Friday, May 24, 2013   

Complete DHS Daily Report for May 24, 2013

Daily Report

Top Stories

 • A Mooresville, North Carolina fuel distribution company was the victim of an organized cyberheist in which thieves stole over $800,000 from the company’s payroll account. – Krebs on Security

1.               May 23, Krebs on Security – (North Carolina) NC fuel distributer hit by $800,000 cyberheist. J.T. Alexander & Sons Inc., a Mooresville-based fuel distribution company, was the victim of an organized cyberheist in which thieves stole over $800,000 from the company’s payroll account. The criminals began the theft May 1 by sending money in sub-$5,000 and sub-$10,000 chunks to money mules via automated clearing house (ACH) transfers. Source: http://krebsonsecurity.com/2013/05/nc-fuel-distributor-hit-by-800000-cyberheist/

 • DHS employees were notified of a vulnerability that may have led to personal information being accessible to unauthorized parties after a flaw was discovered on software used by a DHS vendor for processing personnel security investigations. – Help Net Security

21. May 23, Help Net Security – (National) DHS employees’ info possibly compromised due to system flaw. DHS employees were notified of a vulnerability that may have led to personal information being accessible to unauthorized parties after a flaw was discovered on software used by a DHS vendor for processing personnel security investigations. DHS assured the public there was no evidence the information was mishandled and vendor is working with them to mitigate all damages. Source: http://www.net-security.org/secworld.php?id=14953

 • Firefighters reached 15 percent containment on a 6,000 acre wildfire burning in the Coronado National Forest near Nogales May 22. – United Press International

23. May 22, United Press International – (Arizona) Nogales, Ariz., wildfire grows, only 15 percent contained. Firefighters reached 15 percent containment on a wildfire burning in the Coronado National Forest near Nogales May 22. The wildfire has burned through 6,000 acres as over 200 personnel worked to halt its growth. Source: http://www.upi.com/Top_News/US/2013/05/22/Nogales-Ariz-wildfire-grows-only-15-percent-contained/UPI-18651369257733/

• Four school buses were involved in an accident near North Webster, Indiana, leaving over 50 injured when one school bus ran into another causing a chain reaction crash. – Associated Press 

25. May 22, Associated Press – (Indiana) More than 50 injured in Indiana school bus crashes. Four school buses were involved in an accident near North Webster May 22, leaving over 50 injured when one school bus ran into another causing a chain reaction crash. The accident is still under investigation as officials inspected the buses for any mechanical problems. Source: http://www.hattiesburgamerican.com/viewart/20130522/NEWS01/130522049/More-than-50-injured-Indiana-school-bus-crashes

Details

Banking and Finance Sector

See item 1 above in Top News

Information Technology Sector

32. May 23, Help Net Security – (International) Google researcher reveals another Windows 0-day. A researcher at Google found and reported a zero day vulnerability affecting Windows 7 and 8 that can allow privilege escalation and arbitrary code execution, though it is not remotely exploitable. Source: http://www.net-security.org/secworld.php?id=14954

33. May 22, The Register – (International) Twitter locks down logins by adding two-factor authentication. Twitter added an optional two-factor authentication service for users after recent account takeover attacks by hacktivists. Source: http://www.theregister.co.uk/2013/05/22/twitter_adds_two_factor_authentication/

34. May 22, Threatpost – (International) Another Max OS X backdoor reported. Another instance of OS X spyware known as OSX/KitM.A or OSX/Filesteal was reported by German authorities. The spyware is signed by a valid Apple developer certificate that has since been revoked. Source: http://threatpost.com/another-mac-os-x-backdoor-reported/

See items 1 and 21 above in Top Stories

Communications Sector

35. May 23, WWLP 22 Springfield– (Massachusetts) Temporary outage for T-Mobile customers. An undisclosed issue caused T-Mobile customers in the West Springfield area to experience problems with voice and messaging services May 22. Source: http://www.wwlp.com/dpp/news/massachusetts/temporary-outage-for-t-mobile-customers

36. May 21, KOAA 5 Colorado Springs – (Colorado) District wide phone outage reported for Pueblo City Schools. Pueblo City Schools reported a telephone outage May 21 after a contractor severed a line effecting incoming and outgoing calls from all district buildings. Officials encouraged teachers and parents to communicate via email until service was restored and posted a list of contacts for each school. Source: http://www.koaa.com/news/district-wide-phone-outage-reported-for-pueblo-city-schools/

Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport

Contact Information

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2314

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.

Removal from Distribution List:     Send mail to support@govdelivery.com.


Contact DHS

To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at  nicc@dhs.gov or (202) 282-9201.

To report cyber infrastructure incidents or to request information, please contact US-CERT at  soc@us-cert.gov or visit their Web page at  www.us-cert.go v.

Department of Homeland Security Disclaimer

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.