Thursday, April 25, 2013   

Complete DHS Daily Report for April 25, 2013

Daily Report

Top Stories

 • A bogus tweet sent from a hacked Associated Press Twitter account caused the Dow Jones Industrial to drop more than 100 points during a 2 minute period. – Bloomberg News See item 5 below in the Banking and Finance Sector

 • Two large lift pumps at the Metropolitan St. Louis Sewer District treatment plant failed April 21, allowing 105 million gallons of untreated sewage to flow into the Mississippi River. – St. Louis Post-Dispatch

17. April 23, St. Louis Post-Dispatch – (Missouri) Millions of gallons of untreated sewage going into Mississippi after pump failure in St. Louis. Two out of three large lift pumps at the Metropolitan St. Louis Sewer District treatment plant failed April 21 after they were put into use due to high river levels, allowing 105 million gallons of untreated sewage to flow into the Mississippi River. Source: http://www.stltoday.com/news/local/metro/millions-of-gallons-of-untreated-sewage-going-into-mississippi-after/article_0de0ce19-6603-536a-b93b-75b9add341b7.html

 • Corrections officers at a Baltimore jail were charged with allegedly aiding the leaders of a gang run a criminal enterprise. – Washington Post

27. April 23, Washington Post – (Maryland) 13 corrections officers indicted in Md., accused of aiding gang’s drug scheme. Thirteen female corrections officer at a Baltimore jail were charged after authorities discovered they were allegedly aiding the leaders of a gang run their criminal enterprise in jail. The guards were among 25 defendants, including inmates and supplies, charged for smuggling in illegal items, racketeering, and drug conspiracy. Source: http://www.washingtonpost.com/local/thirteen-correctional-officers-indicted-in-maryland/2013/04/23/6d2cbc14-ac23-11e2-a8b9-2a63d75b5459_story_1.html

 • A suspect entered an apartment, killed five residents, and then led police on a chase that ended in a shootout resulting in the perpetrator’s death. – Fox News
34. April 24, Fox News – (Illinois) 5 dead in Illinois shooting; suspect dies after shootout with police. A suspect entered an apartment in Manchester, killing five residents and then leading police on a chase that ended in a shootout and the suspect’s death. Three nearby school districts canceled classes while the suspect was at large. Source: http://www.foxnews.com/us/2013/04/24/5-reportedly-dead-1-in-custody-in-winchester-ill-shooting/

Details

Banking and Finance Sector

5. April 23, Bloomberg News – (International) A fake AP tweet sinks the Dow for an instant. A fake tweet sent from a hacked Associated Press Twitter account caused the Dow Jones Industrial to drop more than 100 points during a 2 minute period before recovering quickly to previous levels. Source: http://www.businessweek.com/articles/2013-04-23/a-fake-ap-tweet-sinks-the-dow-for-an-instant

6. April 23, Reuters – (International) Cyber attack briefly shutters Charles Schwab website. A distributed denial of service (DDoS) attack against Charles Schwab Corp shut down the company’s Web site and mobile applications for around 2 hours April 23. Source: http://articles.chicagotribune.com/2013-04-23/business/sns-rt-us-schwab-websitebre93m1dv-20130423_1_website-denial-of-service-attack

7. April 22, The Hill – (National) IRS overpaid up to $13.6B in low-income tax credits, report finds. A report from the U.S. Department of the Treasury found that the Internal Revenue Service overpaid between $11.6 billion and $13.6 billion in Earned Income Tax Credit payments in the 2012 fiscal year. Source: http://thehill.com/blogs/regwatch/administration/295353-irs-overpaid-up-to-136b-in-low-income-tax-credits-report-finds

For another story, see item 32 below in the Information Technology Sector

Information Technology Sector

29. April 24, Softpedia – (International) Vernot trojan avoids detection using blogging platform for C&C communications. Researchers at Trend Micro found a new variant of the Vernot trojan, BKDR_VERNOT.B, which utilizes a blogging platform to disguise its command and control (C&C) traffic. Source: http://news.softpedia.com/news/Vernot-Trojan-Avoids-Detection-by-Using-Blogging-Platform-for-C-C-Communications-348123.shtml

30. April 24, Softpedia – (International) VideoLAN’s downloads section hit by DDoS attack. A distributed denial of service (DDoS) attack against the download infrastructure of VideoLAN began April 23 and continued into April 24, but did not down the site. Source: http://news.softpedia.com/news/VideoLAN-s-Downloads-Section-Hit-by-DDOS-Attack-4-24-2013-348040.shtml

31. April 23, Help Net Security – (International) Exploit for recently patched Java flaw added to CrimeBoss exploit kit. The popular CrimeBoss exploit kit was updated to include a Java exploit that was recently patched to allow the exploit kit to target unpatched systems. Source: http://www.net-security.org/secworld.php?id=14798

32. April 23, SC Magazine – (International) Latest Gozi trojan variant comes packaged with rootkit. The latest version of the Gozi banking malware now includes a difficult to extract rootkit that infects the master boot record (MBR) and injects itself into Internet Explorer upon launch to steal banking information. Source: http://www.scmagazine.com/latest-gozi-trojan-variant-comes-packaged-with-rootkit/article/289987/

33. April 23, Computerworld – (International) Microsoft re-releases ‘Blue Screen of Death’ patch. Microsoft reissued a patch that previously crashed some users’ systems and sent the PCs into an endless reboot cycle. Source: http://www.networkworld.com/news/2013/042313-microsoft-re-releases-39blue-screen-of-269033.html

For additional stories, see items 5 and 6 above in the Banking and Finance Sector

Communications Sector

Nothing to report


Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport

Contact Information

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2314

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.

Removal from Distribution List:     Send mail to support@govdelivery.com.


Contact DHS

To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at  nicc@dhs.gov or (202) 282-9201.

To report cyber infrastructure incidents or to request information, please contact US-CERT at  soc@us-cert.gov or visit their Web page at  www.us-cert.go v.

Department of Homeland Security Disclaimer

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.