Friday, May 31, 2013   

Complete DHS Daily Report for May 31, 2013

Daily Report

Top Stories

 • Police in Frierson, Louisiana are searching for three suspects in connection with the $1 million theft of copper wire from Trinidad Drilling Co. in a series of six separate incidents. – Alexandria Town Talk

1.               May 29, Alexandria Town Talk – (Louisiana) Police seek three suspects in Frierson million dollar copper theft. Police in Frierson are searching for three suspects in connection with the $1 million theft of copper wire from Trinidad Drilling Co. in a series of six separate incidents. Source: http://www.thetowntalk.com/article/20130529/NEWS01/130529017/Police-seek-three-suspects-Frierson-million-dollar-copper-wire-theft

 • A number one subway train derailed at 125th Street and Broadway in the Harlem neighborhood in New York City prompting authorities to spend several hours evacuating 400 passengers and attempting to remove the train. – WABC 7 New York

11. May 29, WABC 7 New York – (New York) 1 train derailed at 125th Street and Broadway. A number one subway train derailed at 125th Street and Broadway in the Harlem neighborhood in New York City prompting authorities to spend several hours evacuating 400 passengers and attempting to remove the train. Source: http://abclocal.go.com/wabc/story?section=resources/traffic&id=9120422

 • The U.S. Department of Agriculture is investigating how a non-approved strain of genetically engineered wheat ended up growing in an Oregon field as it could pose a threat to trade with  countries that have concerns about genetically modified foods. – Associated Press

19. May 29, Associated Press – (Oregon) Non-approved strain of genetically engineered wheat found in Oregon. The U.S. Department of Agriculture is investigating how a non-approved strain of genetically engineered wheat ended up in an Oregon field and whether there was any criminal wrongdoing and if the growth may be widespread. A potential growth in non-approved genetically engineered wheat could pose a threat to trade with countries that have concerns about genetically modified foods. Source: http://science.nbcnews.com/_news/2013/05/29/18590957-non-approved-strain-of-genetically-engineered-wheat-found-in-oregon?lite

 • A former U.S. Navy civilian employee pled guilty to leading a kickback scheme involving 5 others in which government contractors funneled millions of dollars back to him and other people. – Associated Press

35. May 29, Associated Press – (Georgia; Rhode Island) Former Navy employee admits to kickback scheme. A former U.S. Navy civilian employee changed his plea to guilty and admitted he led a kickback scheme involving 5 others in which government contractors funneled millions of dollars back to him and other people. The former Navy employee, his girlfriend, his father, and 3 executives with Advanced Solutions for Tomorrow took part in a plot to approve payments to the contractor and in return, receive kickbacks. Source: http://www.cbsnews.com/8301-201_162-57586697/former-navy-employee-admits-to-kickback-scheme/

Details

Banking and Finance Sector

7. May 30, The H – (International) PayPal vulnerability finally closed. PayPal closed a vulnerability reported by a student researcher that allowed the injection of arbitrary JavaScript code into the Web site, allowing attackers to collect users' access credentials. Source: http://www.h-online.com/security/news/item/PayPal-vulnerability-finally-closed-1873322.html

8. May 29, Washington Examiner – (Virginia) 11 guilty of massive real estate fraud. Eleven individuals pleaded guilty to running a real estate settlement alteration scheme that defrauded banks of several million dollars. Source: http://washingtonexaminer.com/11-guilty-of-massive-real-estate-fraud/article/2530726

9. May 29, SC Magazine – (International) "Beta Bot" marks the latest banking malware to hit the online underground. A researcher at RSA reported the discovery of a new financial and root access malware dubbed Beta Bot. The malware has been seen for sale on underground forums and appears to have been created by a skilled programmer. Source: http://www.scmagazine.com/beta-bot-marks-the-latest-banking-malware-to-hit-the-online-underground/article/295408/

10. May 29, IDG News Service – (International) Nasdaq settles US SEC charges for Facebook's IPO. Nasdaq agreed to pay $10 million to settle U.S. Securities and Exchange Commission charges that the exchange violated securities law in poorly handling Facebook's initial public offering in 2012. Source: http://www.networkworld.com/news/2013/052913-nasdaq-settles-us-sec-charges-270252.html

Information Technology Sector

42. May 30, The H – (International) Drupal.org compromised. Drupal.org's security team discovered unauthorized access that exposed user names, countries, emails, and hashed passwords. Drupal.org reset all user passwords and was continuing to investigate to find out if other kinds of user information were also exposed. Source: http://www.h-online.com/security/news/item/Drupal-org-compromised-1873388.html

43. May 30, Softpedia – (International) Kelihos botnet used for "Only 24 hours left to shop" pharma spam campaign. Cisco researchers discovered a pharmaceuticals spam campaign using the Kelihos botnet. The campaign sends out massive amounts of spam instead of trying to bypass spam filters, and the site linked to in the emails uses various means to track users. Source: http://news.softpedia.com/news/Kelihos-Botnet-Used-for-Only-24-Hours-Left-to-Shop-Pharma-Spam-Campaign-356997.shtml

For additional stories, see items 9 above in the Banking and Finance Sector and 34 below:

34. May 30, Softpedia – (Illinois) University of Illinois computer science department hacked, abused by cybercriminals. A Russian hacktivist group is believed to be behind a malware campaign that targeted several machines from the Department of Computer Science at the University of Illinois causing them to host malicious domains and IP addresses. The university was notified by a cyber expert that discovered the campaign. Source: http://news.softpedia.com/news/University-of-Illinois-Computer-Science-Department-Hacked-Abused-by-Cybercriminals-357135.shtml

Communications Sector

44. May 29, Bloomberg Bureau of National Affairs– (National) FCC: Company will pay $16 million over possible misuse of Federal Disability Fund. May 29, the Federal Communications Commission announced a settlement with Sorenson Communications Inc., a provider of internet-based telecommunications services for deaf and hard-of-hearing customers, of $15.75 million after an investigation into their use of the federal Telecommunications Relay Service Fund suggested the company used improper billing practices. Source: http://www.bna.com/fcc-company-pay-n17179874235/

45. May 29, Government Security News– (National) Cell phone carriers must notify customer if they can’t deliver a 911 emergency alert via text message. The Federal Communications Commission reported May 29 that the four largest commercial mobile radio service providers have agreed to send an instantaneous “bounce back” message to users when an emergency text message sent to 9-1-1 is not received by the intended emergency services. The rule which also will include providers of software applications will become effective June 28 and is part of the transition to Next Generation 911, permitting text-to-911 services. Source: http://www.gsnmagazine.com/node/29806?c=disaster_preparedness_emergency_response

46. May 29, WCIV 4 Charleston – (South Carolina) Comcast service restored for most of Lowcountry. A cut fiber line was the reported cause for an outage which affected Lowcountry-area businesses and individual customers of Comcast’s internet services for several hours May 29 before being mostly restored in the evening. Source : http://www.abcnews4.com/story/22451196/comcast-outage-has-lowcountry-residents-venting-on-social-media


Department of Homeland Security (DHS)
DHS Daily Open Source Infrastructure Report Contact Information

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday through Friday] summary of open-source published information concerning significant critical infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for ten days on the Department of Homeland Security Web site: http://www.dhs.gov/IPDailyReport

Contact Information

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS Daily Report Team at (703)387-2314

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow instructions to Get e-mail updates when this information changes.

Removal from Distribution List:     Send mail to support@govdelivery.com.


Contact DHS

To report physical infrastructure incidents or to request information, please contact the National Infrastructure
Coordinating Center at  nicc@dhs.gov or (202) 282-9201.

To report cyber infrastructure incidents or to request information, please contact US-CERT at  soc@us-cert.gov or visit their Web page at  www.us-cert.go v.

Department of Homeland Security Disclaimer

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source material.