheel alignment service,
the arms may come loose or separate. A Toyota spokesman said that so far in the
United States, there have been “nine crashes and three minor injuries alleged
to be related to this condition.” About 100,000 vehicles in Canada were also
part of the recall. Source: http://money.cnn.com/2012/08/01/autos/toyota-rav4-recall/index.htm?hpt=hp_t3
• Nuclear operations were temporarily halted
August 1 at a Tennessee complex that stores and processes uranium after three
protesters were able to intrude into a high-security area the weekend of July
28. – Associated Press
9.
August 1, Associated Press –
(Tennessee) Nuke ops halted after protesters enter TN complex. Nuclear
operations were temporarily halted August 1 at a Tennessee complex that stores
and processes uranium after three protesters were able to intrude into a
high-security area the weekend of July 28. The Y-12 National Security Complex
said all nuclear material is safe. The temporary stand-down was expected to end
by the week of August 6. Special nuclear material will be moved to vaults on
site, and contractor security personnel will undergo training and refresher
instruction. Source: http://www.seattlepi.com/news/article/Nuke-ops-halted-after-protesters-enter-TN-complex-3755281.php
• Three commuter jets came within seconds of a
midair collision July 31 at Reagan National Airport after confused air traffic
controllers launched two outbound flights directly at another plane coming in
to land. – Washington Post
14. August
1, Washington Post – (Virginia) Two planes taking off from National put on
collision course with plane trying to land. Three commuter jets came within
seconds of a midair collision July 31 at Reagan National Airport after confused
air traffic controllers launched two outbound flights directly at another plane
coming in to land, according to federal officials, the Washington Post reported
August 1. The three planes, all operated by US Airways, carried 192 passengers
and crew members, the airline said. A number of inbound planes were queued up
to turn above Mount Vernon, fly north over the Potomac River, and land on National’s
main runway. However, an approaching storm caused a significant wind shift, and
the air traffic control center in Warrenton wanted to reverse the flow of
planes into the airport, turning them north of Rosslyn and routing them south
along the river to land from the opposite direction. The Warrenton controllers
communicated the plan to the controller tower at Reagan National. However, an
incoming flight cleared to land was flying head-on at two planes that just took
off. The inbound plane and the first of the outbound planes were closing the
1.4 miles between them at a combined speed of 436 mph, a rate that meant they
were about 12 seconds from impact when the tower controller recognized her
mistake. The Federal Aviation Administration’s public affairs office issued a
statement August 1 saying it was investigating the matter and would take
appropriate action to address the miscommunication. Source: http://www.washingtonpost.com/local/trafficandcommuting/two-planes-taking-off-from-national-put-on-collision-course-with-plane-trying-to-land/2012/08/01/gJQAxxPSQX_story.html?wpisrc=al_excl
• A computer security breach at the
Environmental Protection Agency (EPA) exposed the Social Security numbers and
banking information of nearly 8,000 people, most of them current employees, the
EPA confirmed August 1. – Washington Business Journal
25. August
2, Washington Business Journal – (National) EPA security
breach exposes personal information of 8,000 people. A computer security
breach at the Environmental Protection Agency (EPA) exposed the Social Security
numbers and banking information of nearly 8,000 people, most of them current
employees, the EPA confirmed August 1. The EPA told the Washington Business
Journal in a statement that it notified 5,100 current employees and some 2,700
“other individuals” about a March security incident that exposed personal
information on an EPA database. Those impacted were informed about the breach
July 31, 4 months after it occurred. The EPA is offering free credit-monitoring
services for 1 year to people affected by the breach. “EPA conducted a risk
analysis, [which] indicates it is unlikely the personal financial information
has been used,” according to the EPA statement. “Vigilantly keeping data secure
from increasingly sophisticated cyber threats is a top priority at EPA. The
agency already added new safeguards in response to the incident.” The agency’s
Office of the Inspector General confirmed an investigation is underway. Source: http://www.bizjournals.com/washington/news/2012/08/02/epa-security-breach-exposes-personal.html
Details
Banking and Finance Sector
11. August
1, Reuters – (International) Error by Knight Capital rips through stock
market. A technology breakdown at a major trading firm roiled the prices of
140 stocks listed on the New York Stock Exchange August 1. The problems at
Knight Capital Group Inc, one of the largest firms that buys and sells stocks
to provide liquidity to the markets, emerged at the beginning of trading. Heavy
computer-based trading caused a rush of orders for dozens of stocks, whose
shares soared far beyond their previous day closing prices. The trading
glitches were the latest in a series of market snafus that have hurt retail
investors’ confidence, including the botched Facebook initial public offering,
the 2010 “flash crash” in which nearly $1 trillion in market value disappeared
in minutes, and the failed public offering of BATS Global Markets. The exact
nature of the technology issues was unclear. Source: http://www.reuters.com/article/2012/08/01/us-usa-nyse-tradinghalts-idUSBRE8701BN20120801
12. August
1, Cerritos-Artesia Patch – (California) Elusive ‘Plain Jane Bandit’
strikes Chase Bank in Cerritos. A serial bank robber dubbed the “Plain Jane
Bandit” held up a Chase bank in Cerritos, California, July 31, bringing the
number of robberies she is associated with to eight. The incident was similar
to previous bank robberies in which the “Plain Jane Bandit” either slipped a
teller a note or verbally commanded the employee to give her money, claiming
she had an accomplice waiting for her. After the suspect demand money in the
July 31 holdup, the teller handed her an undisclosed amount of cash, and the
woman then fled. Source: http://cerritos.patch.com/articles/plain-jane-robs-cerritos-chase-july-31-cerritos-chase-bank-latest-target-for-elusive-plain-janet-bandit
Information Technology Sector
29. August
1, ZDNet – (International) Privilege escalation security hole found in
Nvidia Linux driver. An anonymous hacker found a security hole in the
NVIDIA binary. He or she allegedly reported it to NVIDIA “over a month ago” and
did not receive a reply, nor was the flaw ever patched. The exploit has now
been made public. A software engineer was sent details of the vulnerability.
After testing it and discovering that it works, he publicly posted the exploit.
The flaw allows an attacker to write to any part of memory on the system by
shifting the VGA window after attaining superuser privileges. Source: http://www.zdnet.com/privilege-escalation-security-hole-found-in-nvidia-linux-driver-7000001986/
30. August
2, Help Net Security – (National) Vulnerability disclosure framework for industrial
control systems. The Industrial Control Systems Joint Working Group
published “The Industrial Control Systems Common Vulnerability Disclosure
Framework,” which is a significant step towards standardization of
vulnerability disclosure policies for industrial control systems vendors and
system integrators. The newly published framework is to be used as a
consensus-based foundation for all involved parties in developing standardized
vulnerability disclosure policies. As the framework is aimed towards a diverse
set of systems, its content is not mandatory but should be used as a valuable
starting point toward responsible disclosure. Source: http://www.net-security.org/article.php?id=1748&utm
31. August
2, The H – (International) LibreOffice vulnerable to multiple buffer
overflows. Three weeks after releasing LibreOffice 3.5.5, The Document
Foundation confirmed security holes in earlier versions of the open source
LibreOffice productivity suite can be exploited by attackers to compromise a
victim’s system. According to the project’s security advisory, these include
multiple heap-based buffer overflow vulnerabilities in the XML manifest
encryption tag parsing code. Successful exploitation of the vulnerabilities
could lead to the execution of arbitrary code on a system with the privileges
of a local user. For an attack to be successful, a victim must first open a
specially crafted Open Document Format (ODF) file. Versions up to and including
LibreOffice 3.5.4 are affected; upgrading to version 3.5.5 or later fixes these
problems. Source:
http://www.h-online.com/security/news/item/LibreOffice-vulnerable-to-multiple-buffer-overflows-1658328.html
32. August
2, Nextgov – (National) Cybersecurity bill fails to advance in Senate. August
2, after months of wrangling, the U.S. Senate rejected calls by the
Presidential Administration and failed to advance sweeping legislation aimed at
protecting American computer networks from cyberattacks. The cloture vote to
end debate on the bill was 52-46, with 60 votes needed to advance the measure.
The White House and top national security and defense leaders pressed the
Senate to pass the Cybersecurity Act of 2012, but negotiations between
Democratic supporters and Republican critics failed to yield an agreement. Republicans
in the Senate echoed industry concerns that the bill could lead to government
regulation, but debate over the legislation devolved into assigning blame.
Source: http://www.nextgov.com/cybersecurity/2012/08/cybersecurity-bill-fails-advance-senate/57185/
33. August
1, Government Computer News – (International) BIOS’
‘privileged position’ in servers makes it a target for sophisticated attacks. The
Basic Input/Output System (BIOS) facilitates the hardware initialization
process of a computer and hands off control to the operating system, giving it
a trusted status that also could present opportunities for attackers.
“Unauthorized modification of BIOS firmware by malicious software constitutes a
significant threat because of the BIOS’s unique and privileged position within
modern computer system architectures,” say the authors of new BIOS security
guidelines for government from the National Institute of Standards and
Technology. “Malicious BIOS modification could be part of a sophisticated,
targeted attack on an organization — either a permanent denial of service or a
persistent malware presence.” Source: http://gcn.com/articles/2012/08/01/nist-bios-security-target-for-sophisticated-attacks.aspx
34. August
1, ZDNet – (International) Skype spamming tool costs $10. Skype
Flooder by Revi was updated to version 2.0. The do-it-yourself tool is used by
cyber criminals who want to trick as many Microsoft Skype users as possible
into interacting with their malicious scam and spam campaigns. Anyone can buy
Skype Flooder; it is only $10. Furthermore, if a person buys it now, they will
automatically receive 5,000 already-harvested Skype user names. The spamming
tool can be used to harvest Skype user names by country or by gender. It can
also check whether the user is online or not. The latest version also supports
parsing of log files. Source: http://www.zdnet.com/skype-spamming-tool-costs-10-7000001975/
35. August
1, The H – (International) Avira now affected by Oracle’s file converter
hole. Avira AntiVir for Exchange, and the Avira Small Business Security
Suite, and Avira Business Security Suite that contain it, are all vulnerable to
the Oracle file conversion holes that were revealed 2 weeks ago in Oracle’s
monthly patch day. The holes in Oracle’s Outside In library have made a range
of third party applications vulnerable to attackers with crafted files in
particular formats. A product update for the Exchange package is now available;
for the suites, this updated package just needs to be reinstalled.
Source: http://www.h-online.com/security/news/item/Avira-now-affected-by-Oracle-s-file-converter-hole-1657943.html
Communications Sector
Nothing to report