Friday, December 7, 2012
Daily Report
Top Stories
• The U.S.
Securities and Exchange Commission
December 5 charged an
investment banker and
nine others involved in an
insider trading ring
that garnered
more than $11 million in illicit profits trading on confidential information
about impending mergers. –
U.S. Securities and Exchange Commission
See item
7 below in the
Banking and Finance Sector
•
Authorities
expanded
an
evacuation zone near the site of a freight-train derailment
in Paulsboro, New Jersey, and
said residents will be
displaced until at least
December 9
as a precaution against dangerous
fumes.
– Cherry Hill Courier Post
11. December 4, Cherry Hill Courier Post – (New Jersey) Wider evacuation
area declared in Paulsboro. Authorities expanded an evacuation zone near
the site of a freight-train derailment in Paulsboro, New Jersey, and said
residents will be displaced until at least December 9 as a precaution against
dangerous fumes. Officials said they encountered difficulty in emptying a
breached tanker car that initially held 180,000 pounds of vinyl chloride, a
chemical with short- and long-term health effects. That car was one of seven to
derail November 30 as a freight train tried to cross a bridge between West
Deptford and Paulsboro. A leak of vinyl chloride sent more than 60 people to a
hospital on November 30, most with respiratory complaints. The Coast Guard,
which initially declared the evacuation of about 50 homes November 30, called
for residents to leave an additional 100 homes December 4. Officials also said
the evacuation would last one day longer than previously thought. Officials
previously told all borough residents to stay indoors — or shelter in place —
whenever tests found elevated levels of vinyl chloride in the air. The expanded
evacuation zone includes the areas where pollution spikes have occurred, and
the Coast Guard said that should end the need for residents in other
neighborhoods to stay indoors. The elevated levels of vinyl chloride were still
far below those deemed to be toxic. Source: http://www.courierpostonline.com/article/20121205/NEWS01/312050021/Wider-evacuation-area-declared-Paulsboro
•
Thirteen
Chicago residents
were indicted December 4 on federal
bank
fraud
charges for allegedly stealing more than $2.5 million in corporate checks
from
the mail. – WMAQ 5 Chicago
12. December 5, WMAQ 5 Chicago – (Illinois) 13
indicted on bank fraud charges. Thirteen Chicago residents were indicted
December 4 on federal bank fraud charges for allegedly stealing more than $2.5
million in corporate checks from the mail. Initially, three men allegedly stole
corporate checks then created fake businesses with names spelled similarly to
payees on the stolen check between June 2009 and November 2011, according to a
release from the U.S. Department of Justice. The three then recruited
co-defendants to withdraw the money from ATMs and casinos for a percentage of
the proceeds. They deposited more than $2.5 million in stolen checks and
withdrew nearly $1.6 million. The group was charged after authorities arrested
eight members involved in the scheme and four others surrendered to U.S. Postal
Inspectors. The remaining suspect was already in custody. Source: http://www.nbcchicago.com/news/local/chicago-bank-fraud-indictment-182296431.html
•
The U.S. entered into two
settlements worth
more than $50 million to clean
up contamination from the
B.F. Goodrich Superfund Site in
San Bernardino County,
California. – U.S.
Environmental
Protection Agency
20. December 5,
U.S. Environmental Protection Agency – (California) U.S.
and local governments achieve $50 million settlement to address contamination
at superfund site in Rialto, Calif. The United States entered into two
settlements worth more than $50 million to clean up contamination from the B.F.
Goodrich Superfund Site in San Bernardino County, California, the U.S.
Environmental Protection Agency stated in a release December 5. There were a
dozen settling parties including Emhart Industries, and Pyro Spectaculars, Inc.
(PSI), as well as the cities of Rialto and Colton and County of San Bernardino,
California. The Superfund site was used to store, test, and manufacture
fireworks, munitions, rocket motors, and pyrotechnics and was added to the U.S.
Environmental Protection Agency’s (EPA) National Priorities List in September
2009. The area’s groundwater was contaminated with trichloroethylene (TCE) and
perchlorate, which have resulted in the closure of public drinking water supply
wells in the communities of Rialto and Colton. Under one agreement, Emhart will
perform the first portion of the cleanup, which is estimated to cost $43
million over the next 30 years to design, build, and operate groundwater wells,
treatment systems, and other equipment needed to clean up the contaminated
groundwater at the site. A significant portion of these funds would come from
other settling parties, to include the U.S. Department of Defense. The Cities
of Rialto and Colton would receive $8 million. Source: http://yosemite.epa.gov/opa/admpress.nsf/d0cf6618525a9efb85257359003fb69d/f5482cd55fbf833a85257acb0071bae8!OpenDocument
Details
Banking and Finance Sector
6. December 5, WUSA 9
Washington D.C. –
(Virginia) Evacuations after explosion at Virginia Credit Union ATM, second
incident. Fredericksburg, Virginia police said surveillance video showed
that a person put an explosive device on the base of an ATM that caused an explosion
December 5. When police arrived, they found an ATM with scorch marks and other
damage. They said the ATM was still working and that the suspect may have been
trying to get money from it by blowing up the ATM. The bank and some nearby
apartments were evacuated and closed after a bomb detection dog indicated there
may have been another device. The Virginia State Police Bomb Unit later
declared the area bomb free but the bank drive-through remained closed. Source:
http://www.wusa9.com/news/article/232334/158/Evacuations-After-Explosion-At-ATM-Second-Incident
7. December 5, U.S.
Securities and Exchange Commission –
(National) SEC charges 10 in insider trading ring around investment banker’s
illegal tips on impending mergers. The U.S. Securities and Exchange
Commission (SEC) December 5 charged an investment banker who was primarily
based in Charlotte, North Carolina, and nine others involved in an insider
trading ring that garnered more than $11 million in illicit profits trading on
confidential information about impending mergers. The SEC alleges that the
banker misused his position at Wells Fargo Securities to obtain material,
nonpublic information about four separate merger transactions involving firm
clients. Upon learning inside information about an impending deal, his first
call to set the insider trading ring in motion was typically to his longtime
friend who worked as a registered broker. The two illegally tipped other
friends who in turn tipped more friends or family members in a ring that spread
across five States. According to the SEC’s complaint, the banker was based in
Wells Fargo’s Charlotte office when most of the misconduct occurred, but later
moved and worked in New York where he currently resides. Tippees included
friends and family across the U.S. The SEC also charged two companies with ties
to the banker and his friend that were involved in the illegal trading: Coram
Real Estate Holdings Inc. and GoldStar P.S. The SEC also charged two others as
relief defendants for the purposes of recovering illicit profits that are now
in their possession. Source: http://www.sec.gov/news/press/2012/2012-255.htm
8. December 5, WHTM 27 Harrisburg – (National) Federal jury convicts
2 in interstate credit card scheme. A federal jury in Harrisburg,
Pennsylvania, convicted two men in a $500,000 stolen credit card scheme that
spanned several States. The two men were convicted of bank fraud and wire
fraud, while the jury was deadlocked on charges related to identity theft. The
men fraudulently obtained more than 100 credit and debit card numbers from over
25 banks and credit unions and then used them at stores in Pennsylvania, New
Jersey, and Maryland, according to a U.S. Attorney. The scheme was first
uncovered at Target stores in the Harrisburg area, where investigators saw the
two repeatedly attempting to purchase gift cards with multiple credit cards,
many of which were regularly declined. The U.S. Attorney said the men committed
most of their crimes in Target stores, but used the stolen bank card numbers at
other retailers as well. One of the men faces deportation to Russia following
his sentence.
Source: http://www.abc27.com/story/20271197/federal-jury-convicts-2-in-interstate-credit-card-scheme
For another story,
see item 12 above in Top Stories
Information Technology Sector
24.
December 6, The H – (International) BIND
9.9.2 closes IPv6 security hole. Updates for the current version, 9.9.2,
and the older 9.8.4 version of the widely used, free BIND domain name system
(DNS) server have now become available. They close a security hole that enabled
attackers to crash the daemon. All versions of BIND that use the DNS64 option,
which was introduced in version 9.8, are affected. The problem appears to have
been caused by a flaw in the implementation of this option; the flaw allows
attackers to crash the server with specially crafted requests. DNS64 enables IPv6
computers to communicate with IPv4 machines via an address translator (NAT64).
The option is intended for recursive servers. Those who do not use it are not
affected by the now corrected bug – everyone else should either disable DNS64
or install the new version. Source: http://www.h-online.com/security/news/item/BIND-9-9-2-closes-IPv6-security-hole-1763332.html
25.
December 5, Help Net Security –
(International) Exploit kit authors thrive due to PoC code released by
whitehats. Having spent the last year following the development of the
Blackhole exploit kit, a Sophos researcher says the last few exploits for
zero-days added to it were all works of whitehat researchers who published
their own exploit code online. In one particular case, the Blackhole author practically
copy-pasted the published code into his exploit kit’s code. “The author of the
Blackhole exploit kit seems to be more comfortable as a system integrator and
Web application developer than anything else, and is far from being a hardcore
vulnerability researcher,” he comments. Other researchers have noted a similar
pattern. A little over a year ago, iSec Partners researchers analyzed the (at
the time) top 15 exploit kits, and discovered that among the exploits they used
- 13 in all - 3 were developed and used by attackers engaged in so-called
advanced persistent threats (APTs), and 10 were developed by whitehats. Source:
http://www.net-security.org/secworld.php?id=14069&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+HelpNetSecurity+(Help+Net+Security)&utm_content=Google+Reader
Communications Sector
26. December 6, Hibbing Daily
Tribune – (Minnesota)
Fiber optic cut interrupts phone, Internet service. A cut fiber optic
cable interrupted phone and Internet services for residents of Floodwood,
Meadowlands, and Toivola exchanges December 4. A construction crew working in
Independence, Minnesota, cut into the fiber optic cable owned by Frontier
Communications, said the Frontier general manager of the northern Minnesota
area. Frontier was notified of the situation and immediately dispatched crews
who were able to get the service restored about 4 hours later. While they were
working, customers in the affected area were able to dial within the exchange,
but could not call outside of the exchange, he said. The company notified
full-time police and fire stations in the affected area because those
experiencing an emergency could still call directly to their police or fire
station. People in the affected areas could not dial 9-1-1 because it is
located outside the exchange. Source: http://www.hibbingmn.com/news/article_99362412-3f04-11e2-99c8-001a4bcf887a.html
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.