Tuesday, November 13, 2012
I am proud to declare that the DHS
Daily Report blog has been selected as one of the “Top 100 National Security
Resources”, http://www.masterofhomelandsecurity.org/national-security.html, and from this day forward we will display their logo.
Daily Report
Top Stories
• A gasoline rationing plan that lets motorists fill up every
other day went into effect in New York November 9, as utility crews made some progress erasing new
outages that put thousands of homes and businesses in the dark in a region
still reeling from Superstorm Sandy. – Associated Press
1. November
9, Associated Press – (Connecticut; New Jersey; New York) Gas rationing begins in
NY as power outages abate. A gasoline rationing plan that lets motorists
fill up every other day went into effect in New York November 9, as utility
crews made some progress erasing new outages that put thousands of homes and
businesses in the dark in a region still reeling from Superstorm Sandy. Police
enforced the new system at filling stations in New York City and on Long Island
as drivers turned out before dawn to line up for their rations. Gas was
available to drivers with license-plate numbers ending in an odd number or a
letter November 9. November 10, drivers with license plates that end in even
numbers or zero could fuel up. Buses, taxis, and limousines, commercial
vehicles, and emergency vehicles are exempt from the plan, as were people carrying
portable gas cans. Only a quarter of the city's gas stations were open, the mayor
said. Some were closed because they were out of power, others because they could
not get fuel from terminals and storage tanks that could not unload their
cargo. Snow blanketed several States from New York to New England and stymied
recovery efforts from Superstorm Sandy as additional storm-weakened trees
snapped and more power lines came down. The New York governor joined the calls
for an investigation November 9, ripping the utilities as unprepared and badly
managed. The utilities have said they are dealing with damage unprecedented in
its scope and are doing the best they can. By November 9, there were more than
220,000 outages left in the New York area, mostly on Long Island, and about
250,000 in New Jersey. Almost all Connecticut residents had lights again, down
from 625,000 at the storm's height. Source: http://wcfcourier.com/news/national/gas-rationing-begins-in-ny-poweroutages-persist/article_8d7c15fc-c103-5e33-a072-7f06bf94d27f.html
• Hundreds of millions of gallons of untreated or partially
treated wastewater have flowed
into New Jersey's waterways since Superstorm Sandy, affecting 1.4
million residents in 48
towns, the Associated Press reported November 8. – Associated
Press
28. November
8, Associated Press – (New Jersey) Sewage issues prompt call for NJ to curb water
use. Hundreds of millions of gallons of untreated or partially treated wastewater
have flowed into New Jersey's waterways since superstorm Sandy hit the week of
October 29, creating what the State's governor called "a huge
problem" November 8. Most of the wastewater is coming from the crippled
Passaic Valley Sewerage Commission (PVSC) system, which suffered power outages
and flooding from Sandy, the State Department of Environmental Protection (DEP)
said. November 8, the governors office and the DEP urged the 1.4 million
residents in 48 towns served by the PVSC to restrict water use to reduce stress
on the system. Right after the storm, the PVSC system was releasing 500 million
gallons of untreated wastewater and stormwater a day into Newark Bay, a DEP
spokesman said. The PVSC, after restoring power and repairing some of the damage
the weekend of November 2, has been pumping 250 million gallons of partially
treated wastewater per day through its normal route into New York Harbor.
Utilities are not allowed to dump untreated or partially treated water into
waterways unless an emergency exists, the DEP spokesman said. The Middlesex
County Utility Authority's (MCUA) wastewater treatment system also sustained
damage and has been pumping about 65 million gallons of untreated wastewater
per day into the Raritan River, MCUA's executive director said November 8. The
DEP issued a water restriction advisory to the 38 towns and 797,000 customers of
MCUA November 6. Source: http://www.timesunion.com/news/science/article/Residents-in-48-NJ-townsasked-to-reduce-water-use-4020252.php
• After 59 hang-up 9-1-1 calls in 2 days, police staked out and
arrested a southern Nevada
man they think made more than 3,600 phantom emergency calls during
the past year, the
Associated Press reported November 8. – Associated Press
37. November
8, Associated Press – (Nevada) Nevada man accused of making phantom 911 calls. After
59 hang-up 9-1-1 calls in 2 days, police staked out and arrested a southern
Nevada man they think made more than 3,600 phantom emergency calls during the
past year. A Henderson police spokesman said November 8 that detectives questioned
the man before, but he always denied making the calls or blamed them on others
using his phone. November 7, detectives confronted the man after watching him allegedly
make a call to the city's 9-1-1 dispatch center. The police spokesman said he later
told police his phone was broken and dialed 9-1-1 by itself. He is being held
at the Henderson jail on 59 counts of unlawful use of an emergency phone
number. Police said he could face 1 year in jail and a $2,000 fine on each
charge. Source: http://www.timesunion.com/news/crime/article/Nevada-man-accused-ofmaking-phantom-911-calls-4021507.php
• Malware that disables
computers and demands that hefty cash payments be paid to purported
law-enforcement agencies before the machines are restored is extorting as much as
$5 million from end-user victims, researchers said. – Ars Technica See
item 44
below in the
Information Technology Sector
Details
Banking and Finance Sector
12. November
9, Reuters – (International) MoneyGram settles fraud allegations with DoJ.
Payment transfer company MoneyGram International Inc said it reached a $100
million settlement with U.S. authorities related to suspected fraudulent
transactions by some agents, Reuters reported November 9. The settlement also
involves the appointment of an independent compliance monitor. The U.S.
Attorney's Office for the Middle District of Pennsylvania and the U.S.
Department of Justice had accused MoneyGram of aiding wire fraud and failing to
implement an effective anti-money laundering program, the company said.
MoneyGram did not provide details of the allegations, which relate to
transactions by third-party agents in the United States and Canada from 2003 to
early 2009. Source: http://www.reuters.com/article/2012/11/09/us-moneygram-fraudidUSBRE8A80WO20121109
13. November
8, Reuters – (New York; National) Longtime Madoff employee admits decades
of fraud. One of Bernard L. Madoff Investment Securities LLC's longest serving
employees pleaded guilty November 8 to falsifying records, a conspiracy that a prosecutor
said began in the 1970s at the start of the multibillion-dollar Ponzi scheme. The
man, a former controller, told a New York City federal court judge that for
years he fudged the books on the company's founder's orders, but that at no
point did he suspect the epic, decades-long fraud. The former controller, who
signed a plea agreement with federal prosecutors, pleaded guilty to charges of
conspiracy to commit securities fraud and falsifying documents. The man's son,
another former employee, pleaded guilty in 2011 to criminal charges of bank
fraud and charges that he reported people were employees so they could receive
retirement benefits. The father joined the firm in 1964 and was the firm's
first employee who was not a family member. Although he retired in 1998, he and
his wife illegally remained on the payroll and received benefits but did not
work. A prosecutor said that "as early as the mid 1970s" he had begun
changing the financial records of accounts at the founder's direction. Source: http://www.chicagotribune.com/business/sns-rt-us-madoff-controllerpleabre8a804e-20121108,0,3089269.story
14. November
8, Chicago Sun-Times Media Wire – (Illinois) ‘Stringer Bell
Bandit’ strikes another Chicago bank. A man dubbed the ―Stringer Bell
Bandit‖ — named after a character from the TV series The Wire — robbed his
fifth bank in past in Chicago in the past month, the Chicago Sun-Times Media
Wire reported November 8. The most recent robbery happened at a Citibank on
North LaSalle Street, police said. The man is also suspected of robbing a
Citibank branch on West Adams Street October 10, a Citibank branch on West
Washington Street October 17, a PNC Bank branch on West Monroe Street October
23, and a Fifth Third Bank branch on South Dearborn Street November 2, the FBI
said. Weapons were not shown in the robberies, which were described as
‖non-takeover. Source: http://chicago.cbslocal.com/2012/11/08/stringer-bell-bandit-strikes-anotherchicago-bank/
15. November
8, U.S. Securities and Exchange Commission – (Louisiana) SEC
charges Baton Rouge-based investment
adviser with hiding losses from mortgage-backed securities investments. The
U.S. Securities and Exchange Commission (SEC) November 8 charged a hedge fund
manager in Baton Rouge, Louisiana, with defrauding investors by hiding $32
million in losses suffered during the financial crisis from investments tied to
residential mortgage-backed securities (RMBS). The SEC alleges that the man and
his firm Commonwealth Advisors Inc. caused the hedge funds they managed to buy
the lowest and riskiest tranches of a collateralized debt obligation (CDO)
called Collybus. They sold mortgage-backed securities into the CDO at prices they
had obtained 4 months earlier while knowing that the RMBS market had declined precipitously
in the meantime. As the CDO investments continued to perform poorly, the man
instructed Commonwealth employees to conduct a series of manipulative trades
between the hedge funds they advised (called cross-trades) in order to conceal
a $32 million loss experienced by one of the funds in its Collybus investment.
He and Commonwealth lied to investors about the amount and value of
mortgage-backed assets held in the hedge funds, and they created phony internal
documents to justify their false valuations. He and employees under his
direction also continued to cross-trade and create false gains to conceal their
losses. Source: http://www.sec.gov/news/press/2012/2012-222.htm
16. November
8, U.S. Securities and Exchange Commission – (California) SEC
charges executives and auditor of electronic game card company with fraud. The
U.S. Securities and Exchange Commission (SEC) November 8 charged three
executives with repeatedly lying to investors about the operations and
financial condition of an Irvine, California-based company that purported to
sell credit card-size electronic games. The SEC also charged the company’s
independent auditor with facilitating the scheme. The SEC alleges that the
company's chief executive officer (CEO) and chief financial officer (CFO)
orchestrated a scheme in which Electronic Game Card Inc. (EGMI) enticed
investors by claiming to have millions of dollars in annual revenue, hold
millions of dollars in investments, and own an off-shore bank account worth
more than $10 million. In reality, many of the company’s purported contracts
were phony, the purported investments were merely in entities affiliated with
the two executives, and the bank account did not exist. As a result of EGMI’s
false claims, the company’s outstanding common stock was once valued as high as
$150 million. EGMI is now bankrupt and its stock is worthless. The SEC charged
the company’s outside auditor — certified public accountant — with repeatedly
issuing clean audit opinions about EGMI based on reckless and deficient audit
work. Also charged is a man who later replaced the CEO and ignored many red
flags about the accuracy of the company’s public statements and the integrity
of the former CEO and CFO. He provided false information during conference
calls with analysts and investors. Source: http://www.sec.gov/news/press/2012/2012-223.htm
17. November
8, Associated Press – (Idaho; California) AK-47 Bandit' hits Rexburg credit union. The
FBI said a robber who held up a Rexburg, Idaho credit union with an AK-47 rifle
November 6 likely has hit other banks elsewhere in the country. The federal law
enforcement agency released photos from the heist at the East Idaho Credit Union
showing the man brandishing an assault rifle. Officials said the man is also known
as the "AK-47 Bandit" and is suspected in robberies including a
holdup in California in February in which he wounded a police officer. The
subject entered the Rexburg bank wearing a mask, black gloves, a black coat
with a hood, and baggy jeans during the robbery. After ordering employees into
a vault, he was seen driving in a dark blue sedan on South Yellowstone Highway.
Source: http://seattletimes.com/html/localnews/2019640318_apidak47bandit.html
Information Technology Sector
39. November
9, Softpedia – (International) Joomla 3.0.2 and 2.5.8 available for download,
security fixes included. The Joomla Project released Joomla 3.0.2 and Joomla
2.5.8. Both variants come with a number of improvements, including fixes for security
issues. In Joomla 3.0.2, a medium priority cross-site scripting (XSS) vulnerability
that affected the language search component was fixed. In the 2.5.8 version of
Joomla, nine tracker issues were fixed, along with a clickjacking vulnerability
caused by ―inadequate protection. Source: http://news.softpedia.com/news/Joomla-3-0-2-and-2-5-8-Available-for-Download-Security-Fixes-Included-305842.shtml
40. November
9, The Register – (International) Windows 8, Surface slabs already need critical
security patch. Microsoft will release critical updates for Windows 8 and
other software on November's Patch Tuesday the week of November 12. The
upgrades will arrive within weeks of the Windows 8 launch at the end of
October. All supported versions of the Windows operating system from XP SP3 up
to and including Windows 8 and Windows Server 2012 will need patching to close
three security holes that enable hackers to execute malicious code remotely on
vulnerable systems. The fourth critical patch will address a vulnerability in
Internet Explorer 9 on Windows 7, Vista, and Server 2008. Two of the updates
for November will also patch Windows 8 RT as used in Microsoft's new Surface
tablet laptop. Microsoft's security experts also lined up an "important"
update that corrects a remote-code execution bug in Excel in Microsoft Office
2010, 2007, and 2003. A sixth update, labelled "moderate" in
severity, prevents information leaking from Windows Vista, 7, and Server 2008. Source:
http://www.theregister.co.uk/2012/11/09/nov_patch_tuesday_pre_alert/
41. November
9, The Register – (International) Bloke flogged $1.2m of pirated Microsoft gear
on eBay, say Feds. A man from Atlanta, Michigan, was charged with selling counterfeit
Microsoft software valued at more than $1.2 million. He is accused of five counts
of criminal copyright infringement and one count of mail fraud over the alleged
resale of pirated software sourced from east Asia. According to his charge
sheet, the man unlawfully distributed Microsoft Office 2003 Professional and
Microsoft Windows XP Professional by purchasing dodgy copies of the products
from China and Singapore, and then sold the software through auctions on eBay.
He allegedly made at least $140,000 through selling more than 2,500 copies of
Microsoft programs between May 2008 and September 2010 before he was arrested.
If convicted, he faces up to 45 years in prison and $1.5 million in fines. Source:
http://www.theregister.co.uk/2012/11/09/ebay_counterfeit_ms_software_prosecution/
42. November
8, ZDNet – (International) Twitter user passwords reset after accounts breached.
An unknown number of Twitter users received a genuine email from the company
warning they should change their password as soon as possible. However, a Twitter
spokesperson told ZDNet that the email was sent to a wider group of users than intended.
In the email, the microblogging company noted: "Twitter believes that your
account may have been compromised by a website or service not associated with Twitter.
We've reset your password to prevent others from accessing your account."
It remains unclear how many users were affected by the password reset email or
what caused the mass emailing of Twitter's users. A post November 7 noted that
in some cases when "large numbers of Twitter accounts have been
hijacked," the company sends out these emails en masse; even sending
messages to accounts that may not have been affected by any hack or hijack to
err on the side of caution. Source: http://www.zdnet.com/twitter-user-passwords-reset-after-accounts-breached-7000007108/
43. November
8, Softpedia – (International) Experts find DOM-based XSS vulnerability in
Google.com. Security researchers from Minded Security identified a document
object model (DOM)-based cross-site scripting (XSS) vulnerability on
Google.com. The security hole was identified with the aid of DOMinatorPro — a
runtime JavaScript DOM XSS analyzer. According to the researchers, DOMinatorPro
revealed a piece of code in googleadservices.com /pagead/landing.js which used
invalidated input to build the argument for two "document.write "
calls. They found that the buggy JavaScript was utilized by
google.com/toolbar/ie/index.html (both HTTP and HTTPS). "[This] means that
one more time a (almost) 3rd party script introduces a flaw in the context of an
unaware domain," a researcher from Minded Security explained. He suggested
a workaround, but Google decided to address this issue by removing the
problematic script altogether. Source: http://news.softpedia.com/news/Experts-Find-DOM-Based-XSS-Vulnerabilityin-Google-com-305585.shtml
44. November
8, Ars Technica – (International) Mushrooming ransomware now extorts $5 million
a year. Malware that disables computers and demands that hefty cash payments
be paid to purported law-enforcement agencies before the machines are restored
is extorting as much as $5 million from end-user victims, researchers said. The
estimate, contained in a report published November 8 by researchers from
antivirus provider Symantec, is being fueled by the mushrooming growth of
so-called ransomware. Once infected, computers become unusable and often
display logos of local law-enforcement agencies, along with warnings that the
user has violated statutes involving child pornography or other serious
offenses. The warnings then offer to unlock the computers if users pay a fine
as high as $200 within 72 hours. The report identified at least 16 different
ransomware versions spawned by competing malware gangs. Many are completely
different families of malware, rather than multiple variants of the same family,
and most have their own unique behavior. Source: http://arstechnica.com/security/2012/11/mushrooming-growth-of-ransomwareextorts-5-million-a-year/
Communications Sector
Nothing to
report
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.