Friday, December 7, 2012
• The U.S. Securities and Exchange Commission December 5 charged an investment banker and nine others involved in an insider trading ring that garnered more than $11 million in illicit profits trading on confidential information about impending mergers. – U.S. Securities and Exchange Commission See item 7 below in the Banking and Finance Sector
• Authorities expanded an evacuation zone near the site of a freight-train derailment in Paulsboro, New Jersey, and said residents will be displaced until at least December 9 as a precaution against dangerous fumes. – Cherry Hill Courier Post
11. December 4, Cherry Hill Courier Post – (New Jersey) Wider evacuation area declared in Paulsboro. Authorities expanded an evacuation zone near the site of a freight-train derailment in Paulsboro, New Jersey, and said residents will be displaced until at least December 9 as a precaution against dangerous fumes. Officials said they encountered difficulty in emptying a breached tanker car that initially held 180,000 pounds of vinyl chloride, a chemical with short- and long-term health effects. That car was one of seven to derail November 30 as a freight train tried to cross a bridge between West Deptford and Paulsboro. A leak of vinyl chloride sent more than 60 people to a hospital on November 30, most with respiratory complaints. The Coast Guard, which initially declared the evacuation of about 50 homes November 30, called for residents to leave an additional 100 homes December 4. Officials also said the evacuation would last one day longer than previously thought. Officials previously told all borough residents to stay indoors — or shelter in place — whenever tests found elevated levels of vinyl chloride in the air. The expanded evacuation zone includes the areas where pollution spikes have occurred, and the Coast Guard said that should end the need for residents in other neighborhoods to stay indoors. The elevated levels of vinyl chloride were still far below those deemed to be toxic. Source: http://www.courierpostonline.com/article/20121205/NEWS01/312050021/Wider-evacuation-area-declared-Paulsboro
• Thirteen Chicago residents were indicted December 4 on federal bank fraud charges for allegedly stealing more than $2.5 million in corporate checks from the mail. – WMAQ 5 Chicago
12. December 5, WMAQ 5 Chicago – (Illinois) 13 indicted on bank fraud charges. Thirteen Chicago residents were indicted December 4 on federal bank fraud charges for allegedly stealing more than $2.5 million in corporate checks from the mail. Initially, three men allegedly stole corporate checks then created fake businesses with names spelled similarly to payees on the stolen check between June 2009 and November 2011, according to a release from the U.S. Department of Justice. The three then recruited co-defendants to withdraw the money from ATMs and casinos for a percentage of the proceeds. They deposited more than $2.5 million in stolen checks and withdrew nearly $1.6 million. The group was charged after authorities arrested eight members involved in the scheme and four others surrendered to U.S. Postal Inspectors. The remaining suspect was already in custody. Source: http://www.nbcchicago.com/news/local/chicago-bank-fraud-indictment-182296431.html
• The U.S. entered into two settlements worth more than $50 million to clean up contamination from the B.F. Goodrich Superfund Site in San Bernardino County, California. – U.S. Environmental Protection Agency
20. December 5, U.S. Environmental Protection Agency – (California) U.S. and local governments achieve $50 million settlement to address contamination at superfund site in Rialto, Calif. The United States entered into two settlements worth more than $50 million to clean up contamination from the B.F. Goodrich Superfund Site in San Bernardino County, California, the U.S. Environmental Protection Agency stated in a release December 5. There were a dozen settling parties including Emhart Industries, and Pyro Spectaculars, Inc. (PSI), as well as the cities of Rialto and Colton and County of San Bernardino, California. The Superfund site was used to store, test, and manufacture fireworks, munitions, rocket motors, and pyrotechnics and was added to the U.S. Environmental Protection Agency’s (EPA) National Priorities List in September 2009. The area’s groundwater was contaminated with trichloroethylene (TCE) and perchlorate, which have resulted in the closure of public drinking water supply wells in the communities of Rialto and Colton. Under one agreement, Emhart will perform the first portion of the cleanup, which is estimated to cost $43 million over the next 30 years to design, build, and operate groundwater wells, treatment systems, and other equipment needed to clean up the contaminated groundwater at the site. A significant portion of these funds would come from other settling parties, to include the U.S. Department of Defense. The Cities of Rialto and Colton would receive $8 million. Source: http://yosemite.epa.gov/opa/admpress.nsf/d0cf6618525a9efb85257359003fb69d/f5482cd55fbf833a85257acb0071bae8!OpenDocument
Banking and Finance Sector
6. December 5, WUSA 9 Washington D.C. – (Virginia) Evacuations after explosion at Virginia Credit Union ATM, second incident. Fredericksburg, Virginia police said surveillance video showed that a person put an explosive device on the base of an ATM that caused an explosion December 5. When police arrived, they found an ATM with scorch marks and other damage. They said the ATM was still working and that the suspect may have been trying to get money from it by blowing up the ATM. The bank and some nearby apartments were evacuated and closed after a bomb detection dog indicated there may have been another device. The Virginia State Police Bomb Unit later declared the area bomb free but the bank drive-through remained closed. Source: http://www.wusa9.com/news/article/232334/158/Evacuations-After-Explosion-At-ATM-Second-Incident
7. December 5, U.S. Securities and Exchange Commission – (National) SEC charges 10 in insider trading ring around investment banker’s illegal tips on impending mergers. The U.S. Securities and Exchange Commission (SEC) December 5 charged an investment banker who was primarily based in Charlotte, North Carolina, and nine others involved in an insider trading ring that garnered more than $11 million in illicit profits trading on confidential information about impending mergers. The SEC alleges that the banker misused his position at Wells Fargo Securities to obtain material, nonpublic information about four separate merger transactions involving firm clients. Upon learning inside information about an impending deal, his first call to set the insider trading ring in motion was typically to his longtime friend who worked as a registered broker. The two illegally tipped other friends who in turn tipped more friends or family members in a ring that spread across five States. According to the SEC’s complaint, the banker was based in Wells Fargo’s Charlotte office when most of the misconduct occurred, but later moved and worked in New York where he currently resides. Tippees included friends and family across the U.S. The SEC also charged two companies with ties to the banker and his friend that were involved in the illegal trading: Coram Real Estate Holdings Inc. and GoldStar P.S. The SEC also charged two others as relief defendants for the purposes of recovering illicit profits that are now in their possession. Source: http://www.sec.gov/news/press/2012/2012-255.htm
8. December 5, WHTM 27 Harrisburg – (National) Federal jury convicts 2 in interstate credit card scheme. A federal jury in Harrisburg, Pennsylvania, convicted two men in a $500,000 stolen credit card scheme that spanned several States. The two men were convicted of bank fraud and wire fraud, while the jury was deadlocked on charges related to identity theft. The men fraudulently obtained more than 100 credit and debit card numbers from over 25 banks and credit unions and then used them at stores in Pennsylvania, New Jersey, and Maryland, according to a U.S. Attorney. The scheme was first uncovered at Target stores in the Harrisburg area, where investigators saw the two repeatedly attempting to purchase gift cards with multiple credit cards, many of which were regularly declined. The U.S. Attorney said the men committed most of their crimes in Target stores, but used the stolen bank card numbers at other retailers as well. One of the men faces deportation to Russia following his sentence.
For another story, see item 12 above in Top Stories
Information Technology Sector
24. December 6, The H – (International) BIND 9.9.2 closes IPv6 security hole. Updates for the current version, 9.9.2, and the older 9.8.4 version of the widely used, free BIND domain name system (DNS) server have now become available. They close a security hole that enabled attackers to crash the daemon. All versions of BIND that use the DNS64 option, which was introduced in version 9.8, are affected. The problem appears to have been caused by a flaw in the implementation of this option; the flaw allows attackers to crash the server with specially crafted requests. DNS64 enables IPv6 computers to communicate with IPv4 machines via an address translator (NAT64). The option is intended for recursive servers. Those who do not use it are not affected by the now corrected bug – everyone else should either disable DNS64 or install the new version. Source: http://www.h-online.com/security/news/item/BIND-9-9-2-closes-IPv6-security-hole-1763332.html
25. December 5, Help Net Security – (International) Exploit kit authors thrive due to PoC code released by whitehats. Having spent the last year following the development of the Blackhole exploit kit, a Sophos researcher says the last few exploits for zero-days added to it were all works of whitehat researchers who published their own exploit code online. In one particular case, the Blackhole author practically copy-pasted the published code into his exploit kit’s code. “The author of the Blackhole exploit kit seems to be more comfortable as a system integrator and Web application developer than anything else, and is far from being a hardcore vulnerability researcher,” he comments. Other researchers have noted a similar pattern. A little over a year ago, iSec Partners researchers analyzed the (at the time) top 15 exploit kits, and discovered that among the exploits they used - 13 in all - 3 were developed and used by attackers engaged in so-called advanced persistent threats (APTs), and 10 were developed by whitehats. Source: http://www.net-security.org/secworld.php?id=14069&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+HelpNetSecurity+(Help+Net+Security)&utm_content=Google+Reader
26. December 6, Hibbing Daily Tribune – (Minnesota) Fiber optic cut interrupts phone, Internet service. A cut fiber optic cable interrupted phone and Internet services for residents of Floodwood, Meadowlands, and Toivola exchanges December 4. A construction crew working in Independence, Minnesota, cut into the fiber optic cable owned by Frontier Communications, said the Frontier general manager of the northern Minnesota area. Frontier was notified of the situation and immediately dispatched crews who were able to get the service restored about 4 hours later. While they were working, customers in the affected area were able to dial within the exchange, but could not call outside of the exchange, he said. The company notified full-time police and fire stations in the affected area because those experiencing an emergency could still call directly to their police or fire station. People in the affected areas could not dial 9-1-1 because it is located outside the exchange. Source: http://www.hibbingmn.com/news/article_99362412-3f04-11e2-99c8-001a4bcf887a.html
Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Content and Suggestions: Send mail to firstname.lastname@example.org or contact the DHS Daily Report Team at (703)387-2314
Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.
Removal from Distribution List: Send mail to email@example.com.
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at firstname.lastname@example.org or (202) 282-9201.
To report cyber infrastructure incidents or to request information, please contact US-CERT at email@example.com or visit their Web page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.