Monday, February 25, 2013
Complete DHS Daily Report for February 25, 2013
Daily Report
Top Stories
• A major snowstorm affecting the Midwest
caused multiple business and school closures as well as cancelled flights as
some residents and travelers braced for up to 14 inches of snow. – FoxNews.com
8. February
22, FoxNews.com – (National) Major snow storm creates dangerous commute,
canceled flights in Midwest. A major snowstorm with heavy winds travelling
through the Midwest caused the cancellation of hundreds of flights and created
commuting woes for travelers. Numerous businesses and schools were closed as
some areas saw more than 14 inches of snow. Source: http://www.foxnews.com/weather/2013/02/22/major-snow-storm-promises-messy-dangerous-commute-in-midwest/
• Las
Vegas Boulevard was closed for most of February 21 after a drive-by shooting
resulted in a fiery crash, killing three individuals, and leaving several
others injured. – Associated Press
11.
February 22, Associated Press –
(Nevada) Las Vegas Strip shooting: Police search for gunman, SUV. Police
are searching for a black SUV involved in a drive-by shooting which triggered a
fiery crash that killed three and injured at least six others. Las Vegas
Boulevard remained closed for most of the day, leading to severe traffic.
Source: http://www.huffingtonpost.com/2013/02/22/las-vegas-strip-shooting-_n_2739522.html
• An FBI report was released aimed to deter
employee misbehavior by citing the misconduct, lewd behavior, and misuse of
government property of more than 1,000 employees over the course of 12 years. –
CNN
26.
February 22, CNN – (National) FBI
battling ‘rash of sexting’ among its employees. A report produced by the
FBI goes on to cite over 1,000 employees for misconduct, lewd behavior, and
inappropriate use of technology over the course of 2 years. The bureau hopes
the report will deter misbehavior in the future. Source: http://www.cnn.com/2013/02/21/us/fbi-misbehavior/index.html?hpt=hp_c1
• The Federal Communications Commission
released guidelines for wireless signal booster sales and use by more than two
million consumers in an effort to address interference with wireless carriers
and decreasing bandwidth from unlicensed devices. – Ars Technica See item 36 below in the Information Technology Sector
Details
Banking and Finance Sector
3. February 22, Marlboro-Colts Neck Patch – (New
Jersey) Colts Neck stock trader pleads guilty to $28 million securities
fraud. A New Jersey stock trader was indicted for securities fraud. The
stock broker who created fake loan agreements with corporations faces up to 25
years in prison. Source: http://marlboro-coltsneck.patch.com/articles/colts-neck-stock-trader-indicted-on-charges-of-28-million-securities-fraud
4. February 22, Associated Press – (Vermont) Dead
Vt. College official target in $440,000 theft. A former active president of
a Vermont college, accused of taking over $400,000 to pay down mortgages and
add to his personal banking account, was found dead with injuries in keeping
with a self-inflicted gunshot wound. Source: http://www.fox11online.com/dpp/news/national/Dead-Vt-college-official-target-in-440000-theft_96498353
5. February 21, Reuters – (New York) U.S.
charges adviser in fraud tied to microcaps, NY horse firm. Authorities
brought up criminal and civil fraud charges against a 73-year old investment
adviser after he invested $120 million of client funds in private or illiquid
companies for more than $3.35 million in fees and kickbacks. Source: http://articles.chicagotribune.com/2013-02-21/business/sns-rt-us-usa-crime-fraud-tagliaferribre91k191-20130221_1_criminal-charges-million-of-client-assets-client-money
6. February 21, Houston Business Journal – (Texas)
Former Houston execs get 10 years for securities fraud. A fraudulent
securities scheme which drew $30 million from investors, sold unregistered
securities falsely claimed to be backed by life insurance policies and death
benefits. Two executives of the company engaged in the scheme received 10 years
in prison for their role. Source: http://www.bizjournals.com/houston/news/2013/02/21/former-houston-execs-get-10-years-for.html
Information Technology Sector
30. February
22, H Security – (International) Certified online banking trojan in the wild. An
employee with Eset discovered trojans that could allow online banking access to
spyware by successfully passing superficial tests. The flawed certificate and
signature validations in question were produced by two companies that no longer
exist. Source: http://www.h-online.com/security/news/item/Certified-online-banking-trojan-in-the-wild-1808898.html
31. February
22, Help Net Security – (International) OAuth flaw allowed
researcher full access to any Facebook account. A researcher discovered a
flaw in Facebook’s OAuth system that allows a hacker to access a user’s
accounts and permits them to do anything within there. Facebook has since
patched the flaw, although the researcher claims several other flaws still
exist. Source: http://www.net-security.org/secworld.php?id=14468&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29
32. February
22, Softpedia – (Florida) Florida community-owned utility company JEA hit by
DDOS attack. A Jacksonville-based utility company, JEA had their Web site
hacked February 17 and notified customers that their information was safeguarded.
An external firm is conducting an investigation to target the source of the
attack. Source: http://news.softpedia.com/news/Florida-Community-Owned-Utility-Company-JEA-Hit-by-DDOS-Attack-331846.shtml
33. February
22, Threatpost – (International) Chrome 25 fixes nine high-risk
vulnerabilities. Google patched nine high-risk vulnerabilities in its
Chrome browser as well as 12 other flaws with their release of Chrome 25.
Source: http://threatpost.com/en_us/blogs/chrome-25-fixes-nine-high-risk-vulnerabilities-022213
34. February
22, H Security – (National) NBC.com hacked and served up malware. NBC.com
was the target of the malware scheme, where the hacker embedded iFrames into
the pages and infected the site as well as computers of those visiting the
site. NBC has since cleaned up the malware although reports show affiliated
sites were also affected. Source: http://www.h-online.com/security/news/item/NBC-com-hacked-and-served-up-malware-1808273.html
35. February 22, Help Net Security – (International) Zendesk
hack endangers Tumblr, Twitter, and Pinterest users. Zandesk announced
their system was hacked the week of February 22 and client information was
taken, but they immediately patched the vulnerability and shut off access to
the hacker. The company notified three of their customers of the breach who in
turn emailed their users as a precaution. Source: http://www.net-security.org/secworld.php?id=14467&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29
Communications Sector
36.
February 21, Ars Technica – (National)
FCC orders 2M people to power down cell phone signal boosters. The
Federal Communications Commission enacted rules governing the sale and
operation of devices used to improve cellular phone signals: wireless signal
boosters. The devices can cause interference with wireless carrier networks,
further complicating the need for more bandwidth without regulating these
devices. Source: http://arstechnica.com/information-technology/2013/02/fcc-orders-2m-people-to-power-down-cell-phone-signal-boosters/
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.