Wednesday, April 17, 2013
Complete DHS Daily Report for April 17, 2013
Daily Report
Top Stories
• The
Schnucks supermarket chain announced details of a data breach where attackers
gained access to around 2.4 million customers’ credit and debit card
information via its systems and networks. – Help Net Security See
item 11 below in the Banking and Finance Sector
• A
bank robber known as the “Bully Bandit” was suspected in an April 13 robbery of
a Chase Bank branch in Chicago, his twelfth robbery. – WBBM 2 Chicago
See item 13 below in the Banking and Finance Sector
• A concrete-walled pit at a dairy operation
was fractured and sent about a million gallons of manure and water into 2 trout
streams before leaking into the Root River. – Minneapolis Star Tribune
29.
April 15, Minneapolis Star Tribune –
(Minnesota) Million-gallon cow manure spill fouls Root River tributaries. A
concrete-walled pit at a dairy operation was fractured and sent about a million
gallons of manure and water into 2 trout streams before leaking into the Root
River. The problems were compounded by cold, snowy weather and widespread
manure runoff problems in the farming counties. Source: http://www.startribune.com/local/203125981.html?source=error
• Two explosions during the Boston Marathon
killed 3 people and wounded over 140 impacting area businesses and tourism.
Multiple hotels were evacuated and closed, sections of the Massachusetts
Turnpike and the downtown area was cordoned off with businesses closed as
investigators from the FBI, and State and local authorities worked to identify
additional information surrounding the incident. – USA Today
40.
April 16, USA Today – (Massachusetts) Boston
visitors face disruptions after bomb blasts. Two explosions during the
Boston Marathon killed 3 people and wounded over 140 impacting area businesses
and tourism. Multiple hotels were evacuated and closed, sections of the
Massachusetts Turnpike and the downtown area was cordoned off with businesses
closed as investigators from the FBI, and State and local authorities worked to
identify additional information surrounding the incident. Source: http://www.usatoday.com/story/dispatches/2013/04/16/boston-marathon-bomb-copley-square-visitors/2087023/
Details
Banking and Finance Sector
11. April
16, Help Net Security – (National) 2.4M cards compromised in US
supermarket chain breach. The Schnucks supermarket chain announced details
of a data breach where attackers gained access to around 2.4 million customers’
credit and debit card information via its systems and networks. Seventy nine of
the chain’s 100 stores may have been compromised over 4 months. Source: http://www.net-security.org/secworld.php?id=14758
12. April
15, KLAS 8 Las Vegas – (Nevada) Louisiana lawyer convicted of Las Vegas mortgage
fraud. A New Orleans lawyer was convicted for participating in a mortgage
fraud scheme involving more than 220 properties in Las Vegas and cost financial
institutions $50 million. Source: http://www.8newsnow.com/story/21982472/louisiana-lawyer-convicted-of-las-vegas-mortgage-fraud
13. April
15, WBBM 2 Chicago – (Illinois) ‘Bully Bandit’ suspected of 12th bank robbery. A
bank robber known as the “Bully Bandit” was suspected in an April 13 robbery of
a Chase Bank branch in Chicago, his twelfth robbery. Source: http://chicago.cbslocal.com/2013/04/15/bully-bandit-suspected-of-12th-bank-robbery/
14. April
15, Associated Press – (Arizona) Border officers seize fraudulent credit cards at
Nogales crossing. A Mexican national was found in possession of two
packages containing a total of 79 fraudulent credit cards during a U.S. Customs
and Border Protection check of a tourist bus in Nogales April 15. Source: http://azstarnet.com/news/local/border/border-officers-seize-fraudulent-credit-cards-at-nogales-crossing/article_d878f974-a61a-11e2-9950-001a4bcf887a.html
15. April
15, Reuters – (National) Trader admits fraud in $1 billion Apple stock
scheme. A former trader for Rochdale Securities pleaded guilty to wire
fraud and conspiracy for buying 1.625 million in Apple stock shares in 2012
under false pretenses, which led the company to take a $5.3 million loss that
caused the company to go out of business. Source: http://www.reuters.com/article/2013/04/15/us-crime-rochdale-apple-plea-idUSBRE93E11I20130415
16. April
15, Bloomberg News – (National) John Thomas’s CEO accused by Finra of fraud. The
Financial Industry Regulatory Authority filed a complaint against the CEO of
John Thomas Financial Inc. for allegedly defrauding customers and threatening
his employees. Source: http://www.businessweek.com/news/2013-04-15/john-thomas-s-ceo-accused-by-finra-of-fraud-broker-threats
17. April
12, The Globe and Mail – (International) Brokerage regulator
‘deeply regrets’ loss of device with client data. The Investment Industry
Regulatory Organization of Canada (IIROC) reported that an employee lost a
portable device containing the personal information of around 52,000 brokerage
firm clients from 32 firms. IIROC notified the affected firms and arranged for
credit protection services. Source: http://www.theglobeandmail.com/report-on-business/securities-regulator-says-deeply-regrets-loss-of-device-with-client-data/article11135687/
For
another story, see item 37 below in the Information
Technology Sector
Information Technology Sector
34. April
16, The H – (International) Attackers gain access to Linode customer
data. Hosting company Linode provided details of an attack on its servers,
stating that attackers gained access to one of its Web servers as well as part
of its backend code and customer database. Source: http://www.h-online.com/security/news/item/Attackers-gain-access-to-Linode-customer-data-1842777.html
35. April
16, IDG News Service – (International) Symantec report finds small businesses
battered by cybercrime. Symantec’s Internet Security Threat Report 2013
found that small businesses are increasingly the targets of cyberattacks due to
typically less-secure systems and to serve as a foothold for access to larger
companies’ systems. Source: http://www.networkworld.com/news/2013/041613-symantec-report-finds-small-businesses-268746.html
36. April 15, Softpedia – (International) Trojan
downloader Nenim deletes components to prevent analysis. Microsoft Malware
Protection Center researchers found and analyzed a trojan known as
TrojanDownloader:Win32/Nenim.gen!A that downloads two components used to infect
other devices and steal passwords, then deletes the components in a way that
makes them unrecoverable, preventing analysis. Source: http://news.softpedia.com/news/Trojan-Downloader-Nenim-Deletes-Components-to-Prevent-Analysis-345383.shtml
37. April 15, Softpedia – (International) Several
hacktivist groups to join forces for OpUSA on May 7. Several hacktivist
groups that took part in attacks on Israeli Web sites under the name OpIsrael
announced their intentions to target the U.S. with cyberattacks May 7. Source: http://news.softpedia.com/news/Several-Hacktivist-Groups-to-Join-Forces-for-OpUSA-on-May-7-345566.shtml
38. April 15, Threatpost – (International) Google fixes
three high-risk flaws in Chrome OS. Google announced fixes for four
vulnerabilities in its Chrome OS that could have been used for code execution.
Source: http://threatpost.com/en_us/blogs/google-fixes-three-high-risk-flaws-chrome-os-041513
Communications Sector
39.
April 12, KSPR 33 Springfield –
(Missouri) AT&T debuts new alarm system to protect against copper theft.
AT&T began using a new alarm system which conducts random checks of
lines throughout the network to identify signal cuts and alert police to
possible copper theft. The telecommunications company will install the alarm
system in rural areas where copper thieves strike most. Source: http://articles.kspr.com/2013-04-12/new-alarm-system_38498998
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.