Friday, May 3, 2013   

Complete DHS Daily Report for May 3, 2013

Daily Report

Top Stories

 • A stress test conducted on a Chevron pipeline that runs through Willard Bay State Park in Utah resulted in a failure. Operations were idled as authorities continue to investigate the pipeline that previously spilled fuel into the park and wetlands. – Salt Lake City Deseret News

1.               May 1, Salt Lake City Deseret News – (Utah) Pipeline at Willard Bay fails pressurization test. A stress test conducted April 29 on Chevron’s pipeline that runs adjacent to Interstate 15 at Willard Bay State Park resulted in a failure between Bear River and Ogden. Operations were idled as authorities continue to investigate Chevron and the 760-mile pipeline that previously spilled fuel into the park and wetlands. Source: http://www.deseretnews.com/article/865579293/Pipeline-at-Willard-Bay-fails-pressurization-test.html

 • A May 1 snow storm caused major highway travel disruptions and electricity outages throughout Colorado. – KCNC 4 Denver

12. May 1, KCNC 4 Denver – (Colorado; Wyoming) May Day storm causes major power outages, multiple accidents. A snow storm caused major travel disruptions on highways throughout Colorado, including Interstate 70, which had certain sections closed due to multiple accidents. The storm also caused power outages which affected close to 50,000 customers at different times. Source: http://denver.cbslocal.com/2013/05/01/may-day-storm-causes-major-power-outages-multiple-accidents/

 • Police arrested a married couple in connection with the theft of a fuel tanker and 3,600 gallons of gas from the National Guard Armory in Colleton County, South Carolina. – WCSC 5 Charleston

21. May 2, WCSC 5 Charleston – (South Carolina) Couple accused of stealing fuel tanker, 3k gallons of gas from armory. Police have arrested a married couple in connection with the theft of a fuel tanker and 3,600 gallons of gas from the National Guard Armory in Colleton County. Authorities linked the two to the theft following a search of 2 homes after investigators determined they stole the military fuel tanker and returned it to the armory without its fuel. Source: http://www.live5news.com/story/22134468/duo-accused-of-stealing-3k-gallsons-of-fuel-from-national-guard-armory

 • Unauthorized access to the National Inventory of Dams (NID) was given to a user in January, before being revoked, the U.S. Army Corps of Engineers said in a statement. – CSO Online

38. May 1, CSO Online – (International) Army Corps database on dams compromised. Unauthorized access to the National Inventory of Dams (NID) was given to a user in January, before being revoked, the U.S. Army Corps of Engineers said in a statement. The NID contains information on more than 8,000 U.S. dams. Source: http://www.networkworld.com/news/2013/050113-army-corps-database-on-dams-269330.html

Details

Banking and Finance Sector

8. May 1, WITN 7 Washington – (North Carolina) Man convicted in insurance fraud scheme. The second of four individuals charged with running a $5.3 million insurance fraud scheme in Lenoir County was convicted May 1. Source: http://www.witn.com/news/crime/headlines/Man-Convicted-In-Insurance-Fraud-Scheme-205590881.html

Information Technology Sector

30. May 2, The Register – (International) Java applet runs wild inside Notes. Researchers and IBM found that IBM’s Notes collaboration software can be compromised by sending html emails containing a Java applet or JavaScript, giving attackers access to user and company files. Source: http://www.theregister.co.uk/2013/05/02/java_runs_in_note_email/

31. May 2, The H – (International) Security holes in McAfee’s ePolicy Orchestrator. A McAfee security advisory warned that earlier versions of the company’s ePolicy Orchestrator are vulnerable to remote code execution and file path traversal. Source: http://www.h-online.com/security/news/item/Security-holes-in-McAfee-s-ePolicy-Orchestrator-1854555.html

32. May 2, IDG News Service – (International) D-Link publishes beta patches for IP camera flaws. D-Link published beta patches to address vulnerabilities in its IP surveillance cameras that could allow attackers to intercept video streams. Final versions of the patches will be available within a month. Source: http://www.computerworld.com/s/article/9238846/D_Link_publishes_beta_patches_for_IP_camera_flaws

33. May 1, Softpedia – (International) Avatar rootkit uses Yahoo Groups for C&C communications. Researchers at ESET posted an analysis of the Avatar rootkit. Among its features, it is able to communicate with command and control (C&C) servers using Yahoo Groups if other channels are not working. Source: http://news.softpedia.com/news/Avatar-Rootkit-Uses-Yahoo-Groups-for-C-C-Communications-350145.shtml

34. May 1, Computerworld – (International) Printers, routers used as bots in DDoS attacks. A report from Prolexic warned that various Internet-connected devices such as printers and IP cameras are being used in distributed denial of service (DDoS) attacks. Source: http://www.computerworld.com/s/article/9238833/Printers_routers_used_as_bots_in_DDoS_attacks

35. May 1, Softpedia – (International) Bitdefender experts identify new TDL malware variants. Researchers at Bitdefender found new variants of the often-undetected TDL malware designed to infect computers’ master boot records. Source: http://news.softpedia.com/news/Bitdefender-Experts-Identify-New-TDL-Malware-Variants-350177.shtml

Communications Sector

Nothing to report


Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport

Contact Information

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2314

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.

Removal from Distribution List:     Send mail to support@govdelivery.com.


Contact DHS

To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at  nicc@dhs.gov or (202) 282-9201.

To report cyber infrastructure incidents or to request information, please contact US-CERT at  soc@us-cert.gov or visit their Web page at  www.us-cert.go v.

Department of Homeland Security Disclaimer

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.