Friday, May 3, 2013
Complete DHS Daily Report for May 3, 2013
Daily Report
Top Stories
• A stress test conducted on a Chevron pipeline
that runs through Willard Bay State Park in Utah resulted in a failure.
Operations were idled as authorities continue to investigate the pipeline that
previously spilled fuel into the park and wetlands. – Salt Lake City Deseret
News
1.
May 1, Salt Lake City Deseret News – (Utah) Pipeline
at Willard Bay fails pressurization test. A stress test conducted April 29
on Chevron’s pipeline that runs adjacent to Interstate 15 at Willard Bay State
Park resulted in a failure between Bear River and Ogden. Operations were idled
as authorities continue to investigate Chevron and the 760-mile pipeline that
previously spilled fuel into the park and wetlands. Source: http://www.deseretnews.com/article/865579293/Pipeline-at-Willard-Bay-fails-pressurization-test.html
• A May 1 snow storm caused major highway
travel disruptions and electricity outages throughout Colorado. – KCNC 4
Denver
12.
May 1, KCNC 4 Denver – (Colorado;
Wyoming) May Day storm causes major power outages, multiple accidents. A
snow storm caused major travel disruptions on highways throughout Colorado,
including Interstate 70, which had certain sections closed due to multiple
accidents. The storm also caused power outages which affected close to 50,000
customers at different times. Source: http://denver.cbslocal.com/2013/05/01/may-day-storm-causes-major-power-outages-multiple-accidents/
• Police
arrested a married couple in connection with the theft of a fuel tanker and
3,600 gallons of gas from the National Guard Armory in Colleton County, South
Carolina. – WCSC 5 Charleston
21.
May 2, WCSC 5 Charleston – (South
Carolina) Couple accused of stealing fuel tanker, 3k gallons of gas from
armory. Police have arrested a married couple in connection with the theft
of a fuel tanker and 3,600 gallons of gas from the National Guard Armory in
Colleton County. Authorities linked the two to the theft following a search of
2 homes after investigators determined they stole the military fuel tanker and
returned it to the armory without its fuel. Source: http://www.live5news.com/story/22134468/duo-accused-of-stealing-3k-gallsons-of-fuel-from-national-guard-armory
• Unauthorized access to the National
Inventory of Dams (NID) was given to a user in January, before being revoked,
the U.S. Army Corps of Engineers said in a statement. – CSO Online
38.
May 1, CSO Online – (International) Army
Corps database on dams compromised. Unauthorized access to the National
Inventory of Dams (NID) was given to a user in January, before being revoked,
the U.S. Army Corps of Engineers said in a statement. The NID contains
information on more than 8,000 U.S. dams. Source: http://www.networkworld.com/news/2013/050113-army-corps-database-on-dams-269330.html
Details
Banking and Finance Sector
8. May 1, WITN 7 Washington – (North Carolina) Man
convicted in insurance fraud scheme. The second of four individuals charged
with running a $5.3 million insurance fraud scheme in Lenoir County was
convicted May 1. Source: http://www.witn.com/news/crime/headlines/Man-Convicted-In-Insurance-Fraud-Scheme-205590881.html
Information Technology Sector
30. May 2,
The Register – (International) Java applet runs wild inside Notes. Researchers
and IBM found that IBM’s Notes collaboration software can be compromised by
sending html emails containing a Java applet or JavaScript, giving attackers
access to user and company files. Source: http://www.theregister.co.uk/2013/05/02/java_runs_in_note_email/
31. May 2,
The H – (International) Security holes in McAfee’s ePolicy
Orchestrator. A McAfee security advisory warned that earlier versions of
the company’s ePolicy Orchestrator are vulnerable to remote code execution and
file path traversal. Source: http://www.h-online.com/security/news/item/Security-holes-in-McAfee-s-ePolicy-Orchestrator-1854555.html
32. May 2,
IDG News Service – (International) D-Link publishes beta patches for IP camera
flaws. D-Link published beta patches to address vulnerabilities in its IP
surveillance cameras that could allow attackers to intercept video streams.
Final versions of the patches will be available within a month. Source: http://www.computerworld.com/s/article/9238846/D_Link_publishes_beta_patches_for_IP_camera_flaws
33. May 1,
Softpedia – (International) Avatar rootkit uses Yahoo Groups for C&C
communications. Researchers at ESET posted an analysis of the Avatar
rootkit. Among its features, it is able to communicate with command and control
(C&C) servers using Yahoo Groups if other channels are not working. Source:
http://news.softpedia.com/news/Avatar-Rootkit-Uses-Yahoo-Groups-for-C-C-Communications-350145.shtml
34. May 1,
Computerworld – (International) Printers, routers used as bots in DDoS
attacks. A report from Prolexic warned that various Internet-connected
devices such as printers and IP cameras are being used in distributed denial of
service (DDoS) attacks. Source: http://www.computerworld.com/s/article/9238833/Printers_routers_used_as_bots_in_DDoS_attacks
35. May 1,
Softpedia – (International) Bitdefender experts identify new TDL malware
variants. Researchers at Bitdefender found new variants of the
often-undetected TDL malware designed to infect computers’ master boot records.
Source: http://news.softpedia.com/news/Bitdefender-Experts-Identify-New-TDL-Malware-Variants-350177.shtml
Communications Sector
Nothing to
report
Department of Homeland Security
(DHS)
DHS Daily Open Source Infrastructure Report Contact Information
About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday]
summary of open-source published
information
concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on
the
Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport
Contact Information
Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS
Daily Report Team at (703)387-2314
Subscribe to
the
Distribution List: Visit the
DHS Daily Open Source Infrastructure Report and follow
instructions to
Get e-mail updates when this information
changes.
Contact DHS
To report physical infrastructure incidents or to request information, please contact the National Infrastructure
To report cyber infrastructure incidents or to
request information,
please contact US-CERT at soc@us-cert.gov or visit their Web
page at www.us-cert.go v.
Department of Homeland Security Disclaimer
The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to
educate and
inform personnel engaged
in infrastructure protection. Further reproduction
or redistribution is subject to original copyright
restrictions. DHS provides no
warranty of ownership of the copyright,
or accuracy with respect to
the
original
source material.