Wednesday, January 16, 2013
Daily Report
Top Stories
• Recently, malware
attacks at two energy companies infiltrated critical networks, highlighting
the need for companies to adhere to best practices in protecting their networks
from cyber attacks. A report from the Industrial Control Systems Cyber
Emergency Response Team suggested cleaning USB drives after each use,
maintaining system backups, and other methods as a way to mitigate threats
against industrial control systems. – Threatpost
1.
January 14, Threatpost – (National) Malware
infects two power plants lacking basic security controls. Recently, malware
attacks at two energy companies infiltrated critical networks, highlighting the
need for companies to adhere to best practices in protecting their networks
from cyber attacks. A report from the Industrial Control Systems Cyber
Emergency Response Team suggested cleaning USB drives after each use,
maintaining system backups, and other methods as a way to mitigate threats
against industrial control systems. Source: http://threatpost.com/en_us/blogs/malware-infects-two-power-plants-lacking-basic-security-controls-011413
• Two illegal
immigrants from Romania were arrested in Englewood for allegedly running an ATM
skimming operation that stole more than $1 million from customers' accounts. – Bergen
County Record See
item 5 below in the Banking and Finance Sector
• A water treatment
plant in Jefferson County experienced a major mechanical failure over the
January 12 weekend that allowed 95 million gallons of wastewater mixed with
storm water to flood the area. – Louisville Courier Journal
13. January 14, Louisville
Courier Journal –
(Kentucky) 95 million gallons of storm and wastewater spill into Louisville
creeks after treatment plant failure. A water treatment plant in Jefferson
County experienced a major mechanical failure over the January 12 weekend that
allowed 95 million gallons of wastewater mixed with storm water to flood the
area. Source: http://www.courier-journal.com/article/20130114/NEWS01/301140051/95-million-gallons-storm-wastewater-spill-into-Louisville-creeks-after-treatment-plant-failure
• The Whites Creek
school remained closed January 15 after a carbon monoxide leak January 14 sent
40 students to the hospital. – WTVF 5 Nashville
19.
January 15, WTVF 5 Nashville –
(Tennessee) Drexel Academy students treated for carbon monoxide poisoning. The
Whites Creek school remained closed January 15 after a carbon monoxide leak
January 14 sent 40 students to the hospital. Source: http://www.newschannel5.com/story/20585401/drexel-academy-student-treated-for-carbon-monoxide-poisoning
Details
Banking and Finance Sector
2. January 15, Las Vegas Sun
– (Nevada) Las
Vegas lawyer pleads to mortgage fraud scheme in valley. A Las Vegas lawyer
entered a guilty plea for charges relating to his role in a mortgage fraud
scheme that defrauded lending institutions of $30 million. Source: http://www.lasvegassun.com/news/2013/jan/14/las-vegas-lawyer-pleads-mortgage-fraud-scheme/
3. January 15, Palm Harbor
Patch – (Florida) Palm
Harbor 'Bank Bag Bandit' pleads guilty. The man known as the "Bank Bag
Bandit" pleaded guilty the week of January 7 to five armed robberies in
three Florida counties. Source: http://palmharbor.patch.com/articles/palm-harbor-bank-bag-bandit-pleads-guilty
4. January 14, Bloomberg
News – (National) JPMorgan
ordered to fix controls, pay practices after Whale bet. The Federal Reserve
and the Office of the Comptroller of the Currency ordered JPMorgan Chase &
Co. to increase its trading oversight and use better anti-money laundering
practices after significant deficiencies in risk management were cited by
regulators. Source: http://www.businessweek.com/news/2013-01-14/jpmorgan-s-whale-trade-subject-of-occ-order-to-fix-risk-controls
5. January 14, Bergen County
Record – (New Jersey)
Two men, natives of Romania, are arrested in ATM scam that netted more than
$1 million. Two illegal immigrants from Romania were arrested in Englewood
for allegedly running an ATM skimming operation that stole more than $1 million
from customers' accounts. Source: http://www.northjersey.com/englewood/Two_men_natives_of_Romania_are_arrested_in_ATM_scam_that_netted_more_than_1_million.html
Information Technology
23. January 15, Help Net
Security –
(International) Waledac botmasters use Virut malware to build a new botnet. The
botmasters behind the Waledac (also known as Kelihos) botnet have been found by
Symantec researchers to be infecting computers by using the Virut botnet in an
attempt to rebuild their own botnet. W32.Waledac.D infections have risen,
mostly on computers in the U.S. Source: http://www.net-security.org/malware_news.php?id=2376&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+HelpNetSecurity+(Help+Net+Security)&utm_content=Google+Reader
24. January 15, Softpedia – (International) Red October cyber
espionage campaign relied on Java exploit to infect computers. Researchers
at Seculert analyzed the recently-discovered 'Red October' cyber espionage
campaign and found that it had also utilized a Java vulnerability to
disseminate malware. Source: http://news.softpedia.com/news/Red-October-Cyber-Espionage-Campaign-Relied-on-Java-Exploit-to-Infect-Computers-321319.shtml
25. January 14, Krebs on
Security –
(International) Microsoft issues fix for zero-day IE flaw. Microsoft
released an emergency out-of-band security update to close a critical security
vulnerability in Internet Explorer versions 6, 7, and 8 that was recently used
in targeted attacks. Source: http://krebsonsecurity.com/2013/01/microsoft-issues-fix-for-zero-day-ie-flaw/
Communications Sector
Nothing to
report.